Networks for Health Information

Networksfor

HealthInformation

nformation technology can be used to automate many ad-ministrative processes in the health care system, includingtransactions between those who provide health care servicesand those who pay for them. The general term electronic

commerce is used in the chapter to describe the automation ofbusiness transactions and the direct computer-to-computer ex-change of information, business documents, and money.

This chapter examines electronic communications betweenproviders and payers (including interactions with electronic med-ical claims companies, value-added networks, clearinghouses,and others that facilitate this communication). It also discusseselectronic commerce between health care providers and medical/surgical manufacturers and distributors, as well as between phar-macies and both pharmaceutical distributors and claims payers.The role of communication networks in facilitating the exchangeof health information among health care providers, payers, andothers on a community-wide or regional basis is examined. Fig-ure 3-1 illustrates some of the directions in which informationneeds to be exchanged, or transactions need to be effected, amongthe various components of the health care delivery system.

Electronic communications can free administrative informa-tion from paper, allow it to be processed automatically (withouthuman intervention), and permit it to be readily reused for a num-ber of related purposes. In many cases, it appears that electroniccommerce can provide some cost savings to health care systemparticipants and to the system as a whole. Realizing those savingsrequires investment in equipment and training, as well as indus-trywide agreement on and compliance with standards for the for-mat and content of messages. The chapter reviews some of theresearch on costs and cost-effectiveness of various uses of elec- | 79

80 | Bringing Health Care Online: The Role of Information Technologies

FIGURE 3-1: Health Care Industry Trading Relationships

�� &�� "�� '��#�� "�� $�"$��%�� $ �� !��

tronic commerce and regional networks in healthcare. In addition, it outlines some of the overarch-ing issues that affect the adoption of the technolo-gy by participants—industry fragmentation, theslow development of standards, the fragmentedregulatory and policy environment, as well as con-cerns about privacy, confidentiality, and securityof health information in a networked environ-ment.

ADMINISTRATIVE SIMPLIFICATIONAdministrative simplification has come to meanstreamlining and standardizing the transactionsbetween health care providers and payers to re-duce costs. The administrative costs of providinghealth care have been estimated at between $108billion and $135.1 billion per year in 1991,1 or be-tween 12 and 15 percent of the health care bill. Es-

1 Lewin-VHI, “Reducing Administrative Costs in a Pluralistic Delivery System Through Automation,” prepared by A. Dobson and M.

Bergheiser for the Healthcare Financial Management Association, Apr. 30, 1993.

Chapter 3 Networks for Health Information | 81

timates of annual savings that could be realizedthrough increased use of information technologyto streamline administrative functions haveranged from $5 billion to $36 billion,2 or enoughto reduce administrative costs between 0.5 and 3.6percent.

Administrative simplification generally meansnot only standardizing forms, procedures, and in-formation requirements, but also moving to elec-tronic technologies from paper-based transactionsand recordkeeping. This chapter will review someof the technological, legal, and economic issuesinvolved in administrative simplification. It alsodiscusses more generally the concept of “electron-ic commerce,” the exchange of business informa-tion and money through computer networks, andspecific tools for electronic commerce such aselectronic data interchange (EDI). (See boxes 3-1and 3-2.)

In the traditional “fee-for-service” health caredelivery system, the health care provider performsservices for the patient and then submits a bill tothe patient. If the patient is insured, either the pro-vider or the patient will submit a claim to the payer(insurer) to reimburse the patient or to pay the pro-vider directly on the patient’s behalf. The informa-tion exchanged between care providers and payers(insurers) can be very complex. The informationthat a payer requires a health care provider to fur-nish in order to get a claim paid depends not onlyon the payer’s policies, but on the laws of thestates in which the payer, provider, and patient arelocated. In addition, because many patients arecovered by more than one insurance plan, theremay be secondary or tertiary payers involved inpaying a single bill. From the provider’s point ofview, getting that bill paid may be quite burden-some. The various payers may not only requiredifferent information, in different forms, but may

also require the provider to furnish informationabout the other payers in order to coordinate bene-fits for the patient.

Several studies of health care administrativecosts have suggested that the large number of dif-ferent payer institutions (over 6,000) and the vari-ety of formats in which they request claiminformation are factors in making the cost ofhealth care administration much higher for theUnited States than for other industrialized coun-tries.3 A government-mandated change to asingle-payer system might reduce these costs, butsuch an action appears unlikely. Administrativesimplification, through the introduction of elec-tronic transactions and through standardization oftransactions and processes, may offer a way toachieve more modest savings.

Many managed care companies now performthe functions of both payer and provider. How-ever, this does not necessarily reduce the numberof transactions or ensure that administrative sim-plification will be achieved simply by enrollingmost of the population in health maintenance or-ganizations (HMOs) or other managed care sys-tems.4 While some interorganizational transac-tions are eliminated, they are often replaced byanalogous exchanges of information within themanaged care company. In addition, managedcare organizations are “information hungry” andare creating new management information ex-changes between their “provider” and “payer”components.

In some HMOs, where patients are served onlyby providers employed by the HMO and where allfinancial risks (the insurance functions) are as-sumed by the HMO itself, there is usually littleneed to submit claims to payers, except for occa-sional referrals to outside specialists. However,managed care is coming to have forms. Managed

2 Project HOPE Center for Health Affairs, Bethesda, MD, “Estimating the Cost-Effectiveness of Selected Information Technology Applica-

tions,” unpublished contractor report prepared for the Office of Technology Assessment, U.S. Congress, Washington, DC, March 1995.

3 U.S. Congress, Office of Technology Assessment, International Comparisons of Administrative Costs in Health Care, OTA-BP-H-135

(Washington, DC: U.S. Government Printing Office, spring 1994).

4 For more description of managed care, see box 1.1.


BOX 3-1: EDI and Electronic Commerce

�/)'7521-'� �%7%� �17)5',%1+)� �� -6� ()*-1)(� %6� 7,)� %33/-'%7-21?72?%33/-'%7-21� -17)5',%1+)� 2*� &86-?

1)66� (%7%� &)7:))1� 25+%1-=%7-216� 86-1+� %� 67%1(%5(� (%7%� *250%7�� '20387)5� �� -6� %� 62*7:%5)

6<67)0� 7,%7� 3)5*2506� :25.�� 1*250%7-21� -6� 5287)(� 7,528+,� 7)/)'20081-'%7-216� 1)7:25.6�� 5)')-9)(� &<� %1

25+%1-=%7-21�6� �� 6<67)0�� %1(� 352')66)(� &<� -76� '20387)5� %33/-'%7-216@%//� :-7,287� ,80%1� -17)59)17-21�

)(81(%17� (%7%� )175<� -6� 7,86� )/-0-1%7)(�� :,-',� -1'5)%6)6� 7,)� %''85%'<� 2*� -1*250%7-21� %1(� 5)(8')6� %(?

0-1-675%7-9)� '2676�

�5+%1-=%7-216� (2-1+� &86-1)66� :-7,� 21)� %127,)5� %5)� '%//)(� �� 203%1-)6� ,%9)� 86)(

�� 72� 5)(8')� 7,)� '2676� 2*� );',%1+-1+� %1(� 352')66-1+� (2'80)176� *25� 025)� 7,%1� � <)%56�� 1� 7,)� /%67

6)9)5%/� <)%56�� ,2:)9)5�� '203%1-)6� %1(� '2168/7%176� ,%9)� 3/%')(� �� -172� %� /%5+)5� '217);7� '%//)(� ��

��

�/)'7521-'� '200)5')� -6� %� 0%1%+)0)17� '21')37� -1� :,-',� %//� -1*250%7-21� */2:6� &)7:))1� %1(� :-7,-1

25+%1-=%7-216� 7,528+,� 1)7:25.)(� '20387)5� 6<67)06�� $25.� '%1� &)� (21)� -1� :%<6� 7,%7� (-**)5� *520� %� 3%3)5?

&%6)(� 6<67)0�� 1� )/)'7521-'� '200)5')�� *25� -167%1')�� %� 352')66� 0%()� 83� 2*� (-6'5)7)� 7%6.6� 0%<� &)� 3)5?

*250)(� %6� %� 6)5-)6� 2*� 3%5%//)/� 7%6.6�� 1/<� 21)� 3)5621� '%1� :25.� 21� %� 3%3)5� (2'80)17� %7� %� 7-0)�� $,)1

7,)� -1*250%7-21� '217%-1)(� 21� 7,%7� (2'80)17� -6� *5))(� *520� 7,)� '21675%-176� 2*� 3%3)5� %1(� -1.� %1(� -6� %9%-/?

%&/)� -1� )/)'7521-'� *250�� 6)9)5%/� 3)23/)� '%1� %'')66�� 86)�� %1(� 75%16*250� 7,)� -1*250%7-21� %7� 7,)� 6%0)

7-0)�

�� -6� 127� %� '21')37� /-.)� )/)'7521-'� '200)5')�� -7� -6� %� 7)',12/2+<� '216-67-1+� 2*� 58/)6� %1(� 67%1(%5(6

352+5%00)(� -172� '20387)56�� 1)� '28/(� 6%<� 7,%7� �� -6� 72� )/)'7521-'� '200)5')� %6� 67%7-67-'%/� 352')66

'21752/� -6� 72� 727%/� 48%/-7<� 0%1%+)0)17�� 7,%7� -6�� -6� 21)� 2*� 7,)� 722/6� 5)48-5)(� 72� 387� 7,)� 0%1%+)0)17

'21')37� 2*� )/)'7521-'� '200)5')� -172� %'7-21�

!7%1(%5(-=%7-21� -6� 7,)� .)<� 72� �� 20387)56� '%1127� 352')66� 7,)� -1*250%7-21� 7,%7� 029)6� &)7:))1

25+%1-=%7-216� )/)'7521-'%//<� 81/)66� -7� -6� )1'2()(� -1� %� 0%11)5� 7,%7� 7,)� '20387)56� %7� &27,� 25+%1-=%7-216

'%1� 5)'2+1-=)�� 1� 27,)5� :25(6�� &27,� '20387)56� 0867� &)� %&/)� 72� �� 1� /-1+8-67-'

7)506�� 7,)<� 0867� *2//2:� 67%1(%5(� 86%+)�� 3529-()6� %� 6)7� 2*� 58/)6�� +5%00%5�� %1(� 6<17%;� 7,%7� *2506� 7,)

&%6-6� 2*� 67%1(%5(� 86%+)� -1� 7,)� )/)'7521-'� );',%1+)� 2*� &86-1)66� (%7%�� -6� &27,� 7,)� 0)%16� %1(� 7,)

/%1+8%+)� 7,%7� '20387)56� 86)� 72� >7%/.� &86-1)66��

!�# �� %15-+,7�� >�/)'7521-'� �200)5')� %1(� �)7:25.-1+� -1� �)%/7,� �%5)�� 8138&/-6,)(� '2175%'725� 5)3257� 35)3%5)(� *25� 7,)� �**-')

2*� ")',12/2+<� �66)660)17�� #�!�� 21+5)66�� $%6,-1+721�� %1��

______________� �� %15-+,7�� >",)� �52&/)0� 2*� �%7%� �%33-1+�� 92/�� 2�� 81)� �� 3�� )5621�� !5�� >�17)59-):� :-7,� �%37%-1� �58')� �)11)77�� #!�� ;)'87-9)� �+)17� *25� �/)'7521-'� �200)5')�� #1-7)(� !7%7)6� �)3%57?

0)17� 2*� �)*)16)�� 92/�� 2�� 3��

�� $�� 2772�� >�� !7%1(%5(6�� -6725-'%/� �)563)'7-9)�� 92/�� 2�� 3�� .

care organizations can have a variety of relation-ships with providers (e.g., they may be em-ployees, or they may accept patients underexclusive or nonexclusive contracts). They mayalso have a variety of relations with payers, as-suming some financial risk internally, while stillsubmitting claims to other payers. Thus, these or-ganizational arrangements still involve transac-tions between provider and insurer organizations.

Managed care organizations also exchange ad-ministrative or clinical information internally andwith their contract providers. In order to be profit-able under flat-rate capitated contracts, managedcare organizations must reduce duplicativeservices and manage each patient’s utilization ofservices. This means that each clinician in the sys-tem who encounters a patient should ideally haveaccess to a fairly complete medical record in order


BOX 3-2: What is a Value-Added Network?

��&/ 5�� ( .1),%-� �� -�� , � .# � ' �(-� ')-.� �)'*�($ -� /- � .)� 2�#�(" � & �.,)($�� .�� $(. ,5

�#�(" � �� .,�(-��.$)(-�� -� �, � .# � & �.,)($�� +/$0�& (.� )!� �� *��%�" � � &$0 ,3� - ,0$� �� .# ,

.#�(� '�% � �� $, �.� �)'*/. ,� �)(( �.$)(� 1$.#� .,��$("� *�,.( ,-�� )'*�($ -� - (�� .# $,� ��.�� .)� �� .

, � $0 -� �� )!� �� .,�(-��.$)(-6, *, - (.$("� '�(3� .3* -� )!� �/-$( --� �)�/' (.-� �(�� )/(�� !),

'�(3� �$!! , (.� .,��$("� *�,.( ,-6�(�� ,)/. -� .# � $(�$0$�/�&� .,�(-��.$)(-� .)� .# � �**,)*,$�. � .,��$("� *�,.5

( ,�-� & �.,)($�� '�$&�)2�� # (� .# � .,��$("� *�,.( ,� �)(( �.-� 1$.#� .# � ( .1),%�� .# � �� .,�(-��.$)(-� �,

.,�(-'$.. �� .)� $.-� �)'*/. ,�� -� '�% � �� -$ ,� � ��/- � .# 3� &$'$(�. � .# � -�# �/&$("� *,)�& '-

.#�.� �,$- � 1# (� '�%$("� �$, �.� �)'*/. ,� �)(( �.$)(-�� # 3� ��(� �&-)� � � '), � - �/, � .#�(� �$, �.� �)'5

*/. ,� �)(( �.$)(-� � ��/- � .,��$("� *�,.( ,-� �, � $-)&�. �� !,)'� ��#� ).# ,�-� -3-. '-�

�� (,$"#.�� 4�& �.,)($�� )'' ,� � �(�� .1),%$("� $(� � �&.#� ��, �� /(*/�&$-# �� )(.,��.),� , *),.� *, *�, �� !),� .# � �!!$�

)!� � �#()&)"3� -- --' (.�� )(", --�� -#$(".)(� �� (��

to know what has been done by others. It alsomeans that management should know what re-sources are expended on that patient, even whenthere is no need to actually generate a bill. Manymanaged care organizations are finding the needfor “encounter reports” that contain much of thesame information that is currently included in in-surance claim forms in a fee-for-service system.While the encounter report could be considered aninternal communication within the managed carecompany, in some cases delivering it will takevery much the same technology and pose many ofthe same problems as the delivery of claim in-formation between a provider and payer.

ADMINISTRATIVE ACTIVITIES IN HEALTHCAREAdministrative activities related to health care oc-cur at all levels of the health care system, includ-ing health care providers, payers, and local, state,and federal government agencies. These activitiesinclude:

� Health care providers (individual and institu-tional): Calculating bills and billing payers;transmitting records to outside providers orpayers; internal financial management; regula-tory compliance; utilization review; quality as-

surance; and acquisition, distribution, andstorage of equipment and supplies.

� Payers: Claims processing; coordinating bene-fits with other payers; claims payment; manag-ing plan enrollment and eligibility; statisticalanalyses and quality assurance; and regulatorycompliance.

� Employers and other large purchasers ofhealth care services: Comparing and selectingplans; and managing enrollment of employeesor members.

� Consumers (patients): Submitting claims;tracking eligible expenses; and paying copay-ments and uncovered bills.

� Government agencies: All of the above activi-ties in roles as providers, payers, and employ-ers; data collection for vital statistics; healthcare financing data; and regulatory oversight.

A fuller description of administrative activitiesand costs is available in a previous Office of Tech-nology Assessment report, International Com-parisons of Administrative Costs in Health Care.5

PROVIDER ADMINISTRATIVE ACTIVITIESMany information exchanges that take place with-in a single provider’s organization (e.g., admis-sion-discharge-transfer messages or billing

5 Office of Technology Assessment, op. cit., footnote 3.


information) are automated. Use of the HealthLevel 7 (HL7) standard, discussed in chapter 2,which is used for exchange of clinical informa-tion, is also growing for administrative and patientmanagement information. Most vendors of bothadministrative and clinical information systemsare supporting the HL7 standard. Use of comput-ers in administration and patient management isnot limited to hospitals or large clinics. Althoughmany doctors’ offices still rely on paper patient re-cords and billing systems, a growing number arecomputerizing at least some of their business andadministrative functions. Computerized practicemanagement systems (PMSs) automate functionssuch as accounts receivable, insurance, billing,and appointments; they also record the patient’sdiagnoses, procedures, medical history, and finan-cial history. PMSs offer a wide range of function-ality and very little standardization; some systemswere developed on an ad hoc basis by their usersand others were purchased from one of more than400 vendors. Some PMSs also help physiciansdeal with the complexities of managed care con-tracts, for example, by maintaining member lists,posting capitation payments from plans, trackingthe number of visits or services provided for eachpatient, and providing reports on the profitabilityof the relationship with each plan.

Typically, providers only have informationabout their own contribution to a patient’s care—for example, hospitals maintain records of inpa-tient stays and doctors’ offices keep track of officevisits. But to manage patients’ use of resources ef-fectively, managed care organizations want totrack patient care over several years and integratedifferent services that were performed at variouslocations. Integration of financial and clinical in-formation is also important to managed care.6

Integrated Delivery Systems (IDSs) are emerg-ing to meet the need of health care organizations todeliver a full range of health care services to theircovered populations. An IDS, either through own-

ership, partnership, joint venture, strategic al-liance, or contract, brings together hospitals,ambulatory care facilities, affiliated physicians’offices, nursing homes, home care services, labo-ratories, wellness programs, and so on. IDSs havebeen springing up rapidly as managed care com-panies position themselves to compete; the resultis a conglomeration of provider organizationswith different levels and types of automation anduses of information technology. Some IDSs aremaking the investments needed to develop “enter-prise-wide” information systems to allow ex-change of clinical and administrative informationamong their various components.

Health care providers perform a variety of ad-ministrative activities associated with each ad-mission, visit, or episode of care. These activitiesbegin well before the face-to-face encounter withthe patient and last long after the patient has leftthe institution or professional’s office. Preadmis-sion and preregistration cover a variety of logisti-cal, clinical, and financial activities, includingeligibility confirmations, certifications, and au-thorizations for care, which generally requirecommunication with the patient’s payer.

EXCHANGING INFORMATION BETWEENPROVIDERS AND PAYERSDuring the course of treatment or admission, addi-tional transactions flow between the provider andpayer or care manager, including reauthorizations,recertifications, interim billing, and a variety ofreview activities. Due to the limits on some healthcare coverage, the provider might also have toredo the eligibility function as well. Figure 3-2 il-lustrates some of the information flows betweenpayer and provider at various stages in the proc-ess.7

At some point during or after treatment, theprovider will issue a bill and/or a claim. Copies ofthe bill might go to the patient, as well as to one or

6 D. S. Kolb and J. L. Horowitz, “Managing the Transition to Capitation,” Healthcare Financial Management, February 1995.7 The following description of administrative information exchanges is based on information from D. Rode, immediate past co-chairman,

ASC X12 Insurance Subcommittee, Healthcare Task Group, personal communication, May 12, 1995.


FIGURE 3-2: Payment-Related Transactions

�� #&�� $" � �� "�� ) �� "��%� �"&�!&�� "$� �'&&�!�� (��%� �$"��%%�!�� "%&%��

��$�� #��

more payers. When more than one payer is in-volved, the provider may send a bill to all partiesand work through a very complicated process tocoordinate billing (and payment). Even patientswho belong to managed care entities that capitatepayments or use other reimbursement methodsmight need to have all or parts of their bill or claimsent for management information purposes.

After the initial claim or billing, the providermay have several followup steps, such as provid-ing additional information to a payer inquiringabout the status of a claim previously sent to oneor more payers. Because more than one provider

may be billing for services rendered during thesame episode of care, both providers and payersmay have to coordinate and track their informa-tion. Many institutions and some individual pro-viders are also required to send additionalinformation as attachments to the claim. Amongthe required documents are discharge abstracts,surgical reports, first reports of injury, and attesta-tion reports. Late submission of these reportsmight also delay the payment of the originalclaim.

Finally, the provider receives a payment or re-jection from the payer. This is a two-step process

86 | Bringing Health Care Online: The Role of Information Technologies��

��

��

because the provider must reconcile the paymentto the original claim, as well as to the posting proc-ess at its financial institution. The information re-ceived with the payment or rejection (usuallycalled remittance advice) can be as simple as acheck number or it may include pages of informa-tion responding to each line of the original claim.If the patient has health care coverage from a sec-ondary payer, the provider may then have to repeatthe process, submitting a secondary billing claimto that payer, and including with the claim in-formation about what was and was not paid by theprimary payer (some institutions bill the patientwho is then responsible for collecting from sec-ondary payers). On average, most institutions donot see payment on a claim for well over twomonths. Individual and professional paymentsoften take longer.8

During the course of these provider-payertransactions there can be many telephone contactsand letters exchanged among the parties. In an in-patient environment, which is relatively stable,the cost of carrying out these transactions is rela-tively low compared to the amount of the claim.However, the opposite is true in an outpatient orambulatory-care setting. The provider’s costs forprocessing each transaction, claim, or eligibility

verification is about the same as in an inpatientsetting, but the resulting revenue is much less. Themove of health care toward more outpatient carewill accentuate this problem.

The traditional model for health payments hasbeen that the provider charges the patient a fee forthe services provided. The patient (or the provideron the patient’s behalf) files a claim with the pa-tient’s insurer (payer) for payment of the coveredportion of this fee. There are several types of trans-actions in the fee-for-service environment whereelectronic communications could be applied.These transactions are: 1) claims submission, 2)remittance advice, 3) claims inquiry, 4) enroll-ment, and 5) eligibility inquiry.

Claims submission is the process of preparingand submitting documents to a payer on behalf ofa patient. Nearly all claims for hospital servicesare submitted by the provider. Claims for servicesin a physician’s office may be prepared by eitherthe patient or the provider; in preferred providernetworks, the physician usually files the claim. In-formation required to complete the claim formmay have entered the provider’s accounting sys-tem through either a direct interface with other in-formation systems in the provider organization, orthrough keyboard input by a data-entry clerk whoreads the various paper documents about the pa-tient and enters the data into the patient-account-ing system. This system, whether paper-based orcomputer-based, must prepare a claim documentin a form that is acceptable to the payer.

Remittance advice is a document returned tothe provider by the payer along with payment afterthe claim is processed. The remittance advice ex-plains what the payment covers and how the claimwas adjudicated by the payer. The providercompares the payment with the original claim todetermine whether the amounts match. If theclaim and payment do not match, the clerk checksthe remittance advice to determine where the dif-ferences lie. When the claim and the various pay-ments match, either immediately or after a process

8 A review of quarterly analyses by Zimmerman & Associates, Hales Corner, WI, shows receivables always exceed 60 days. Ibid.


of negotiating discrepancies, the claim is recon-ciled with its associated payments and closed. Re-mittance advice can be a paper document thataccompanies a check; an electronic document thataccompanies an electronic funds transfer; or anelectronic document that is separate from, but re-lated to, an electronic funds transfer sent by othermeans.

Claims inquiry is a process that providers useeither to determine when payment will be made orto negotiate discrepancies in a claim that has beenpartially paid. Often, inquiries are telephone con-versations, but some vendors are beginning to of-fer online inquiries.

Enrollment is a process that involves the payerand the patient’s employer (or sponsor of thehealth care plan in which the patient enrolls). En-rollment transactions occur when people join ahealth plan, change their family status, move,change plans, and so on.

Eligibility inquiries are transactions betweenproviders and payers to determine what benefitsthe patient is entitled to. Patients arriving at thedoctor’s office, hospital, pharmacy, or other pro-vider location are asked what kind of coveragethey have and from whom. This information isconfirmed by an inquiry to the payer by mail, tele-phone call, or an electronic process. Having thisconfirmation quickly is useful to the provider: itmeans that correct copayment amounts can be col-lected right away, for example, or that certain ser-vices will not be offered to people who are notentitled to them. EDI standards have been devel-oped for the above transactions. (See box 3-3.)

In a managed care environment, some of thesetransactions are different. For example, in anHMO, where members are charged a fixed fee perperson (capitation) and are not billed for individu-al services, the traditional insurance claim is un-necessary. In some cases, however, HMOs areusing an encounter report to provide managementinformation about services provided, and these

could be considered surrogates for insuranceclaims. Enrollment transactions and inquiriesabout a member’s eligibility for services are as im-portant in a managed care environment as in a fee-for-service system; in some cases, they may beinternal transactions between parts of the same or-ganization (perhaps at different locations) ratherthan between different organizations.

❚ Status of Electronic InsuranceTransactions9

Health Care Financing AdministrationAs the largest payer of health care claims in thecountry, the federal government for years has en-couraged providers and insurers to do businesselectronically, especially the submission of Medi-care claims. The Medicare program (and the fed-eral portion of the Medicaid program) isadministered by the Health Care Financing Ad-ministration (HCFA) which, beginning in the1970s, established electronic links between hos-pitals and fiscal intermediaries—the insurancecompanies that process Medicare claims undercontract with the government. Currently, 80 dif-ferent insurance companies process some 730million Medicare claims annually.10

Initially, the shift away from paper involvedhospitals submitting bills by either direct-dataentry (DDE) terminal, linked directly by leasedphone lines to the mainframe computer of the fis-cal intermediary, or by computer tape. In eithercase, clerical personnel would key in the neces-sary information. For computer tape transactions,they would format the information on computertape, which was then sent to the fiscal intermedi-ary. For the fiscal intermediary, the volume of in-formation received on tape—and thus the reducedcosts of processing as compared with paper sub-missions—justified writing separate computer in-terfaces to translate the different tape formats asrequired.

9 This section is based on C. Canright, “Electronic Commerce and Networking in Health Care,” unpublished contractor report prepared for

the Office of Technology Assessment, U.S. Congress, Washington, DC, January 1995.

10 “Implementing EDI on a Colossal Scale: An Interview with HCFA’s Carol Walton,” EDI Forum, vol. 6, No. 2, 1993, p. 47.


BOX 3-3: EDI Standards

�%"� '"5� 0+� 0%"� +* ",0� +#� �� (&"/� &*� !�0�� /0�*!�.!/�� 0�*!�.!/� �."� �� 0%")"

0%.+1$%+10� 0%&/� .",+.0�� *!""!�� 0%"� +*"� 0%&*$� 0%�0� *"�.(5� "2".5+*"� &*2+(2"!� &*� %"�(0%� �."� �10+)�0&+*

�$.""/� +*� &/� 0%�0� 1*&#+.)� !�0�� /0�*!�.!/� �."� ."-1&."!� 0+� +*0.+(� %"�(0%� �."� �!)&*&/0.�0&+*� +/0/�

�+1$%(5� /,"�'&*$�� !�0�8,.+ "//&*$� /0�*!�.!/� %�2"� 03+� +),+*"*0/�� +*0"*0� �*!� 0.�*/)&//&+*�

��0�8 +*0"*0� /0�*!�.!/� /," &#5� %+3� )"�*&*$� /%+1(!� �"� .",."/"*0"!�� 0�80.�*/)&//&+*� �+.� )"//�$8

&*$�� /0�*!�.!/� /," &#5� %+3� &*#+.)�0&+*� "* +!"!� �/� /0.&*$/� +#� �&*�.5� !&$&0/� /%+1(!� �"� /0.1 01."!� #+.

0.�*/)&//&+*� +2".� 3&."/� +.� 0%.+1$%� 0%"� �&.�

Data Transmission�� /0�*!�.!/� #+.� �1/&*"//� !+ 1)"*0/� /0.1 01."� &*#+.)�0&+*� &*� /1 %� �� 3�5� 0%�0� +),10"./� �0� !&##".8

"*0� +.$�*&6�0&+*/� �*� ,.+ "//� &0�� +),10"./� !+� *+0� ,.+ "//� !+ 1)"*0/� (&'"� %1)�*/� ."�!� !+ 1)"*0/�

�+),10"./� ,.+ "//� !�0�� +� 0%"� +),10".�� &/� *+0� �� #� /&)&("� +#� �� !+ 1)"*0� 0%�0� �� +),10".� /0+."/�

&0� &/� �� /0."�)� +#� !�0�� 0%�0� � 01�((5� �1/"/� �� +),10".� �,,(& �0&+*� 0+� ,".#+.)� �� /," &#& � � 0&+*�

��0�� %+3"2".�� ."� *+0� -1&0"� "*+1$%�� 0�� )�5� �"� 03+8 %�.� 0".� +!"/� 0%�0� .",."/"*0� �*� &!"�� +.� �

/0.&*$� +#� %�.� 0"./� 0%�0� .",."/"*0�� #+.� &*/0�* "�� + &�(� �" 1.&05� *1)�".� �� " �1/"� �((� !�0�� ."

.",."/"*0"!� �/� /0.&*$/� +#� �/� �*!� /�� +),10"./� *""!� �� )"�*/� +#� !&/0&*$1&/%&*$� !�0�� !"*+0&*$� +*"� &!"�

#.+)� !�0�� !"*+0&*$� �*+0%".�

�+),10"./� !&/0&*$1&/%� +*"� �&0� +#� !�0�� #.+)� �*+0%".� 0%.+1$%� ,+/&0&+*�(� ."(�0&+*/%&,/�� #� �� %"�(0%� �."

(�&)� 3"."� 3.&00"*� �/� �� /&*$("� (&*"�� 0%"*� 0%"� +),10".� 3+1(!� *""!� 0+� '*+3� 3%�0� ,�.0� +#� 0%"� (&*"� .",."8

/"*0"!� �*� �� *!� 3%�0� ,�.0� .",."/"*0"!� �� ,�0&"*0�/� *�)"�� 5� 100&*$� 0%�0� (&*"� +#� %�.� 0"./� 1,� &*0+

!�0�� "(")"*0/�� +),10".� �*� ." +$*&6"� +*"� 05,"� +#� &*#+.)�0&+*� #.+)� �*+0%".�� %"� #&./0� !�0�� "(")"*0

)&$%0� .",."/"*0� �� ,�0&"*0�/� *�)"� �*!� �!!."//�� 3%&("� 0%"� /" +*!� .",."/"*0/� 0%"� (&*"� &0")/� +*� �� (�&)�

�� /0�*!�.!/� ,.+2&!"� 0%�0� 05,"� +#� /0.1 01."�� %"5� ,.+2&!"� �� +))+*� 3�5� #+.� +),10"./� 0+� /0.1 01."

0%"� !�0�� 0%�0� .",."/"*0� �1/&*"//� !+ 1)"*0/�

�%"� /0�*!�.!/� #+.� )+2&*$� 0%"� !�0�� 0%�0� �,,"�.� +*� +))+*� �1/&*"//� !+ 1)"*0/� �"03""*� +.$�*&6�8

0&+*/� �."� �(("!� 0%"� �� /0�*!�.!/� #+.� "(" 0.+*& � !�0�� &*0". %�*$"�� *�)"!� �#0".� 0%"� �)".& �*� ��8

0&+*�(� �0�*!�.!/� �*/0&010"�/� � ."!&0"!� �0�*!�.!/� �+))&00""� �� 3%& %� !"2"(+,/� 0%")�� /0�*8

!�.!/� !"#&*"� �� /5*0�4� �*!� ,.+2&!"� �� /0.1 01."� #+.� )+2&*$� !�0�� "03""*� +.$�*&6�0&+*/�� *� 0%�0� 3�5��

/0�*!�.!/� �."� "40".*�(� !�0�80.�*/)&//&+*� /0�*!�.!/�� %"� /0.1 01."� 0%�0� .",."/"*0/� �� 1/&*"//� !+ 1)"*0

&/� �(("!� �� 0.�*/� 0&+*� /"0/� �."� 0%"� "(" 0.+*& � "-1&2�("*0/� +#� ,�,".� �1/&*"//� !+ 1)"*0/�

�.�*/� 0&+*� /"0/�� 0%"*�� ."� +),+/"!� +#� �*� +.!"."!� /".&"/� +#� !�0�� /"$)"*0/�� 0�� /"$)"*0/� �."

�*�(+$+1/� 0+� 0%"� $.+1,/� +#� !�0�� 0%�0� ,".#+.)� /," &#& � #1* 0&+*/� 3&0%&*� �� 1/&*"//� !+ 1)"*0�� /1 %� �/

(&*"� &0")/� +*� �� ,1. %�/"� +.!".�� 0".)/� +#� ,�5)"*0� +*� �*� &*2+& "�� +.� 0%"� &!"*0&#& �0&+*� �*�)"� �*!� �!8

!."//�� /" 0&+*/� 0%�0� �,,"�.� +*� �*5� �1/&*"//� !+ 1)"*0�� "$)"*0/�� &*� 01.*�� ."� +*/0.1 0"!� +#� �*� +.8

!"."!� /".&"/� +#� (+$& �((5� ."(�0"!� !�0�� "(")"*0/�� 0�� "(")"*0/� /," &#5� /1 %� 0%&*$/� �/� 1*&0� +#� )"�/1."�

,.& "�� -1�*0&05�� *!� 1.."* 5�

Data Content�%"� +*0"*0� +#� /0�*!�.!/� +)"/� 0+� 0%"� #+."� �0� 0%"� !�0�8"(")"*0� ("2"(� +#� 0%"� �� /0�*!�.!/�� 1 %� +#

0%"� +*0"*0� +#� �� 0.�*/� 0&+*� /"0� +*/&/0/� +#� +!"/� 1/"!� �5� �� +),�*5� +.� �*� &*!1/0.5� 0+� .",."/"*0� 0%"

______________�� //�� 7�*0.+!1 0&+*� 0+� �� 1*,1�(&/%"!� ,�,".� ,."/"*0"!� 0+� � ."!&0"!� �0�*!�.!/� �+))&00""� �� 0�

�%�.("/�� 5� ��

��


BOX 3-3: EDI Standards (Cont’d.)

74)'-*-'7� 3*� -87� &97-2)77�� 7� 19',� %7� 4377-&0)�� 8,)� $�� '311-88))� 7))/7� 83� 78%2(%6(->)� '328)28� %'6377

-2(9786-)7�� !,)� 7)+1)28� %2(� (%8%� )0)1)287� 97)(� -2� 86%27%'8-32� 7)87� 83� 6)46)7)28� %� 2%1)� %2(� %((6)77�

*36� -278%2')�� %6)� 8,)� 7%1)� *36� 86%274368%8-32� '32')627� %7� *36� ,)%08,� '%6)� '32')627�

�978� &)'%97)� 8;3� 36+%2->%8-327� 7944368� 8,)� $�� 78%2(%6(7�� ,3;):)6�� (3)7� 238� 1)%2� 8,%8� '3119@

2-'%8-32� &)8;))2� 8,)1� -7� 7)%10)77�� 2� %� 8)',2-'%0� 0):)0�� &38,� 7=78)17� %6)� '314%8-&0)� &)'%97)� 8,)=

%6)� '31192-'%8-2+� 97-2+� %� '31132� 0%2+9%+)�� 2� %� '328)28� 0):)0�� ,3;):)6�� '314%8-&-0-8=� -7� 23;,)6)

2)%6� +9%6%28))(�� 4%68-'90%60=� -2� ,)%08,� '%6)�� !,)� (%8%� '328)28� 3*� � �� $�� 78%2(%6(7� '31)7� *631� -2(97@

86=@� %2(� '314%2=@74)'-*-'� '3()7�� 2� ,)%08,� '%6)�� *36� -278%2')�� 8,)� � �� $�� ,)%08,� '%6)� 6)1-88%2')� %(@

:-')� 78%2(%6(� 97)7� �(.9781)28� �)%732� �3()7� 1%-28%-2)(� &=� 8,)� �09)� �6377� %2(� �09)� ,-)0(� �773'-%@

8-32� %2(� �966)28� �63')(96%0� !)61-2303+=� ��!�� 3()7� 1%-28%-2)(� &=� 8,)� �1)6-'%2� �)(-'%0

�773'-%8-32�� 2� *%'8�� %2=� 36+%2->%8-32� '%2� 4)8-8-32� 8,)� � �� $�� '311-88))� 83� -2'09()� -87� '3()7� -283� 8,)

78%2(%6(�� 7� 032+� %7� 8,37)� '3()7� 1))8� 8,)� 8)78� 3*� &97-2)77� 2)')77-8=� %2(� 4)6*361� *92'8-327� 8,%8� )<-78@

-2+� '3()7� '%2238� 4)6*361�� 8,)� '3()7� %6)� -2'36436%8)(� -283� 8,)� 78%2(%6(�

�7� %� 6)7908�� $�� 78%2(%6(7� %''3113(%8)� %� ,9+)� %13928� 3*� (%8%� '328)28� %2(� 8,)=� '%2� 4)6*361

8,)� 7%1)� &97-2)77� *92'8-32� -2� 1%2=� (-**)6)28� ;%=7�� 378� -2(9786-)7� ,%:)� 0-1-8)(� 8,-7� :%6-%&-0-8=� &=� 49&@

0-7,-2+� -140)1)28%8-32� 1%29%07� 74)'-*=-2+� ,3;� %� 4%68-'90%6� 86%27%'8-32� 7)8� 7,390(� &)� 97)(� 83� '32(9'8

&97-2)77� ;-8,� '314%2-)7� -2� 8,%8� -2(9786=�

!,)� (%8%� '328)28� 97)(� -2� 8,)� � �� $�� ,)%08,� '%6)� 86%27%'8-32� 7)87� -7� 78-00� 833� &63%(0=� ()*-2)(�� )%60=

):)6=32)� -2:30:)(� -2� �� -2� 8,)� ,)%08,� '%6)� -2(9786=� %+6))7� 8,%8� ;-()746)%(� �� -140)1)28%8-32� ;-00

6)59-6)� +6)%8)6� 92-*361-8=� -2� (%8%� '328)28�� 7� 8,)� #�� '311-88))� 4987� -8�� ?�� 7-+2-*-'%28� &%66-)6� 83� 8,)

-140)1)28%8-32� 3*� �� -7� 8,)� *%'8� 8,%8� -140)1)28%8-32� +9-()7� ,%:)� 238� &))2� ():)034)(� 8,%8� -2'36436%8)

78%2(%6(� 6)59-6)1)287� %2(� '328)28� %'6377� 0%6+)� 7)+1)287� 3*� 8,)� ,)%08,� '%6)� -2(9786=�� 8� -7� '6-8-'%0� 8,%8

46-:%8)� 4%=)67� %2(� +3:)621)28� 463+6%17�� -2'09(-2+� �)(-'%6)� %2(� �)(-'%-(�� 97)� %� '31132� 7)8� 3*� *36@

1%87� 83� %',-):)� 8,)� ,-+,)78� 0):)0� 3*� %(1-2-786%8-:)� '378� 7%:-2+7� %2(� %'')0)6%8)� 8,)� -140)1)28%8-32� 3*

��

!,)� ,)%08,� '%6)� -2(9786=� 2))(7� %� &97-2)77� 13()0� 8,%8� 74)'-*-)7� 8,)� (%8%� 6)59-6)(� -2� )%',� 86%27%'8-32

%2(� ,3;� 8,)=� 7,390(� &)� )2'3()(� %2(� 7869'896)(� ;-8,-2� 8,)� 78%2(%6(7�� **-'-)28� 78%2(%6(7� 6)59-6)� 8,%8

%00� 4%68-'-4%287� -2� 8,)� -2(9786=� %+6))� 32�� ;,%8� (%8%� 83� '300)'8�� ;,)2� 83� '300)'8� -8�� %2(� �� ,3;� 83

'300)'8� -8�

�2� 8,)� %&7)2')� 3*� -2(9786=;-()� -140)1)28%8-32� 1%29%07�� 1%2=� -2� 8,)� -2(9786=� %6)� 6)0=-2+� 32� -140)@

1)28%8-32� +9-()0-2)7� '6)%8)(� &=� 8,)� �)%08,� �%6)� �-2%2'-2+� �(1-2-786%8-32� �� 8,)� *-678� 4%=)6� 83

-140)1)28� 8,)� ,)%08,� '%6)� '0%-1� 4%=1)28� %2(� %(:-')� �� $�� 86%27%'8-32� 7)8� %2(� 8,)� '0%-1� 79&@

1-77-32� �� $�� 86%27%'8-32� 7)8�

�"�� %26-+,8�� ?�0)'8632-'� �311)6')� %2(� �)8;36/-2+� -2� �)%08,� �%6)�� 9249&0-7,)(� '3286%'836� 6)4368� 46)4%6)(� *36� 8,)� �**-')

3*� !)',2303+=� �77)771)28�� %2��

______________�#36/+6394� *36� �0)'8632-'� �%8%� �28)6',%2+)�� %68*36(�� !� %2(� �,-'%+3�� '83&)6� �� 4�� @�� 6+)7�� -6)'836�� )%08,� �%8%� �%2%+)1)28� �6394�� 1)6-'%2� �374-8%0� �773'-%8-32�� -28)6:-);�� ,-'%+3�� 9+�

��


But as large chain-affiliated hospitals foundthat they were dealing with many different for-mats, they asked HCFA to establish a standardtape format, which it did in the late 1970s. Thestandard tape format allowed hospitals and otherlarge institutions to introduce a degree of stan-dardization into their claims submissions process.However, they still faced different data require-ments from different fiscal intermediaries in dif-ferent states.

During the 1980s, with the growing use of per-sonal computers, HCFA also began to encouragephysicians to do business electronically. In themid-1980s, HCFA aggressively put pressure onproviders to convert to electronic billing, and by1985, HCFA received about two-thirds of Part Ahospital claims and one-third of Part B supple-mental insurance claims electronically.11 Part Aclaims are submitted by hospitals and other largeinstitutions for inpatient care. Part B claims aresubmitted by physicians and clinics.

HCFA’s push for electronic claims processingcame to a standstill in the late 1980s. Congress, aspart of an attempt to balance the federal budget,mandated an extended timeframe for paying allMedicare claims. HCFA, however, had used expe-dited payment as an incentive for providers to sub-mit bills electronically. Without the incentive offaster payment, many providers saw no reason tomake the investments needed to submit claimselectronically.

HCFA started to promote electronic billingagain in 1991 as part of a short-term strategy to re-duce administrative costs. Until then, HCFA hadconcerned itself solely with automating claims. In1991, however, the agency turned its attention toautomating the remittance advice document,which accompanies a claim payment and explainswhat the payment covers. Rather than develop itsown remittance format, HCFA adopted the EDI

format for health care remittance advices that hadjust been approved by Accredited Standards Com-mittee X12. HCFA became the first organizationto test the new EDI remittance advice format andremains its largest user.

In 1992, HCFA established a uniform paymentpolicy and procedures for making electronic pay-ments to medical providers for Medicare claims.Providers who submit at least 90 percent of theirMedicare claims electronically can receive claimspayments electronically through the banking in-dustry’s automated clearinghouse network andtheir local banks, rather than through paper checksmailed to their offices. HCFA again had a fasterpayment incentive to encourage electronic claimssubmissions. Since then, HCFA has adopted theEDI-based claims form as its standard and man-dated that all Medicare processors adopt it by July1, 1996. The agency’s long-term goal is to have allMedicare claims handled electronically by theyear 2000.

Private InsurersBecause many Medicare beneficiaries also carryprivate insurance policies that cover deductiblesand copayment obligations under Medicare,HCFA’s EDI projects also affect the administra-tion of payments by private insurers. In manystates, the fiscal intermediary for the Medicareprogram obtains its own private insurance claimselectronically through the same linkages used forMedicare. With Medicare moving toward 100 per-cent electronic claim submission, “it seems likelythat private firms will be making use of thetechnology as well.”12

Some large insurers accept and process nearly80 percent of claims by computer.13 However,there are many small insurers that are only begin-ning to accept electronic claims. Today, about 75percent of hospital claims are submitted electroni-

11 M. Buffington, Director of Claims Processing, Health Care Financing Administration, personal communication, Sept. 7, 1994.

12 D. Fularczyk, Manager, Blue Cross and Blue Shield United of Wisconsin’s Proservices subsidiary, quoted in T. Higgins, “Setting Stan-

dard for Electronic Claims Could Lead to Paperless Providers,” The Business Journal-Milwaukee, February 1993, pp. S3-S5.

13 B. Politzer, “Claims of Excellence,” HMO Magazine, vol. 32, No. 6, November-December 1991, p. 39.


cally, but the vast majority of these are Medicareclaims submitted to HCFA rather than to privateinsurers. Physicians submit some 16 percent oftheir claims electronically in total; however, theysubmit 47 percent of their Medicare claims elec-tronically.14

Electronic Medical Claims ServicesOne of the difficulties of connecting providers andpayers is the different data and networking for-mats that exist in the health care industry. Conven-tional wisdom, for instance, holds that electronicclaims are structured in some 400 different ways.Electronic medical claims companies, includingvalue-added networks and clearinghouses, pro-vide services that connect providers with manypayers using a single system.15

These services give providers a single point ofelectronic contact to many payers. In addition torouting information between a provider and itspayers, they edit and reformat claims data. Thisfrees providers from the burden of programmingtheir systems to handle the wide variety of elec-tronic formats. For example, a physician’s officewanting to send claims electronically generallyuses personal computer software that communi-cates with the service via telephone lines. Physi-cians using practice management systems canoften integrate this software with their systems.This requires that the processing service cooperatewith the vendor of the practice management sys-tem (there are several hundred in the country) towrite the necessary interfaces. For physicians whodo not use practice management systems, the ser-vice provides software that allows clerical person-nel to enter claims data directly into forms thatappear on a PC screen.

Provider-specific edits are needed on eachclaim. Because health care claims are not univer-sally standardized, different payers require data tobe presented differently in their claims. One payer

may also require data that another payer does not.The software checks the claims that are keyed in orreceived from a practice management system tomake sure they conform to the data requirementsof the designated payer.

If the claims meet all requirements, the PC soft-ware sends them to the electronic claims service.The service performs further editing and thentransmits the claims to payers, in some casesthrough direct network connections to the payerand in others through a claims clearinghouse thathas such a connection.

Many electronic medical claims services canperform some or all of the following transactiontypes: electronic claims filing; claims-status in-quiry and online claims correction; eligibility andbenefits inquiry; electronic remittance advicedata; automated electronic remittance posting,along with supplemental and secondary billing;and electronic funds transfer. The services avail-able to a provider vary by payer and depend onpayer capabilities. Not all payers, for instance, canprovide remittance advice data electronically.

Most of the transactions processed by electron-ic medical claims services are currently not basedon EDI standards, particularly the nonclaimstransactions. However, use of standard EDIclaims may increase as HCFA mandates them.Until then, however, many payers are not accept-ing standard EDI claims. Nonclaims transactions,such as eligibility verification, are not based onEDI standards because the standards are eitherbrand new or do not exist. Many of these servicesintend to support EDI standards, but place moreemphasis on making transactions electronically,whatever the format. They believe that it is betterto begin electronic processing now than to wait forthe often slow standards-development cycle.

The initial cost of getting a physician startedwith an electronic claims service is between$1,500 and $2,500, depending on the size of the

14 “Automated Medical Payments Statistical Overview,” Automated Medical Payments News, Feb. 8, 1993, p. 3.15 B. Dodge, Vice President, HCS, Inc., personal communication, Aug. 26, 1994.


practice. Staff training may be an additional ex-pense. There is also a per-transaction fee, whichcould be on the order of $0.35 to $0.85, dependingon the type of transaction. Claims fall toward theupper end of the range because they are more com-plex documents and contain more data, whiletransactions such as eligibility inquiries costless.16

In the early years of EDI development in otherindustries, value-added networks (VANs) offeredsimilar translation services for companies that didnot want to develop or install their own EDI man-agement systems. Over time, companies pur-chased their own EDI systems, rather than paytranslation fees to the VANs. A similar develop-ment is unlikely in health care. Only larger institu-tions are likely to have the financial and staffresources to manage an EDI system. For smallermedical practices, claims services and VANs maycontinue to provide a way to transact businesselectronically.

Financial InstitutionsCompletely automating the health care paymentprocess means involving the trading partners’ fi-nancial institutions. In the 1970s, the banking in-dustry established its own formats for electronicfunds transfer (EFT) through the National Auto-mated Clearing House Association (NACHA).NACHA governs the automated clearinghouse(ACH), a network of computer-based check-clear-ing and settlement facilities for the interchange ofelectronic debits and credits among financialinstitutions (note that bank clearinghouses are dif-ferent entities from the insurance clearinghousesmentioned above).

The banking industry designed its original EFTformats to move money between financial institu-tions. In the 1980s, NACHA worked with corpo-rations to set ACH formats for corporate-to-corporate payments. At that point, the NACHAformats for EFT began to conflict with, and then

migrate toward, industry’s formats for EDI. Thehybrid of EFT, whose purpose is to move moneybetween financial institutions electronically, andEDI, whose purpose is to move business data be-tween corporations electronically, became knownas financial EDI (or EFT/EDI).

Since the development of financial EDI for-mats in the mid 1980s, the number of corporationsusing the ACH to make payments has steadily ris-en, showing an average annual growth of between25 and 30 percent per year for the past severalyears. In terms of total payment volume, however,financial EDI volume statistics are less impres-sive. Last year, the estimated 13 million paymentsmade through financial EDI represented onlyabout 0.1 percent of the total estimated volume of11.7 billion payments.17

Financial EDI payments, in all industries, con-sist of two parts: the payment and the remittanceadvice. One difficulty faced by the banking indus-try is that few banks are capable of processing allof the information contained in financial EDI pay-ments. ACH formats themselves are not compat-ible with the information-laden EDI formats. Tomove native EDI data through the ACH requireswrapping an EDI transaction in a NACHA enve-lope. The financial institution then unwraps andprocesses the EDI payment transaction. The en-veloping process puts some limitations on theamount of data an EDI transaction can carry—apotential problem given the amount of data in ahealth care remittance advice document.

As a result, many companies are sending EDIpayment orders and remittance advices throughseparate paths—the payment itself as a simpleEFT transfer through the ACH and the remittanceadvice as an EDI transmission through a VAN. Inthat case, companies receive the payment-depositinformation from their banks and reconcile it withthe remittance data received from the VAN.

However, some banks that specialize in finan-cial EDI are moving into the health care market.

16 Ibid.17 National Automated Clearing House Association figures reported in Canright, op. cit., footnote 9.


BankAmerica, San Francisco, CA; Chase Man-hattan, New York, NY; Huntington Bancshares,Columbus, OH; PNC Bank Corp., Pittsburgh, PA;and National City Corp., Cleveland, OH, areamong the national and regional banks that nowprocess medical bill payments electronically forhospitals, clinics, and other health care providerswho are their banking customers. Some of them,in addition to handling EFT payments, are also of-fering the services of a processing service.

❚ Standardized FormsThe federal government has played a major role instandardizing electronic forms in the health careindustry. For instance, institutional providers areencouraged to submit Medicare and Medicaidclaims using the UB-92 form, which was createdby the National Uniform Billing Committee(NUBC). The difficulty is that each state adds itsown requirements to the UB-92 form, whichmeans that some payers and nearly all softwarevendors have to support nearly 50 different ver-sions of the UB-92.18 Moreover, the EDI standardfor transmitting claims, ASC X12.837 (healthcare claim), can structure data contained in theUB-92 in several different ways, all of which arecorrect insofar as the standard is concerned.19 Theresult is that the health care industry’s standardsare not yet standard enough for easy implementa-tion of electronic commerce.

HCFA has developed implementation guidesfor health care claim and remittance advice trans-actions. By July 1, 1996, all electronic claims willbe submitted to HCFA using the standard forms.20

The HCFA requirement is expected to stimulateEDI use throughout the industry. To ensure thatthe health care industry uses a single EDI version

of the UB-92, the Workgroup for Electronic DataInterchange (WEDI) and the NUBC are develop-ing EDI implementation guidelines based on theHCFA guide, which is becoming the de facto in-dustry standard.

LINKING HEALTH CARE PROVIDERSWITH SUPPLIERS21

In contrast with health care payments, the use ofelectronic commerce between large health careproviders and hospital suppliers has a longer his-tory, dating back to the mid-1970s when theAmerican Hospital Supply Corp. (AHSC)introduced the first electronic order-entry (EOE)system called Analytic Systems Automated Pur-chasing (ASAP). ASAP initially allowed hospi-tals to place orders using a touch-tone telephone.As ASAP evolved, hospital purchasing managerscould enter orders into terminals connected toAHSC’s mainframe computer, which automati-cally reserved inventory and generated a packinglist. The system was so convenient that purchas-ing managers placed orders with AHSC at the ex-pense of its competitors.22 Hospitals achievedbenefits by: 1) eliminating manual order writing;2) reducing transcription errors that result whenorders are written manually or taken over thephone; and 3) increasing the accuracy and timeli-ness of order, delivery, and cost information.

The proliferation of other EOE systems becamea problem to major hospitals, especially chainsand large purchasing groups. Those organizationspurchased supplies from several vendors, whichmeant they had to use several different EOE sys-tems. They faced the same problems that have ledto the development of EDI in other industries:higher costs from having to support multiple pro-

18 D. Rode, “UB-92, HCFA 1500: The Genesis of EDI?” Health Care Financial Management, vol. 47, No. 1, January 1993, pp. 82-83.19 D. Hodges, Integrating Computer-Based Technologies Into HMOs (Washington, DC: Group Health Association of America, Inc., 1993),

p. 41.

20 M. Buffington, op. cit., footnote 11.

21 This section is based on Canright, op. cit., footnote 9.22 R. Forester, “A History of ASAP at Baxter Health Care: The Journey from Proprietary to X12 Standards,” EDI Forum, vol. 4, No. 1, 1991,

p. 96. (Baxter acquired the ASAP system when it merged with American Hospital Supply Corp. in 1984.)


prietary systems,23 including additional space forthe terminals and additional training for purchas-ing personnel. Today, most hospital-supply com-panies are making a transition to EDI and offerEDI-based alternatives to their proprietary elec-tronic order-entry systems.

In addition to the companies that directly sup-ply hospitals and other providers, the companiesthat manufacture health care supplies and equip-ment are beginning to use EDI to connect with thesmaller companies that they rely on to distributetheir products to hospitals, physicians, and otherhealth care providers. For the manufacturers, EDIconnections result in cost savings because they nolonger need to key purchasing information intotheir systems. By automating business with alltheir distributors, the relatively small benefits thatcome from automating each trading relationshipare multiplied over a large base. For distributors, itis not clear whether the conversion to EDI resultsin net savings or net costs.

When the process of purchasing and paying forsupplies is automated through EDI, it can be inte-grated with a larger automated materials manage-ment information system that can includeinventory control, automatic replenishment,tracking of chargeable suppliers and equipment,invoicing, and patient cost accounting. Greateruse of information systems for these purposes hasbeen shown to improve inventory control and re-duce the costs of materials management in otherindustries. Currently, only a few hospitals andhealth care groups are using this technology to itsfull potential.24

The movement to electronic systems in hospi-tal materials management has not been pervasiveamong hospitals. By 1990, hospitals used EDI toplace some 24 percent of orders to suppliers.25

Purchase orders and confirmations still representthe bulk of EDI transactions in hospitals; hospitalshave been slow to use EDI for other purchasingfunctions, such as electronic invoicing and pay-ment.26 WEDI, for instance, estimated that some6,000 of 6,138 acute care hospitals require EDIupgrades.27

Overall, the health care supply portion of thehealth care industry has made a good start in auto-mating trading relationships. As suppliers offerand providers adopt more sophisticated materials-management strategies, EDI will become increas-ingly necessary as well as commonplace.

PHARMACEUTICAL INDUSTRY EDIThe drug distribution chain has been an early andsuccessful adopter of electronic commerce. Asearly as 1972, a major drug wholesaler began a pi-lot project to transmit purchase orders directly tothe computers of major manufacturers. Industryorganizations, such as the National WholesaleDruggists Association and the American SurgicalTrade Association, actively supported these acti-vities and encouraged the development of indus-try-wide standards. Use of electronic ordering wasfound to reduce order lead-times, which reducedinventory requirements. Some industry analystsbelieve that adopting electronic ordering is a ma-jor factor in alleviating and reversing economic

23 The terms “proprietary system” and “proprietary data format” refer to electronic business communications systems that work for a singlecompany—the one that provided the system or software. The terms “standard system” or “standard data format,” in contrast, refer to EDI sys-tems that are designed to ease communications with any organization that supports EDI standards.

24 ECRI, “Computer Information Systems, Materials Management,” ECRI Special Reports, 202765 424-008 (Butler Meeting, PA: 1995),p. 3.

25 Arthur Andersen & Co., Stockless Materials Management: How It Fits Into the Health Care Cost Puzzle (Alexandria, VA: HIDA Educa-

tional Foundation, 1990), p. 56.

26 J.J. Moynihan and K. Norman, “Health Care EDI: An Overview,” EDI Forum, vol. 6, No. 2, 1993, p. 11.27 Workgroup for Electronic Data Interchange, Report (Hartford, CT, and Chicago, IL: October 1993), p. 9-34.


hardships that drug wholesalers had been experi-encing in the early 1980s.28 By 1986, 96 percentof drug wholesalers were using EDI, as were 90percent of pharmaceutical manufacturers—one ofthe highest penetration rates of any industry at thattime.

Today, electronic commerce has also expandedrapidly to independent drugstores and drugchains. About 95 percent of drugstores are com-puterized. Many of them order from distributorsusing either proprietary systems or EDI standardsand guidelines developed by the American Soci-ety of Automation in Pharmacy.

Because many prescription drugs are paid foror reimbursed by insurance plans, electronic linkshave also been established between pharmaciesand payers. A standard format for communicationbetween pharmacies and insurers is in widespreaduse. Online eligibility systems have helped tospeed processing and payments by enabling phar-macies to check a patient’s benefits before fillingthe prescription. After a physician or patient sub-mits a prescription (either by phone or in writing),the pharmacy enters the information from the pa-tient’s prescription benefit card (issued by the in-surer, health plan, or employer) and theinformation from the prescription into an onlinesystem using the National Counter PrescriptionDrug Plan’s (NCPDP) standards for real-timetransactions. Through this system, the pharmacycontacts a database where it can confirm the pa-tient’s eligibility status, find out whether the payerwill pay for this drug, determine the copaymentamount, and ascertain whether the payer allows orrequires generic substitutions.

Pharmacy claims are much less complex thanother health care claims, and a much larger per-centage of them are submitted electronically. In1993, over half of the prescription claims reim-

bursed by insurance payers were submitted elec-tronically and that percentage continues togrow.29 NCPDP recently introduced a paper-based claim form based on the electronic format tosimplify reimbursement for patients whose payersare not yet using electronic pharmacy claim sub-mission.30

The existence of large databases of prescrip-tion-related information in a standard format is of-fering new tools to both the pharmaceutical andinsurance industries. Databases are being used toanalyze the patterns of drug purchase, to developformularies or lists of preferred drugs, to comparecosts of alternative drugs, and to compare the cost-effectiveness of drugs to alternative treatments.

COMMUNITY AND REGIONALNETWORKING

❚ Community Health InformationNetworks

A community health information network (CHIN)can be either a proper or a generic name for a typeof information system that is still undergoing de-velopment and definition. Another term used iscommunity health management information sys-tem (CHMIS), which can also be both a commonor proper name. Both of these networks are envi-sioned as systems that allow the seamless ex-change of clinical or administrative informationamong health care providers, payers, and other au-thorized users. Currently, there are between 75and 100 community networks in early stages ofstartup or implementation that roughly corre-spond to the CHIN or CHMIS descriptions be-low.31 (This report will use the term CHIN asgeneric and will use CHMIS only when distin-guishing features of the CHMIS model).

28 P.K. Sokol, From EDI to Electronic Commerce (New York, NY: McGraw-Hill, Inc., 1995), pp. 212-219.29 Ibid.

30 G. Muirhead, “Stake Your Rx Claim: NCPDP Issues Standard Paper Form for Reimbursement,” Drug Topics, Nov. 7, 1994, p. 106.31 R. T. Wakerly, remarks at CHINs and CHMISs: Networks for Community Health Information and Management, meeting of the National

Health Policy Forum, Washington, DC, Oct. 25, 1994.

96 | Bringing Health Care Online: The Role of Information Technologies��

��

��

��

��

At their most basic, CHINs are electronic sys-tems whereby claims filing, eligibility verifica-tion, and other transactions can be performed by aprovider (whether a single physician or a majorhealth care organization) and an insurance clear-inghouse; or whereby a physician’s office can con-tact a hospital’s information system to obtainclinical or administrative information on a patient.However, CHIN developers envision them as ex-panding into systems that link all participants inthe health care system—providers, payers, banks,pharmacies, public health agencies, employers,and others. Moreover, a fully developed CHINmight allow a physician to assemble a single pa-tient’s information across different institutionsand databases to produce a complete medical re-cord; or it could permit a researcher to aggregatethe data for many patients to compare perfor-mance of different plans and providers. In future,CHINs might also be a means for sharing access tomedical knowledge, remote diagnostic applica-tions, and expert advice based on outcome and ef-fectiveness analyses.32

The difference between a CHIN and a CHMISis primarily one of initial priorities. All of these

systems start with some initial features and ser-vices and add others as they grow. CHINs, for themost part, were developed to provide connectivityand transport of data among the users. Some ofthem are concentrating first on linking physiciansand clinics with hospitals and labs to access clini-cal data, and secondarily are providing claim fil-ing and other insurance-related services. SomeCHINs have a long-term goal of building a com-munity-wide data repository for outcomes re-search and for comparing the performance ofplans and providers, but they have not yet startedthat phase of their development. Other CHINshave no plans for building a centralized data re-pository, but envision that the standardizationthey provide will eventually allow authorized us-ers to transparently aggregate data across manydatabases, thus accomplishing the same purpose.

CHMISs, on the other hand, have started withthe concept of building a data repository for use inassessing the performance of health care providersand plans. Collection and analysis of managementinformation is a priority. Although there is varia-tion among the CHMISs started so far, most arefocusing on providing insurance transaction ser-vices (that is, connectivity and services linkingproviders and payers) and on capturing data fromthose transactions into the data repository. Ser-vices linking providers with providers to ex-change clinical data are also planned in manycases.

Issues associated with CHINs include owner-ship and control, and network design and datamanagement.

❚ Ownership and ControlThere are several possible ownership models forCHINs. One is a joint venture between a healthcare provider and an information system vendor.This is likely to be a for-profit organization, offer-ing community-wide service, with the goal of pro-viding easier communications among the various

32 D. L. Zimmerman, CHINs and CHMISs: Networks for Community Health Information and Management. Issue Brief No. 657 (Washing-

ton, DC: National Health Policy Forum, 1994).


users. The vendor may first implement servicesfor the partner or lead sponsor and then attempt tocontract with other users based on demonstrationsof the usefulness of the service. An example ofthis ownership model is the Wisconsin Health In-formation Network (WHIN), developed by Auro-ra Health Care Corp. and Ameritech HealthConnections (a subsidiary of Ameritech, the re-gional telephone provider). Initially, WHIN pro-vided physicians with access to laboratory results,patient census data, and other information in thedatabases of the hospitals where they are affili-ated. In addition, the network now offers an elec-tronic claims service for filing claims andperforming some other insurance transactions.Besides the Aurora-owned hospitals, 11 otherhospitals and their affiliated physicians are nowon the system. One difficulty with this ownershipmodel is that the system may be viewed with somesuspicion by competing hospitals who may worrythat the provider that owns the system is giving it-self some advantage. Even in cases where a ven-dor is sole owner, late adopters may view thesystem as “belonging” to the early adopters. Thereare 45 to 50 communities with vendor-ownedCHINs.

An alternative model used by some CHINs is toform an understanding among a broad group ofpotential users before the system is built andcreate an ownership structure that will be viewedas more neutral by all participants. Although theirorganization varies, systems under developmentin Vermont, New York, Washington State, Chica-go, Cincinnati, and other locations have attemptedto develop a broad coalition of communitygroups—providers, payers, and employers—be-fore the network is built. These groups then jointlysponsor the creation of a not-for-profit organiza-tion to operate the system. This model also hasdifficulties. Developing community consensusabout the goals and operation of the system cantake a great deal of time, so systems opting for thismodel come to market much more slowly. Agree-

ments between stakeholder groups may becomefragile when it becomes necessary for participantsto actually commit money to the major project. Itis not yet clear who should make the biggest in-vestments in community networks because no oneknows who will accrue the most benefit fromthem.

Other ownership patterns, including variationsand hybrids of the above, ownership by a consor-tium of vendors, or ownership by a state or localgovernment agency, are possible, and are beingtried in some locations.33

❚ Network Design and Data ManagementCHINs vary widely in their approach to the func-tion of the network, the content of the informationcarried on it, and the standards to be used by or im-posed on participants. One basic decision facingall CHINs is whether or not the network willmaintain a central database of health information.Although creating a central repository is a funda-mental goal of some networks, others have active-ly rejected the idea and use the fact that eachparticipant maintains its own proprietary data as aselling point.

Technology decisions related to designing aCHIN are complex because their goal is to bringtogether a diverse set of information suppliers andusers who are operating incompatible systems.The network must establish “rules of the road” sothat participants can share information usefully.This means standardizing formats for data contentand structure and creating interfaces so that differ-ent computers and different people can use them.In the absence of clear national standards, differ-ent CHINs are developing their own ways of do-ing this.

Figure 3-3 outlines the high-level architectureof a CHIN. The network must interact with a vari-ety of different application systems in the partici-pants’ information systems. For the most part,network participants will not be willing or able to

33 Ibid.


FIGURE 3-3: High-Level Architecture of a Community Health Information Network (CHIN)

�� +-.�$"� �*!� �� +�"*�� 2�" %*+(+$& �(� �),(& �/&+*.� +#� ��.�� &*� �� '"-(1� �"!��

�� %& �$+�� )"-& �*� �+.,&/�(� �0�(&.%&*$�� * �� ,,�� 3��


change their own operations substantially in orderto participate, so the network must develop inter-faces to diverse systems as well as gateways(sometimes called application interface gatewaysor translators) to convert messages from one stan-dard to another (e.g., from a proprietary system toHL7 or to a standard EDI format). The networkprovides a number of value-added services to par-ticipants, including switching functions like rout-ing (delivering data between trading partners),security (maintaining passwords and access con-trols; encryption), session management (e.g.,creating audit trails), and messaging (harmoniz-ing disparate e-mail systems and providing accessto external databases or networks). Generally thenetwork also provides support functions for userorganizations, including a help desk and billingand administrative information on system use.

User interface and point-of-service mecha-nisms, such as card readers and other devices, canprovide access to the network and initiate transac-tions. For example, scanning a patient’s identifi-cation card can initiate a verification of thepatient’s eligibility for benefits. For more in-formation on cards as access and identification de-vices, see box 3-4.

User interfaces can be customized to allow eachuser to see data in the form that is most convenientfor that user, as shown in figure 3-4. When a physi-cian’s office contacts different hospitals for pa-tient information, the user will see the informationin that office’s preferred format, despite the differ-ences in hospital information systems. Similarly,any data from the hospital that need to be down-loaded into the physician’s practice managementsystem are formatted to be acceptable to that sys-

BOX 3-4: Card Technology and Health Records

�#�')� ��'�(�� #��$�) �� ()' &�� '�(�� $�� %)��'� (#�""� &%')��"�� + ��(� #�.� %��'� �� "%,2�%()� ,�.� )%

()%'�� $�� )'�$(��'� �"��)'%$ �� ")�� $�%'#�) %$�� '�(� ��$� �� *(�� (� ��$) � ��) %$� �$�� *)�%' /�) %$

)%%"(� %'� �(� ��)*�"� ()%'�� #�� '�(� �*''�$)".� &"�.� �� '%"�� $� )�� ")�� '�� (.()�#�� &'��%# $�$)".� �(

�� #��$(� %�� &�) �$)� ��$) � ��) %$� �$�� ((%� �) %$� , )�� &�') �*"�'� ��")�� &"�$�

�.&�(� %�� '�(� $�"*��

�1��&�'� ��'�(�� *(*�"".� , )�� &' $)�� )�� $�� &�'��&(� , )�� '� �%�� %'� #��$�) �� ()' &�� )��(�� '�� *(*2

�"".� ((*�� .� ��")�� &"�$(� �(� �� #��$(� %�� $) � ��) %$�

�1��$�) �� ()' &�� '�(�� (*�� (� )�%(�� , ��".� *(�� $� )�� $�$� �"� $�*()'.� �� '�� )� �$�� *)%#�)��

)�""�'� #�� $�3��3��'�(�� #��$�) �� ()' &�� %$� )�� !� ��$� ��''.� �� " # )�� #%*$)� %�� $�%'#�2

) %$3 � ��'��)�'(� $� )�� (�� %�� ).& ��"� )�'��2)'��!� ��'�� .� �'�� ).& ��"".� *(�� , )�� %$" $�� (.(2

)�#(� �%'� ��(( $�� )��(��

�1�#�')� ��'�(� ��+�� $� $)��'�)�� '�* )� �� &� , )�� '�$�� %�� &�� " ) �(�� .� ��$� (*&&%')� (��*' ).

��)*'�(� (*�� (� �$�'.&) %$� �$�� '�$) �"� ��((� �%'� � ��'�$)� &�')(� %�� )�� '�� .� ��$� �� *(��

)%� $)�'��)� , )�� %$" $�� (.()�#(� %'� )%� ()%'�� +�'. $�� #%*$)(� %�� )�� )�� ).& ��"� �2! "%� )� ��'�� ()%'�(

%$�� *""� &�� %�� )�-)�� !*&� �%&.� %�� ()%'�� )�� #�.� �� !�&)� %$� �� &'%+ ��'�(� �%#&*)�'� )%� &'%)��)

�� $()� "%((�

�1��(�'� %&) ��"� ��'�(� ��''.� �� , �� ()' &�� %$� )�� !� )��)� �%$)� $(� $�%'#�) %$� )��)� (� 0�*'$�� $)%� )��

��'�� , )�� "�(�'�� $�� ,' ))�$�� )�� $$%)� �� #%� � �� ")�%*�� $�,� ��)�� $� �� )%� (%#�

).&�(� %�� "�(�'� %&) ��"� ��'�(�� .� ��$� ��''.� �� #��.)�(� %�� )�"� $�%'#�) %$� ��%*)� �� &��(

%�� )�-)�� .� ).& ��"".� �%� $%)� ��+�� (��*' ).� ��)*'�(� *$"�((� �$� $)��'�)�� '�* )� �� &� (� �� )%� )��

��'�� %'� )� (� &*'&%(��

��


BOX 3-4: Card Technology and Health Records (Cont’d.)

�0� 6*'� *'#.6*� %#4'� 5;56'/�� %#4&5� %17.&� $'� 75'&� 61�� 564'#/.+0'� 8#4+175� #&/+0+564#6+8'� (70%6+105� �'�)��

%.#+/5� 241%'55+0)�� #761/#6'� (70%6+105� 6*#6� 6'0&� 61� $'� 4'2'6+6+8'� +0� 0#674'� �'�)�� (+..+0)� 176� /'&+%#.� *+561?

4;� (14/5�� #0&� +/2418'� 6*'� 37#.+6;� 1(� %#4'� $;� 4'&7%+0)� 6*'� .+-'.+*11&� 1(� &72.+%#6+8'� 6'56+0)� 14� 2155+$.'

&47)� +06'4#%6+105�� 16'06+#.� #22.+%#6+105� 1(� %#4&� 6'%*01.1);� +0%.7&'�

�>�#6+'06� �&'06+(+%#6+10�� '041../'06� 8'4+(+%#6+10�� #0&� '.+)+$+.+6;� 8'4+(+%#6+10

�>�/'4)'0%;� �0(14/#6+10

�>�#;/'065� #0&� %.#+/� 241%'55+0)

�>�4'5%4+26+105

�>�'&+%#.� *+5614;

�#)0'6+%� 564+2'� %#4&5� *#8'� 9+&'� 75'� +0� *'#.6*� %#4'� +0� 6*'� !0+6'&� �6#6'5�� 2'4*#25� $'%#75'� 1(� 6*'

.#4)'� +056#..'&� $#5'� 1(� %#4&5� #0&� %#4&� 4'#&'45� #.4'#&;� +0� 75'� $;� 6*'� (+0#0%+#.� +0&7564;� #0&� 6*'� 27$.+%�5

(#/+.+#4+6;� 9+6*� 6*'5'� %#4&5�� 07/$'4� 1(� !�� *'#.6*� 2.#05� 75'� 2.#56+%� /#)0'6+%� 564+2'� %#4&5�� #0&� #6

.'#56� � 56#6'5� 75'� 6*'/� 61� +&'06+(;� 2'12.'� '.+)+$.'� (14� �'&+%#+&� $'0'(+65�� *'� 2#6+'06� 24'5'065� 6*'� %#4&

9*'0� '06'4+0)� 6*'� *152+6#.�� 2418+&'4�5� 1((+%'�� 14� 16*'4� .1%#6+10�� "*'0� 6*'� %#4&� +5� 5%#00'&�� +0(14/#6+10

6*#6� #.4'#&;� ':+565� #$176� 6*'� 2#6+'06� %#0� $'� .+0-'&� 9+6*� 0'9.;� '06'4'&� &#6#� +0� #0� #761/#6'&� (#5*+10�

�.+)+$+.+6;� (14� 5'48+%'�� 6*'� #/1706� 1(� 6*'� %12#;/'06�� #0&� 16*'4� 2#;/'06� +0(14/#6+10� %#0� #.51� $'� 1$?

6#+0'&� 37+%-.;� 51� 6*#6� #%%17065� %#0� $'� 5'66.'&� $'(14'� 6*'� 2#6+'06� .'#8'5�� .6*17)*� /#)0'6+%� 564+2'

%#4&5� %#44;� 10.;� #� 5/#..� #/1706� 1(� +0(14/#6+10�� 6*';� #4'� 75'(7.� #5� #%%'55� &'8+%'5� 61� .+0-� 9+6*� 6*'� 241?

8+&'4�5� 14� 2#;'4�5� 10.+0'� &#6#$#5'5�� #0&� 6*'� !�� 6'.'%1//70+%#6+105� +0(4#5647%674'� +5� #&'37#6'� 61� 241?

8+&'� 6*'5'� .+0-#)'5� +0� #./156� #0;� .1%#6+10�

�� 07/$'4� 1(� *'#.6*� 2.#05� +0� 6*'� !0+6'&� �6#6'5� #4'� 6'56+0)� 6*'� 75'� 1(� 5/#46� %#4&5�� 744'06.;�� 56#0?

&#4&5� (14� 6*'� &#6#� (14/#6�� '0%4;26+10�� #0&� 5'%74+6;� ('#674'5� #4'� 10.;� $')+00+0)� 61� '/'4)'�� *+5� /'#05

6*#6� %#4&5� #4'� 10.;� $'+0)� 75'&� 9+6*+0� %.15'&� 5;56'/5�� *'� �'2#46/'06� 1(� �'('05'� +5� %10&7%6+0)� #� /7.?

6+/'&+#� �/#)0'6+%� 564+2'�� $#4� %1&'�� +06')4#6'&� %+4%7+6� %*+2�� #0&� 2*161)4#2*�� +&'06+(+%#6+10� %#4&� 2+.16

241)4#/�� 9*+%*� 9+..� 6'56� 6*'� 8+#$+.+6;� 1(� &'2.1;+0)� 5/#46� %#4&5� (14� /7.6+(70%6+10#.� 274215'5� 9+6*� #� 24+/#?

4;� (1%75� 10� *'#.6*� %#4'�� #0#&#�� 4'#6� �4+6#+0�� #0&� �#2#0� #4'� #.51� .11-+0)� +061� 5/#46� %#4&5� (14� *'#.6*

%#4'� +0(14/#6+10�

�/#46� %#4&5� #4'� 75'&� /14'� 9+&'.;� +0� �7412'� 6*#0� +0� 6*'� !0+6'&� �6#6'5�� $76� '8'0� +0� �7412'�� 6*'+4� 75'

+0� *'#.6*� %#4'� +5� 24+/#4+.;� (14� +&'06+(+%#6+10� #0&� (14� .+/+6'&� #/17065� 1(� %.+0+%#.� #0&� #&/+0+564#6+8'� +0(14/#?

6+10�� 0� �'4/#0;�� 5/#46� %#4&5� )'0'4#..;� %106#+0� 10.;� #&/+0+564#6+8'� +0(14/#6+10�� 0� �4#0%'�� %#4&5� 6;2+?

%#..;� %106#+0� 51/'� %.+0+%#.� +0(14/#6+10�� $76� 6*'4'� +5� 01� #66'/26� 61� 5614'� #� %1/2.'6'� /'&+%#.� 4'%14&�� 4#6*?

'4�� $#5+%� +0(14/#6+10� +5� 2.#%'&� 10� 6*'� %#4&� #0&� /#;� $'� #%%'55'&� $;� 2418+&'45� 14� 2*#4/#%+'5� 61� 4'&7%'

'44145� 14� 61� 52''&� &#6#� 241%'55+0)�� *'� 5614#)'� %#2#%+6;� 1(� /#0;� %#4&5� %744'06.;� +0� 75'� +5� 757#..;� 016

57((+%+'06� 61� /#+06#+0� #� %1/2.'6'� /'&+%#.� *+5614;�� #.6*17)*� *+)*'4� %#2#%+6;� %#4&5� #4'� $'%1/+0)� #8#+.?

#$.'�� "+&'524'#&� 75'� 1(� 2146#$.'� '.'%6410+%� 2#6+'06� 4'%14&5� +0� %#4&� (14/� 9+..� &'2'0&� 10� 6*'� #8#+.#$+.+6;

1(� 56#0&#4&+<'&� 2#6+'06� 4'%14&� 5;56'/5� +0� 6*'� %1/276'45� 1(� #..� 2418+&'45� 9*1� 9+..� +06'4#%6� 9+6*� #0&� 72?

&#6'� 6*'� %#4&5�� 7%*� 5;56'/5� #4'� 016� %744'06.;� #8#+.#$.'� +0� �7412'� 14� 6*'� !0+6'&� �6#6'5�

�#5'4� 126+%#.� %#4&5� #4'� 56+..� #0� '/'4)+0)� 6'%*01.1);� #0&� #4'� 016� 9+&'.;� 75'&�� 0� 10'� 2+.16� 241,'%6�� 6*'

':#5� �'2#46/'06� 1(� �7/#0� �'5174%'5� *#5� +557'&� �� %#4&5� %106#+0+0)� &'/1)4#2*+%� +0(14/#6+10

#0&� +//70+<#6+10� 4'%14&5�� 37+2/'06� 61� 4'#&� 6*'� %#4&5� +5� #8#+.#$.'� #6� 10.;� #� ('9� .1%#6+105�� $76� 6*'

241,'%6� +5� ':2'%6'&� 61� ':2#0&�� :2'4+/'065� 9+6*� .#5'4� 126+%#.� *'#.6*� %#4&5� #4'� #.51� 70&'4� 9#;� +0� �%16?

.#0&�

��!�� &#26'&� (41/� �*1'0+:� �.#00+0)� #0&� �8#.7#6+10�� 6&�� =�16'06+#.� �#4&� �22.+%#6+105� +0� 6*'� �'#.6*� �#4'� �0&7564;�� 7027$?

.+5*'&� %1064#%614� 4'2146� 24'2#4'&� (14� 6*'� �((+%'� 1(� '%*01.1);� �55'55/'06�� #07#4;� ��


FIGURE 3-4: Common User Interface

�-1$�� -++-,� 20$/� 0401$+�0� 0(&,�-,� **-30� %-/� � "201-+� 0"/$$,� �/$& /#*$00� -%� ..*(" 1(-,�� %-/� 20$/0� ""-/#(,&� 1-� 1'$(/� ./-%(*$0�

�� # .1$#� %/-+� �� -/0 &$� ,#� �� -!$,�� 5�$"',-*-&(" *� �+.*(" 1(-,0� -%� ��0�� (,� �� )$/*4� �$#��

�� '(" &-�� +$/(" ,� �-0.(1 *� �2!*(0'(,&�� ,"�� ..��

tem. The network system maintains a profile ofeach user and the way that information must bepresented. Similarly, data for claims filing or othertransactions can be entered by the physician’s of-fice in a single format, regardless of payer. Thenetwork, through the application integration gate-way function, can then take responsibility fortranslating or reformatting the information to suitthe requirements of each payer. This approachshould reduce a participant’s training costs be-cause employees only have to learn one set ofmenus and navigational tools.

While the user’s view of data appears inte-grated through the use of common user interfacemechanisms, actually integrating data across mul-

tiple databases is another problem entirely.CHINs that include a central data repository areaddressing this problem now. A repository is a“central database populated by transactions fromseveral disparate departmental and organizationalsystems.”34 The repository contains copies oftransaction data carried out by various tradingpartners; it is not the original or sole source of in-formation. Management of information from dis-parate sources can be a complex task:

To ensure data integrity, the [application in-tegration gateway] should have data audit andcontrol mechanisms to synchronize replicateddata with its various storage locations. The taskof determining which transaction system is the

34 M.R. Gorsage and J.W. Hoben, “Technological Implications of CHINs,” in R. T. Wakerly (ed.), Community Health Information Net-

works: Creating the Health Care Data Highway (Chicago, IL: American Hospital Publishing, Inc., 1994), pp. 115-140.


FIGURE 3-5: Federated Database Approach for a Community Health Information System (CHIN)

�+0"�� 3/0")/� +*� 0%"� �� 2&0%� 0%"&.� +2*� .",+/&0+.&"/� 2&((� ."-1&."� �*� &*0"((&$"*0� $�0"2�3� 0+� )�0 %� #&"(!� *�)"/� 2&0%� !�0��

�� +./�$"� �*!� �� +�"*�� 4�" %*+(+$& �(� �),(& �0&+*/� +#� ��/�� &*� �� '".(3� �"!��

�� %& �$+�� )".& �*� �+/,&0�(� �1�(&/%&*$�� * ��

�� ,,�� 5��

master or owner of specific data elements is dip-lomatic and political rather than technological.35

Through use of a common data model, the reposi-tory can be mapped onto the various systems ofrecord. Data for different entities can be tied to-gether by using unique identifiers for patients,payers, sites, providers, and other entities.

In time, a central repository containing bothclinical and administrative information could be-come too large to manage efficiently, especially ifit includes diagnostic images. An alternative ap-proach to managing community-wide informa-tion is to maintain an intelligent central repositorythat manages a federation of independent data-bases. All databases would share a common glob-

al model, and the central repository would containnot copies of the transactions, but information onwhere to find the information. This metatransac-tion (transactions about transactions) repositorywould then contact the individual databases tocollect information needed by an authorized user,and would have the knowledge needed for resolv-ing any differences between the databases. Thisconcept is illustrated in figure 3-5.

❚ Community Networks and EnterpriseNetworks

There is uncertainty about the role of CHINs asmanaged care organizations and integrated deliv-ery systems (IDSs) begin to dominate health care

35 Ibid.


delivery. CHIN development takes time and, inthe meantime, some IDSs may build their ownproprietary enterprise-wide networks. IDSs willcarry out most of their data communication on theirown enterprise networks because many of theiradministrative functions will be internal, and theymay not need to join a community-wide network.

There are two schools of thought on the pos-sible interactions of CHINs and IDS networks.One holds that IDSs have no need for CHINs, andthat CHINs are a short-term or limited phenome-non that will fade as markets become dominatedby two or three competing managed care organiza-tions. Because the IDSs are competitors, they willhave no incentive to share information, and thusconnectivity between them will not be needed.

The other school of thought says that IDSs needCHINs because even in a managed care environ-ment there will still be out-of-plan referrals, pro-viders with multiple affiliations, and mobility ofproviders and patients among plans. In order to betotally electronic in processing administrative in-formation, IDSs will need access to a community-wide or regional network infrastructure. Further,even though IDSs will want to keep private theirown data on outcomes, utilization, and costs, it islikely that large purchasers of health care (and per-haps regulatory agencies) will insist on seeing atleast some of this information on a community-wide basis, and CHINs will offer a mechanism.36

There is even the view that some IDSs will eventu-ally become CHINs, perhaps setting up subsid-iaries to offer CHIN services to their competitorsand unaffiliated providers in their communities.37

❚ Networking and Public HealthThe usefulness of community and regional net-works increases if they are also able to interactwith public health agencies at the local, state, orfederal levels. The Department of Health and Hu-

man Services has been tasked by the Administra-tion to act as the lead agency in coordinatingfederal government activities related to health in-formation systems.38 Among the long-term goalsto be pursued is the creation of a national forum forcollaboration on standards development forhealth information. Health information networks,automated payment systems, and other systemsare part of the national information infrastructure(NII) where public- and private-sector activitiesneed to be coordinated.

The Public Health Practice Program Office atthe Centers for Disease Control (CDC) is develop-ing an Information Network for Public Health Of-ficials (INPHO) that provides state and localpublic health officials with access to timely in-formation on disease prevention and healthpromotion, including: 1) local and national dis-ease and injury rates and associated risk factorsand prevention measures; 2) preventive healthdata, guidelines, regulations, training materials,and emergency notices; and 3) reports of epide-miological investigations. The system will initial-ly employ CDC’s personal computer software(WONDER) as well as voice and fax technolo-gies, but will eventually use Internet tools. It willprovide an electronic mail service for federal,state, and local public health officials, startingwith local area networks and building towardwide area networks. The INPHO system is beingpilot-tested in Georgia through a $5.2 milliongrant from the Robert W. Woodruff Foundation toEmory University in Atlanta, teamed with severalother academic and state government organiza-tions in Georgia.

COSTS AND COST-EFFECTIVENESS

❚ System CostsHigh system costs often pose a barrier for a busi-ness wanting to embrace EDI. Hardware, soft-

36 F. Bazzoli, “Will CHINs Be Able To Mesh with Enterprise Networks?” Health Data Management, March 1995, pp. 47-52.

37 R.T. Wakerly, “Models of CHIN Ownership,” in Wakerly, op cit., footnote 34, pp. 53-71.38 A. Gore, Vice President, Washington, DC, memorandum to D. Shalala, Secretary of Health and Human Services, Washington, DC, Mar. 8,

1995.


ware, installation, and staff training are allexpensive. If an organization opts to work throughan electronic claims company or a VAN, it mustpay per-transaction charges. If it creates a directline to its trading partners, it will incur costs fornetwork setup and telecommunications equip-ment. Staff will be required to manage the system,adapt it to changing standards, and act as a liaisonwith new trading partners.

One estimate puts the total average, per-compa-ny EDI investment at between $200,000 and$700,000.39 The lower figure is for a suppliercompany, while the higher is for a large companyseeking to connect all its suppliers. For the healthcare industry, WEDI estimates implementationcosts at $7,500 to $15,000 for individual profes-sionals and $25,000 to $500,000 for institu-tions.40 Costs include hardware, software,consulting, and VAN charges. Most companies donot perform a break-even analysis, according tothe EDI Group, a firm that studies EDI use gener-ally. Those that do, however, report that they reachthe break-even point within two years.41

There are relatively weak near-term incentivesfor some users in the health care industry to as-sume the high initial costs of EDI. Although thereare promises of administrative savings, these willbe spread out among most sectors of the industry.Further, it is likely that savings will not be fullyrealized until all transactions are electronic. Abusiness that has some trading partners using EDIand some using paper has the expense of maintain-ing both systems. This is often the case in healthcare at this time.

❚ National Estimates of AdministrativeCost Savings

A number of key studies focus on national esti-mates of potential savings from using informationtechnology for health care administrative func-tions. These include studies by WEDI, the TiberGroup, Arthur D. Little, Inc. (ADL), HCFA, andLewin-VHI.42 The findings of these studies aresummarized in table 3-1. It is important to notethat comparisons across studies should be madewith caution: the definitions used for the variousadministrative transactions vary widely, as do themethodologies for estimating costs and savings.Still, it is instructive to examine the findings fromthese studies in clarifying possible savings frominformation technologies in health care.

The studies on national administrative savingsproject that information technology applicationscould save in the range of $5 billion to $36 billionper year in total health costs, which translates intoapproximately 0.5 to 3.6 percent of total nationalhealth spending. The Tiber Group study (whichwas commissioned as part of the WEDI Report)attempted to differentiate the savings per transac-tion for payers and for providers. It found that thegreatest savings for both would be in the areas ofclaims inquiry and claims submission—which arevery information-intensive. With the exception ofthe ADL report (which included some clinical aswell as administrative functions), the magnitudeof the projected annual savings was quite similaracross studies.

There is some reason to believe that these esti-mates may be overly optimistic. For example, ex-

39 D. M. Ferguson and D. J. Masson, “The State of EDI in the U.S. in 1993,” EDI Forum, vol. 6, No. 4, 1993, p. 10.40 R.L. Schaich, “Health Care Reform Costs and Benefits,” EDI World, vol. 3, No. 12, December 1993, p. 51.41 Ibid.42 WEDI estimates and Tiber Group estimates are reported in WEDI, op. cit., footnote 27; Arthur D. Little, Inc., Telecommunications: Can It

Help Solve America’s Health Care Problems? No. 91810-98 (Cambridge, MA: July 1992); U.S. Department of Health and Human Services,Health Care Financing Administration, White Paper on Financial Implications of Information Technology, 1991; Lewin-VHI, Reducing Ad-ministrative Costs in a Pluralistic Delivery System, report prepared for the Healthcare Financial Management Association, Apr. 30, 1993).

105Chapter 3 Networks for Health Information

TABL

E 3-

1: E

stim

ates

of C

ost S

avin

gs fo

r Pay

ers,

Pro

vide

rs, a

nd E

mpl

oyer

s Th

roug

h th

e U

se o

f Inf

orm

atio

n Te

chno

logy

ÁÁÁÁ

ÁÁÁÁ

Stu

dy

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

App

licat

ion/

func

tion

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Cla

ims

subm

issi

on

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Enr

ollm

ent

ÁÁÁÁÁ

ÁÁÁÁÁ

Pay

men

t &re

mitt

ance

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Elig

ibili

ty

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Cla

ims

inqu

iry

ÁÁÁÁÁ

ÁÁÁÁÁ

Tota

lne

t sav

ings

ÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ

Wor

kgro

up fo

r E

lect

roni

c D

ata

Inte

rcha

nge

(WE

DI)

��(;�$557/26,105

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

�� 61��%,..,10

$007$..;

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��61��%,..,10

$007$..;

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��61��%,..,10

$007$..;

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

�� 61��%,..,10

$007$..;

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��61��%,..,10

$007$..;

ÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁ

��%,..,10

�18(4�5,:

;($45�

ÁÁÁÁÁÁÁÁÁÁÁÁ








��&1/24(+(05,8(��56$0'$4',<('��.(&6410,&

�$6$��06(4&+$0*(�&$2$%,.,6;�,5�(56$%.,5+('

6+417*+176�6+(�+($.6+�&$4(�5;56(/�$&&14',0*

61�$0�$**4(55,8(�,/

2.(/(06$6,10�5&+('7.(

18(4�6+(�0(:6�6+4((�;($45�

� 6$0'$4'�)14/$65�9,..�%(�$'+(4('�61�8(4;

5110�

��/2.1;(4�$761/$6,10�&1565�10.;�4().(&6�6+(

&1565�4(37,4('�61�$761/$6(�6+(�64$05)(4�1)

(041../

(06�'$6$�)14�&1/2$0,(5�9,6+�18(4� �

(/2.1;((5�

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁ








��14�(041../

(06��(/2.1;(45�9,6+�/14(�6+$0� �

(/2.1;((5�9,..�5$8(�� 61��!��14��61

��2(4�;($4��/,075�$007$.�64$05$&6,10�&1565�1)��

�� 6,/(5� �64$05$&6,105��

��14�(.,*,%,.,6;��6+(4(�9,..�%(�$0�(.,/

,0$6,10�1)�0($4.;��

,056,676,105�61�/$,06$,0�(041../

(06�14�(.,*,%,.,6;�.,565�572?

2.,('�%;�2$;(45

��14�2$;/(06�$0'�4(/,66$0&(��10�$8(4$*(��6+(4(�$4(�

&.$,/5�2(4�4(/,66$0&(�$'8,&(�









��/2.(/(06$6,10�5&+('7.(�$557/(5�&1565�$4(�$/146,<('

18(4�6+4((�;($45

?��,/

2.(/(06$6,10�1&&745�,0�;($4�

?��,/

2.(/(06$6,10�1&&745�,0�;($4�

?��,/

2.(/(06$6,10�1&&745�,0�;($4��

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

174&(5��4(8,175�#��),0',0*5��($.6+��$4(��,0$0&,$.��'/,0,564$6,10�4(21465��,66.(�4(2146��(9,0?"��4(2146��24124,(6$4;�'$6$��$0'�!,%(4��4172�567';��9+,&+�9$5�2$46�1)�#��4(2146�

ÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ

Tibe

r Gro

up s

tudy

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

��

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

��

ÁÁÁÁÁ

ÁÁÁÁÁ

��

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��

ÁÁÁÁ

ÁÁÁÁ

��%,..,10

ÁÁÁÁÁÁÁÁÁÁ


=��(;�$557/26,105

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁ


ÁÁÁÁÁÁÁÁÁÁÁÁÁ

�5$8,0*5�2(4�64$05$&6,10�)14�,0574(4��6+(0�+152,6$.�

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁ

>�18(4� �;($45�






� 6$4672�&1565�$0'�),:('�&1565�75('�,0�6+(

567';�9(4(�$557/('�61�%(�57)),&,(06�)14

��

� 748(;5�9(4(�&1/2.(6('�%;�10.;��2+;5,?

&,$05��0,0(�+152,6$.5��$0'�5,:�2$;(45��!+(4(?

)14(��6+(�'$6$�$4(�$557/('�61�%(�(:6(40$..;

8$.,'�,0�14'(4�61�241-(&6�0$6,10$.�5$8,0*5�






��41$'�'(),0,6,105�)14�6+(�$22.,&$6,105��14�64$05$&6,105�

9(4(�0(&(55$4;�'7(�61�'(),0,6,10$.�,557(5�$6�/$0;�'(/?

10564$6,10�5,6(5�

��8(0�6+17*+�24,&(�&1/2(6,6,10�,0�6+(�&1/276(4�,0'7564;

,5�37,6(�+,*+��&1565�9(4(�+(.'�&1056$06�)14�6+(�567';�

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

= 174&(�� 748(;5�$6�($&+�1)�6+4((�'(/10564$6,10�5,6(5�

ÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ

Art

hur

D. L

ittle

=��(;�$557/26,105

ÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁ

��%,..,10

$007$..;

Á Á ÁÁÁÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁ

ÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁÁÁÁÁ



��%,..,10

$007$..;









�!+(��%,..,10�,0�5$8,0*5�016�'7(�61�&.$,/5

57%/,55,10�9,..�&1/(�)41/�(.(&6410,&�/$0?

$*(/(06�$0'�64$052146$6,10�1)�2$6,(06�,0?

)14/$6,10��,0&.7',0*��6+(�75(�1)�+1/(�+($.6+

6(4/,0$.5�61�4('7&(�',5&755,105�9,6+�2418,'?

(45��4('7&6,10�,0�(/(4*(0&;�411/�8,5,65��($4?

.;�,06(48(06,10��$0'�,/

2418('�&4($6,10��64$05?

2146��5614$*(��$0'�4(64,(8$.�1)�&1/276(4?

%$5('�2$6,(06�4(&14'5�

��(*$.�,557(5�4(*$4',0*�.,$%,.,6;�9,..�+$8(

%((0�4(51.8('�

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ








��/2.(/(06$6,10�&1565�$4(�016�,0&.7'('�,0�6+(�(&101/,&�/1'(.�

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ


174&(5��$6$�9(4(�*$6+(4('�)41/�$8$,.$%.(�4(5($4&+�$0'�2,.16�567',(5�9+(0�$8$,.$%.(��16+(49,5(�'(6(4/,0('�%;�2$0(.�1)�(:2(465�$6��46+74��,66.(�>

>>>>>>>>>>>



�&106,07('�

106 Bringing Health Care Online: The Role of Information Technologies

TABL

E 3-

1: E

stim

ates

of C

ost S

avin

gs fo

r Pay

ers,

Pro

vide

rs, a

nd E

mpl

oyer

s Th

roug

h th

e U

se o

f Inf

orm

atio

n Te

chno

logy

(Con

t’d.)

ÁÁÁÁ

ÁÁÁÁ

ÁÁÁÁ

Stu

dy

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

App

licat

ion/

func

tion

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Cla

ims

subm

issi

on

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Enr

ollm

ent

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Pay

men

t &re

mitt

ance

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

Elig

ibili

ty

ÁÁÁÁ

ÁÁÁÁ

ÁÁÁÁ

Cla

ims

inqu

iry

ÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁ

Tota

lne

t sav

ings

ÁÁÁÁÁÁÁÁÁÁÁ


Hea

lth C

are

Fin

anci

ng A

dmin

istr

atio

n

�,?�(99;36:0549

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

� ��)022054

(44;(22?

ÁÁÁÁÁ

ÁÁÁÁÁ

��)022054

(44;(22?

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��)022054

(44;(22?

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��)022054�

(44;(22?

ÁÁÁÁ

ÁÁÁÁ

��)022054�

(44;(22?

ÁÁÁÁÁÁ

ÁÁÁÁÁÁ

��:5��)022054�

�5<,8�90>�?,(89�








��58�*2(039�9;)3099054��6(?,89�(4+�685<0+C

,89�=022�,(*/�9(<,� ��*,4:9�6,8�*2(03�-58�(4

,9:03(:,+�:/8,,�)022054�6(6,8�*2(039�

��58�,20.0)020:?��(99;3,+�� 3022054�:8(49(*C

:0549�(4+�9(<04.9�5-��6,8�:8(49(*:054�

��58�*2(039�047;08?��(99;3,+�685<0+,8�9(<C

04.9�=5;2+�),�54,C/(2-�(9�3;*/�(9�6(?,8

9(<04.9�,9:03(:,+�)?�'��








��+30409:8(:0<,�*59:9�(99;3,+�:5�),�.85=04.�(:�:/,�8(:,

5-�:5:(2�/,(2:/�*(8,�,>6,4+0:;8,9�

��(*/�<090:��:,9:��58�685*,+;8,�6,8-583,+�)?�(�685<0+,8�09

*5;4:,+�(9�(�9,6(8(:,�@*2(03��

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁ

A#5;8*,��'��8,658:�685<0+,+�359:�5-�:/,�04-583(:054�




Lew

in-V

HI

�,?�(99;36:0549




B��:5�� )022054

B(44;(22?

ÁÁÁÁÁÁÁ

ÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ



��:5�� )022054

4,:�04��





�$/,�,4:08,�3,+0*(2�)022��(22�:,9:9�(4+�685C

*,+;8,9��09�*5;4:,+�(9�54,�*2(03�

��58�*2(039�9;)3099054��685<0+,89�=022

9(<,��6,8�*2(03�(4+�6(?,89�=022

9(<,��*,4:9�6,8�*2(03�





ÁÁÁÁÁÁÁÁ

ÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁ

ÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁ




#5;8*,9��59:�,9:03(:,9�-853��54.8,99054(2��;+.,:� --0*,�(4+��,4,8(2��**5;4:04.� --0*,��04+;9:8?�95;8*,9��04*2;+04.�$/,��,+0*(2��85;6��(4(.,3,4:��995*0(:054��*(2*;2(:0549�)?��,=04C

&��,>6,8:9�


ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

ÁÁÁÁ



# %"��!851,*:�� !��,4:,8�-58��,(2:/��--(089��,:/,9+(��@�9:03(:04.�:/,��59:C�--,*:0<,4,99�5-�#,2,*:,+��4-583(:054�$,*/4525.?��6620*(:0549��;46;)209/,+�*54C

:8(*:58�8,658:�68,6(8,+�-58�:/,� --0*,�5-�$,*/4525.?��99,993,4:��%�#��54.8,99��'(9/04.:54��(?��


perts interviewed by OTA note that theassumption by both WEDI and the Tiber Groupthat EDI will be rapidly implemented by a highpercentage of providers and payers is unrealistic.However, the WEDI Report’s other assumptionson savings from specific administrative transac-tions, which were based on industry surveys andcase studies, seem to be more reasonable.43 Poten-tial savings noted in the ADL report also seemgenerous for a number of reasons. The report didnot include the costs of implementing new sys-tems, for example. The authors defended thisomission by pointing to the variability of pricing,and the fact that the cost of implementation wouldbe widely shared with other industry applications.Another problem was that some of the categoriesof cost savings were vague and the data used tosupport the claims were not always well justified.Finally, the results include some clinical applica-tions as well as administrative applications, socomparisons with other national estimates are dif-ficult to make.

The HCFA results, which relied heavily on theWEDI methodology, may also be optimistic forreasons noted above. In addition, the report wasnot explicit about how some of the calculationswere made. The Lewin-VHI report was also vagueabout some of the assumptions underlying theircalculations.

Despite limitations, however, it is interesting tonote that the studies taken together suggest that in-formation technology applications in health careadministration will produce important, but not in-ordinate, savings to the health care system. In lightof some claims made about the potential reductionin administrative costs that would arise from in-formation technology, the actual savings pro-jected appear rather modest. This generalprediction seemed to be shared by experts inter-viewed by OTA. They also emphasized that thefact that existing studies do not show large savingsdoes not diminish the potential importance oftechnology applications in increasing system effi-

ciencies (which may be difficult to capture in anevaluation) or in improving patient care.

❚ Savings from Reducing Errors andDetecting Fraud

Creating a health care bill or claim is a very com-plex process, and there are many opportunities forunintentional error or deliberate fraud. An impor-tant part of developing the bill is to describe theprocedures performed for the patient. This in-formation must be transferred from the patient re-cord to the administrative system and, ultimately,into the bill or claim. Many payers, includingHCFA, use one of several diagnostic and proce-dural coding languages, such as ICD-9-CM, as thebasis of their payment formula. Many providerstry to capture coding information as close to thesource as possible, for example, by listing thecode along with the procedure name on paperforms physicians use for ordering tests and proce-dures, or by having a computer-based system au-tomatically record the code whenever a procedureis ordered by name. When diagnoses and proce-dures are not captured in coded form (e.g., if theyare written in free-hand notes), then trained codersmust read through the record to find informationto be put in the bill.

The coding systems are far from perfect. Deci-sions about which code to use are not always clearand can be the subject of negotiation betweenpayer and provider while a complex claim is adju-dicated. Misreading, miskeying, and other mis-takes can cause bills to have incorrect codes. Inaddition, some providers deliberately engage infraudulent practices such as upcoding (describingthe procedure performed with the code for a morecomplex one) and unbundling (billing for two ormore procedures when a single comprehensivecode exists that describes the procedure per-formed) in an attempt to get a higher level of com-pensation from the payer.

A number of software products have been de-veloped to check claims for inconsistent, erro-

43 Project HOPE Center for Health Affairs, op. cit., footnote 2.


neous, or suspicious coding. Some payers havetheir own proprietary systems to check claims be-fore paying.44 In addition, a number of commer-cial products are available for payers, providers,or other firms that prepare claims on a provider’sbehalf. Detecting obvious errors in bills saves pro-viders the trouble and expense of submittingclaims that will be rejected; such software issometimes available in practice management sys-tems and other administrative software for provid-ers.

A recent study by the General Accounting Of-fice (GAO) tested several commercial fraud-de-tecting software packages on samples of Medicareclaims and found them very effective in detectingerrors and flagging possible fraud. GAO sug-gested that use of such software could have savedHCFA about $603 million in 1993 and $640 mil-lion in 1994. These savings, amounting to about1.8 percent of Medicare reimbursements for sup-plies and services, are in line with the savings re-ported by private insurers using the samesoftware. GAO also notes that Medicare benefi-ciaries would have saved money as well—$134million in 1993 and $142 million in 1994.45

❚ Economic Justification of CHINsNo one has demonstrated whether of not CHINsare cost-effective. Those that exist have only beenin operation for a few years and their data have notbeen publicly analyzed. However, the large in-vestments made by vendors suggest that their ownproprietary estimates show a profitable future forCHINs. On the other hand, a number of vendorshave dropped out of this market already. In addi-tion to the large investments involved, many ofthem have perceived the possibility, or experi-

enced the reality, of failing to develop communityconsensus about the role of the CHIN and servicesthat need to be provided. Even if a project is initi-ated by a vendor rather than a coalition of commu-nity groups, it is necessary to have the interest andcommitment of a minimum number of potentialcustomers from the relevant user groups; other-wise the project is too risky.46

The investment required to build a communitynetwork is large. Estimates for WHIN suggest thatthe partners invested $4 million to $6 million inhardware, software, sales, and operations teamsbefore recouping any costs. Costs for WHIN sub-scribers depend on their size and the level of ser-vice they desire. A hospital might make aone-time investment of $50,000 to $125,000 (de-pending on its current level of automation, thenumber of custom interfaces that must be built,etc.). Ongoing costs are determined by an algo-rithm that includes the number of physicians onstaff, number of beds, and annual patient visits.Other ongoing costs include a per-transaction costfor insurance transactions. Physicians’ offices paya $450 installation and training fee, an ongoingcharge of $30 per physician per month, and a per-transaction charge for insurance services.47

Projected savings from participating in WHINcould be $750,000 to $1.5 million per year for a300-bed hospital. The actual savings might de-pend on how effectively the hospital was using in-formation technology and EDI before joining thecommunity network. Before implementing theWHIN, the Aurora Health Care Corp. operated aproprietary network for communicating with phy-sician offices. That system had required a $1 mil-lion initial investment and operating costs of$250,000 to $350,000 per year. Aurora estimates

44 J. Newall and B. Colbert, “Using Automated Bundling, Unbundling, and Rebundling Processes Before Paying Claims,” in Health In-

formation Networks, proceedings of a conference sponsored by the Health Care and Insurance Institute, Sept. 28-29, 1993, Philadelphia, PA.

45 U.S. Congress, General Accounting Office, Medicare Claims: Commercial Technology Could Save Billions Lost to Billing Abuse, GAO/

IMD-95-135 (Washington, DC: May 1995).

46 J. Sanders, remarks at CHINs and CHMISs: Networks for Community Health Information and Management, meeting of the National

Health Policy Forum, Washington, DC, Oct. 25, 1994.

47 M. Radaj, Vice President, Operations, Wisconsin Health Information Network, personal communication, July 8, 1994.


that participation in WHIN will provide greaterfunctionality for half that cost per year. Annualsavings for physicians’ practices might be in the$2,500 to $5,000 range.48 WHIN is currentlyworking with the University of Wisconsin to con-duct a cost-effectiveness study.

Cost savings to participants could accrue froma CHIN’s ability to: 1) link participants; 2) delivermanagement information at the point of service;and 3) standardize electronic transactions. Link-ing participants electronically can reduce the needfor telephone calls, travel, postage, and use of de-livery services. For example, enabling physiciansto check test results, sign attestations, or viewimages online presumably saves professionaltime by eliminating some trips to the hospital. Re-ducing phone calls can be difficult to quantify as acost savings, but many office administrators havecited it as an immediate and welcome benefit ofonline systems.

Delivering management information at thepoint of service can facilitate the process of regis-tering patients, checking their eligibility, and giv-ing them care. Having management informationavailable before treatment begins can reduce thenumber of rejected claims and other costs of work-ing without complete information. In addition,user software at the provider’s location can checkthe accuracy of entered data (e.g., in claim filing)and put data into a format preferred by the payer—all before it leaves the provider’s premises. Thiscould reduce personnel and staff training costs forboth providers and payers, and reduce the costs ofcorrecting rejected claims for both providers andpayers. Of course, services like these do not neces-sarily have to be delivered over a community-wide network. A large number of insuranceclearinghouses and other electronic medicalclaims services offer these services directly to pro-viders. The possible advantage of a CHIN is to

combine both clinical and insurance informationprocessing in a single system

Community networks offer providers of allsizes the opportunity to move toward more uni-form, standardized electronic communicationwithout having the immediate need to changetheir existing systems. More information can becaptured automatically and used in additionalways, which should reduce costs to participants.Use of common interfaces and elimination orstandardization of some key entry tasks (such asfiling insurance claims) could also reduce person-nel and training costs.

POLICY IMPLICATIONS OF ELECTRONICHEALTH INFORMATIONAmong the issues affecting the health care indus-try’s adoption of information technology are: 1)industry fragmentation; 2) complexity of in-formation needs; 3) standards; 4) standard identi-fiers; 5) an inconsistent legislative and policyenvironment; and 6) privacy, confidentiality, andsecurity concerns.

❚ Industry Fragmentation49

The industries that have implemented electroniccommerce most completely have been led by asingle industry group devoted to implementingdata standards. Examples include the Transporta-tion Data Coordinating Committee that devel-oped EDI standards for the transportation industryin the mid-1970s or the banking industry’s Na-tional Automated Clearinghouse Association.The health care industry has no single focus forEDI activities. WEDI believes that implementa-tion has been hampered as a result and will notproceed quickly unless a central entity is formedto coordinate implementation and education.50

An even more critical factor, however, is thefragmented nature of the health care industry in

48 Ibid.49 This section is based on Canright, op. cit., footnote 9.50 Workgroup for Electronic Data Interchange, op. cit., footnote 27, p. 1-9.


general. In most industries where EDI has beensuccessful (e.g., utilities, banking, transportation,and auto manufacturing), a few large organiza-tions—called hubs in the language of electroniccommerce—made EDI an explicit requirementfor continuing a business relationship. Thus, forthe smaller spoke companies, the decision was notwhether to adopt EDI, but how quickly. Onehealth care EDI consultant describes health care inthe United States as a $900 billion “cottage indus-try.”51 There are over 1.2 million health care pro-viders, ranging from single practitioners to1,000-bed hospitals and more than 3,000 privatepayers. The effective number of different providerorganizations may decline somewhat with the cur-rent trend toward hospital mergers, the purchaseof clinics and medical practices by integrated de-livery systems, and the continuing affiliation ofphysicians into independent practice associationsand other arrangements. But the structure of thehealth care industry is unlikely to approach the rel-ative simplicity of banking or air transportation.In health care, the industry hubs are providers, andmost providers are small organizations withoutthe time, finances, or staff resources to prepare im-plementation guidelines, set standards, and im-plement systems. They must rely on the guidanceof vendors that provide software, claims process-ing, and networking services.

HCFA has been the successful organization inmoving the health care industry toward EDI be-cause of its financial reach. For many health careorganizations, it was HCFA’s development of theMedicare Transaction System (MTS) and its in-centives to submit Medicare claims electronicallythat prompted initial interest in EDI. These incen-tives have included: 1) faster payment for cleanclaims (14 days for electronic, 27 for paper); 2)electronic funds transfer; and 3) free or at-costbilling software. Private sector payers are unlikelyto offer many of these incentives to providers. For

example, payers have an incentive to delay pay-ment as long as possible in order to maximize theirown use of the funds; they would be unlikely to of-fer providers quick payment as an incentive to be-gin an EDI relationship unless it could be clearlydemonstrated that EDI reduces their own costs(not the provider’s costs or the costs of the systemas a whole) enough to offset this advantage. How-ever, because many providers and payers are be-ginning to use EDI to deal with HCFA, theinfrastructure is being created that they can alsouse to deal with one another.

❚ Complexity of Information NeedsIn banking and financial services, most electronictransactions are simple and highly standardized.Consumers and businesses benefit from the easeof using the automated teller machines and creditcard transactions made possible by that standard-ization. Health care payment requires a number ofdifferent types of transactions, and often largeamounts of data have to be exchanged. In addi-tion, the procedures, information needs, paymentarrangements, and authorization procedures foreach type of transaction can vary, depending onthe characteristics of the payer, patient, patient’semployer, and sometimes the diagnosis or proce-dure involved.52 This complexity has slowed thediffusion of electronic commerce into the healthcare arena.

❚ StandardsThe key to the functionality and growth of elec-tronic medical payment lies in the establishmentof standards. As discussed in chapter 2, standards-setting and acceptance are moving slowly. Currentestimates put the number of proprietary claimsformats in use at 400—too many even for softwareto translate between sender and receiver.

51 J. J. Moynihan, “More Payers Should Convert to EDI,” Healthcare Financial Management, vol. 48, No. 5, May 1994, p. 66.52 Faulkner and Gray Health Information Center, Health Care and the Electronic Superhighway: A Provider Perspective on Electronic Data

Interchange and Automated Medical Payment (Washington, DC: Faulkner & Gray, 1992), p. 21.


The standards-setting process is voluntary andcompliance with the standards will be voluntaryas well. Yet administrative savings may not actu-ally be realized unless standards are more strin-gent and compliance with them is nearlyuniversal. As mentioned earlier, there are nearly50 different implementations of the standardUB-92 form, requiring providers and payers withinterstate business to use several versions of it. Astandard claim form will not truly be standard, forexample, as long as each payer can demand addi-tional documentation to accompany it. Whilepayers usually request additional information inan effort to reduce their own costs, the difficultyand expense of maintaining different forms pres-umably raises costs for the industry as a whole.

❚ Standard Identifiers for Individuals,Providers, and Payers

Interstate electronic commerce for health in-formation would be facilitated by a system ofstandard identifiers. Because each provider orprovider group (as well as payers and other usersof health information) maintains its own identifi-cation number scheme and assigns its own num-bers, patient records are not uniquely identifiedonce they leave the institutions where they havebeen created. This can create confusion in themulti-institutional sharing of clinical or adminis-trative information. Unique identification can beaccomplished by combining several differentidentifiers—for example, a file number, plusmiddle initial, plus address—but it is generallyagreed that a system of standard identifiers wouldbe more stable over time.

Some argue that the benefits of fully electronicrecords are more easily obtained if each individualcould be uniquely identified. If each person had auniversal patient identifier it would be easier tolink the health information maintained at differentinstitutions, for example. In addition to identify-

ing patients, health care providers and specificsites of care also need to be identified. While thereare a number of recommendations for developingnumbering schemes de novo, some industry orga-nizations recommend modifying or expanding ex-isting identification number schemes in order toget unique identifiers in place more quickly.53

Universal identifiers are common in some Eu-ropean countries where they are assigned topeople at birth. The United States has been slow toadopt a universal numbering system and manygroups have actively opposed such a system basedon privacy concerns.

The Social Security Number (SSN), or anothernumber based on it, has been recommended foruse as the universal patient identifier. Because thisnumbering system is already in place, somegroups argue that it would be the fastest and leastcostly method of instituting a universal number-ing system.54 The ubiquity and convenience of theSSN make it a tempting candidate for a universalhealth identifier.

However, privacy advocates have opposed theuse of the SSN as a health identifier precisely be-cause it has had so many other uses. The SSN isthe key to a lot of nonhealth-related informationabout a person—including financial, tax, credit,educational, and other information on file withgovernment agencies and private firms. It is veryeasy, with access to the SSN, to quickly developdetailed dossiers on anyone. In addition, some in-dividuals, primarily infants and noncitizens, donot have SSNs. Some people have multiple SSNs.The system has been in operation for 60 years, andthere is a long history of invalid and fraudulentlyacquired numbers. Because the form of the SSNdates from the precomputer era, it also lacks acheck digit (an extra digit added to a computer-based number that aids in error detection andcorrection).

53 For example, see American Medical Informatics Association, “Position Paper on Standards for Medical Identifiers, Codes and Messages

Needed To Create an Efficient Computer-Stored Medical Record” (Bethesda, MD: Apr. 20, 1993).

54 Ibid., p. 2.


It can be argued that many of the privacy-basedobjections to the SSN—fraudulent numbers, link-ages to other databases, and so on—will also ap-ply to any new numbering scheme that could beadopted. While there is merit in this argument,there is also the possibility that a new numberingsystem would be safer because, for example, itwould have legal protections from the outset toprevent its use for other purposes.

Alternative schemes for developing uniqueidentifiers have been proposed. Some would in-clude segments of the patient’s name, latitude andlongitude coordinates of the place of birth, date ofbirth, and perhaps parts of the SSN. Some systemsalso involve encrypting the number, or convertingit to an alphanumeric identifier, in order to eitherprotect privacy or to make the number shorter andeasier to remember.55

One system that is now being put into place toidentify providers is the National Provider Identi-fier (NPI), which will be implemented by HCFAin 1996. In its present form, the NPI system is notuniversal—it will apply only to Medicare partici-pants. It will provide unique identification num-bers for physicians, other providers, and the siteswhere they provide care. In developing the NPIsystem, HCFA worked with a number of federal,state, and private-sector organizations. The NPIwill consist of a seven-character alphanumericidentifier with a one-character check digit. NPInumbers can be encrypted to protect privacy andconfidentiality.

By design, there will be no intelligence im-bedded in the NPI number; that is, analysis of thenumber itself will not yield useful informationabout the provider it identifies. Rather, the num-ber points to a location in a database called the Na-tional Provider File that will contain descriptivedata about the provider. Thus, numbers will nothave to be reissued when provider characteristics(address, number of locations, or types of special-ty) change. The numbering format has the poten-

tial to provide 10 million all-numeric identifiersor up to 27 billion alphanumeric identifiers, mak-ing it sufficiently large to serve as a national sys-tem for identifying all providers, includingnonparticipants in Medicare. Should such a na-tional system be desired, authorizing legislationwould be needed to allow HCFA to open the sys-tem.

HCFA is also in the process of developing aregistry and identifier system for payers. This sys-tem would identify and maintain information onthe payers who offer secondary coverage forMedicare participants. The process of coordinat-ing benefits is complex for Medicare as it is in theprivate sector. A primary payer, such as Medicare,is often not aware that a patient has secondary cov-erage, or may not have complete information onthe benefits for which the patient is eligible andthe rules for calculating reimbursement. Withoutthis information, the primary payer can some-times pay inappropriately (that is, pay more thanthe patient is entitled to). In addition, the processof filing a claim with the secondary payer is com-plex; the provider or patient must often file a sepa-rate claim based on remittance informationprovided by the primary payer. By incorporating aregistry of secondary payers and a complete set ofrules for coordination of benefits into its MedicareTransaction System, HCFA hopes to be able tomore accurately calculate reimbursement basedon all the benefits available to a patient. At thesame time, it could automatically send a bill to thesecondary payer, simplifying the claim processfor patients and providers.

❚ Inconsistent Regulatory Environmentfor Health Information

State government regulations concerning elec-tronic health information and patient records, aswell as privacy, vary widely. This creates a diffi-cult environment in which to implement standard-

55 For example, see P.C. Carpenter et al., “The Universal Patient Identifier: A Discussion and Proposal,” Patient Centered Computing: 17th

Annual Symposium on Computer Applications in Medical Care (New York, NY: McGraw Hill, Inc., 1993).


ized processes. There are four areas in which statelegislation and regulation impact on electronichealth information. They include laws on: 1) stor-age media for medical records; 2) use of electronicsignatures; 3) privacy and confidentiality ofhealth information; and 4) patient access to healthrecords.

Storage Media for Medical RecordsState governments generally have licensing au-thority over health care providers and requirethem to maintain medical records. Nearly everystate regulates what media are permissible forstoring medical records. In many states, the lan-guage is reasonably “technology neutral” and theuse of catchall phrases such as “other useableforms” or “other appropriate processes” has beentaken to mean that computerized record storage ispermitted. In some states, however, legislationhas served as a barrier to the development of auto-mated patient records by specifying the permittedmedia (e.g., microfilm or paper) and excludingdisks, tapes, and other computerized storage me-dia. Other states require clinicians’ signatures inink on particular forms, implying a paper originalto which the signature can be affixed. Some statesspecifically permit the use of computers for somefunctions but forbid it for others, thus hinderingthe development of a complete computer-basedrecord. There are other paradoxes and inconsisten-cies in legislation as well, with some states per-mitting electronic signatures for some purposesbut requiring retention of a paper or microfilmedrecord.56

Only a few states specifically authorize com-puterized medical records. Indiana statutes, forexample, authorize the use of “computerized re-cords that maintain confidentiality.” They specifi-cally state that the recording of hospital medicalrecords by the data-processing system is “an origi-nal written record” and authorize the courts to

treat information retrieved from such systems asoriginals for purposes of admissibility into evi-dence.57

Some of the states whose statutes posed barri-ers to electronic patient records are making prog-ress toward changing the statutes. For example,North Dakota is considering legislation thatwould make the recording of a medical record on acomputerized system the equivalent of aphotographic process, thus making printouts andother items retrieved from the system admissiblein court.

Recordkeeping rules for nonhospital provid-ers—nursing homes and physicians’ offices, forexample—are often covered by different statestatutes or regulations and can be very differentfrom those that apply to hospitals in the samestate. Implementing a complete electronic patientrecord in a multisite provider organization, thatmight include hospitals and nursing homes, can becomplicated if these requirements differ widely.

The absence of state legislative or regulatorysupport for electronic patient records does notnecessarily mean that providers in that state areforgoing development of information systems orelectronic record systems. It does mean, however,that the providers face certain legal risks if they donot maintain the paper record system as well, andthey must bear the costs of operating both sys-tems. Currently, most providers are not techno-logically capable of creating a “complete”electronic record in any case. They maintain amixed paper and electronic system for practical,as well as regulatory, reasons. The regulatory in-consistencies among states can create difficultiesfor health care organizations that are attempting todevelop common patient record systems for sitesin more than one state.

Federal legislation governing business records(which includes medical records) implies thatcomputerized records are permitted (once again

56 J. P. Tomes, Compliance Guide to Electronic Health Records” (New York, NY: Faulkner and Gray, 1994), pp. 14-19.57 Burns Ind. Code Ann. sec. 34-3-15.5-2.


using language about “other processes”).58 In ad-dition, HCFA, which administers the Medicareprogram, authorizes the use of computerized med-ical records if they are maintained in a form thatcan be reproduced legally, and if the system meetsMedicare’s conditions for participation. Theseconditions basically state that the system mustprotect the security of the records and ensure thatonly the authorized persons are able to sign them.The Department of Health and Human Services,in an effort to encourage the development of com-puterized patient records, had legislationintroduced in the 103d Congress to require pro-viders to maintain outpatient data in electronicform as a condition of participation in Medicare.59

Electronic SignaturesSignatures are necessary to attest to the complete-ness and authenticity of a medical record. Gener-ally, each entry in a record is signed orauthenticated by the person responsible for thatentry. An electronic record can be signed electron-ically, and this is permitted in many states; onceagain, however, electronic signatures are treateddifferently from state to state. Some states are si-lent about the specific means or technology to beused for the signature, or they say that industryand professional standards should dictate the formof the signature. This would seem to permit theuse of electronic signatures in those states becausethe Joint Commission on Accreditation of Health-care Organizations, American Hospital Associa-tion, and other industry groups have publishedguidelines related to electronic signatures. Somestates (like Pennsylvania, Alaska, and California)specifically authorize the use of an electronic sig-nature activated by a computer key that is knownonly to the authorized user.

HCFA accepts electronic signatures on admis-sion data sheets, attestations, and other documentsused to reimburse providers treating Medicare pa-tients. Providers must demonstrate that their com-puter systems meet HCFA guidelines.

Privacy and Confidentiality of HealthInformationBoth federal and state legislation cover the priva-cy of patient records. Records held by the federalgovernment are protected under the PrivacyAct,60 which governs federal disclosure of confi-dential information. At the state level there is a va-riety of approaches to privacy protection, and anumber of states have privacy laws that covermedical information. Other states have sections intheir Medical Practice Acts that prohibit physi-cians from revealing information obtained in con-fidence from a patient during treatment. TheAmerican Medical Association has publishedstandards for hospitals to protect the privacy of pa-tient information. Some courts have enforcedthese standards under state contract law as impliedconditions of the contractual relationship betweenphysicians and patients.

Even among the states that have well-definedlaws on the privacy of medical records, few ad-dress the flow of information to secondary users,such as insurance payers, researchers, and soforth. Further, because states are so inconsistentin how they deal with electronic informationgenerally, few of them confront issues directly re-lated to protecting privacy in computerized patientrecords. For a more detailed discussion, see theprevious OTA report, Protecting Privacy in Com-puterized Medical Information.61

58 28 U.S.C. 1732.59 Tomes, op. cit., footnote 56, p. 14.

60 5 U.S.C. sec. 552a.61 U.S. Congress, Office of Technology Assessment, Protecting Privacy in Computerized Medical Information, OTA-TCT-576 (Washing-

ton, DC: U.S. Government Printing Office, September 1993), pp. 41-45.


Patient Access to Health RecordsBecause patients have a property right in their re-cords, it seems reasonable that they should be ableto inspect or copy them. Access to medical recordsheld by the federal government (e.g., Departmentof Veterans Affairs or other hospitals operated bythe federal government) is governed by the Priva-cy Act. The Privacy Act requires agencies to es-tablish procedures under which individuals canview or receive copies of their own records. It alsoauthorizes the establishment of special proceduresfor handling information that might, in the judg-ment of the agency, have an adverse effect on theindividual. These procedures have generally in-volved designating a third party to examine therecords and releasing them to a physician desig-nated by the patient.62

For private sector hospitals and other provid-ers, state laws and regulations govern patient ac-cess to medical records. Thirty-seven states havestatutory provisions for allowing a patient to re-view and/or copy his or her medical records. In afew additional states, the patient’s right to accessis not specifically stated, but can be inferred fromother language.63 In addition, some courts haveruled that providers have a common-law duty toallow a patient to access his or her records, absentlegislation.64 In 22 states, the patient may becharged reasonable copying fees, and 19 requirethat the patient apply for the records in writing.Twelve states permit physicians to deny patientaccess to a record if something in the record wouldhave an adverse affect on the patient; in most of

these cases, however, the record must be releasedto an attorney, physician, or other representativedesignated by the patient.65

A patient’s right of access to informationderived from the medical record, but housed in thedatabase of an insurer or other third party, is un-clear in many states. Only 14 states have legisla-tion giving patients access to insurance databasesand limiting redisclosure of medical informationheld by nonproviders.66

❚ Privacy, Confidentiality, and Security ofHealth Information

Privacy, confidentiality, and security of electronicdata are areas of great concern because of the sen-sitivity of health information. Privacy is essential-ly the right of an individual to limit access toinformation regarding that individual. Confiden-tiality is a form of informational privacy charac-terized by a special relationship between people,such as the relationship between doctor and pa-tient. Security refers to technical and organiza-tional procedures that protect electronicinformation and data-processing systems fromunauthorized access, modification, destruction, ormisuse.67

The appropriate levels of privacy, confidential-ity, and security, as well as the techniques forachieving them, may vary depending on the insti-tutional context and the use of the information.Tradeoffs are often necessary. For example, with-in a single hospital, confidentiality might be bestserved by allowing a patient’s record to be seen

62 U.S. Congress, Congressional Research Service, Access to Medical Records Under Federal Law, No. 93-708A (Washington, DC: Aug. 3,

1993), p. 16.

63 U.S. Congress, Congressional Research Service, Patient Access to Medical Records: A Statutory Survey of the United States, No.92-896A (Washington, DC: Nov. 17, 1992), and Medical Records: State Laws and Regulations Regarding Ownership and Patient Access, No.93-519A (Washington, DC: May 20, 1993).

64 R. S. Dick and E.B. Steen (eds.), The Computer-Based Patient Record: An Essential Technology for Health Care (Washington, DC: Na-

tional Academy Press, 1991), p. 166.

65 U.S., Congressional Research Service, Patient Access, op. cit., footnote 63.

66 Dick and Steen, op. cit., footnote 64.67 L. O. Gostin et al., “Privacy and Security of Personal Information in a New Health Care System,” The Journal of the American Medical

Association, vol. 270, No. 20, Nov. 24, 1993, p. 2487.


only by the attending physician and the nurse as-signed to that patient. However, such a policywould affect the quality of patient care—it wouldunduly inconvenience and slow the work of sub-stitute nurses, consulting physicians, intensivecare personnel, or other caregivers who mightneed the record on short notice. Thus, a balancebetween confidentiality and convenience must befound. Most hospitals allow fairly broad access topatient records by authorized caregivers, and theyusually have security systems to keep track ofeach access. In some cases, this feature is used reg-ularly to keep caregivers aware that they are ac-countable for their use of the information system.At one hospital, for example, users are regularlynotified on-screen that each instance of access to apatient record is automatically recorded and thatpatients have the right to see a list of those wholooked at their records.68

When information moves out of the single pro-vider institution, priorities may change. The EDIindustry has focused most of its concern on the se-curity of information. Companies engaged intransmitting business information electronical-ly—financial institutions in particular—haveadopted technical solutions to two problems. Thefirst is that information transmitted over phonelines might be read by unauthorized persons. Onetechnique for addressing this is encryption. A sec-ond problem is that people sending or receivinginformation may not, in fact, be who they say theyare. Authentication techniques—the use of pass-words, keys, and other automated identifiers—areused to verify the identity of the person sending orreceiving information.69

Thus far, the EDI industry has a good securityrecord, according to the Workgroup on ElectronicData Interchange (WEDI), which says “there havebeen no reported incidents of the confidentialityof EDI messages being compromised.”70 Indeed,the risk of data leakage to outside computer hack-ers can be minimized in an online system. Securi-ty measures such as encryption procedures,password access, and audit logs help to discouragedata theft. With electronic information, systemadministrators have more numerous and powerfultools for monitoring and protecting informationthan they do with paper-based records.71

Privacy and confidentiality—the main focus ofconcern for the health care industry—are provingmore difficult to protect. As health care informa-tion increasingly moves over electronic networks,it becomes accessible to more people at widelyscattered institutions with different policies andprocedures in place. The potential for abuse in-creases accordingly. Unauthorized uses of in-formation by authorized users can be a majorproblem that is difficult to stop by technologicalmeans. Because of a plethora of conflicting statelaws regarding confidentiality, it is difficult to es-tablish legally defensible policies on proper ac-cess to records; people handling records oftenhave no clear guidelines for acceptable release ofinformation. A 1993 OTA report on privacy andconfidentiality of health information notes:

The present system of protection for healthcare information offers a patchwork of codes;State laws of varying scope; and Federal lawsapplicable to only limited kinds of information,or information maintained specifically by the

68 C. Safran et al., “Protection of Confidentiality in the Computer-Based Patient Record,” M.D. Computing, vol. 12, No. 3, 1995.69 For further information on network security issues and technologies, see U.S. Congress, Office of Technology Assessment, Information

Security and Privacy in Network Environments, OTA-TCT-606 (Washington, DC: U.S. Government Printing Office, September 1994) and Is-sue Update On Information Security and Privacy in Network Environments, OTA-BP-TCT-147 (Washington, DC: Government Printing Office,June 1995).

70 Quoted in Benjamin Wright, “Health Care and Privacy Law in Electronic Commerce,” Health Care Financial Management, vol. 48, No.

1, January 1994.

71 Ibid.


Federal Government. The present legal schemedoes not provide consistent, comprehensiveprotection for privacy in health care informa-tion, whether it exists in a paper or computerizedenvironment.72

The situation has not changed appreciably sincethis report was published.

Without uniform privacy and confidentialitylaws, it is extremely difficult to expedite the de-velopment of interstate health records transfer.Accordingly, WEDI called on Congress to ensurethe uniform, confidential treatment of identifiableinformation in electronic environments. As elec-tronic interstate transfer of medical data increases,policies concerning the access to medical in-formation by secondary users of medical data, theuse of medical data for nontreatment purposes,and the redress of privacy violations must be madeconsistent in all state. Privacy legislation shouldalso address the requirements for informed con-sent of patients. Patients are often unaware of howtheir medical information will be used, to whom itmay be released, and what rights they may have toaccess or correct it once it is in the hands of a sec-ondary user.

Whether information is stored in a computer oron a piece of paper, the public fears the abuse ofmedical information by both authorized and unau-thorized parties. In a 1993 health privacy poll, 80percent of all respondents believed that consum-ers had lost all control over the circulation and useof health care information.73 These concerns canlead (and have led) to physicians withholding in-formation from patient records at the patient’s re-quest in order to protect his or her privacy.74 Tocreate an inaccurate or incomplete patient record,even with beneficial intent, could ultimately haveserious effects on the patient; in addition, such ac-

tions render records less useful for outcomes re-search and other statistical purposes.

Improved patient education about privacyrights may decrease the lack of control patientsfeel over the spread of medical information. Untilnational, uniform privacy legislation is enacted,WEDI suggests steps to protect privacy in its 1992report.75 Providers should:

� ensure that the patient has authorized release ofhealth information to an insurer by signing therelease contained on the insurance form,

� ensure that they release information in strictcompliance with the written release,

� ensure that they have complied with any rele-vant laws governing disclosure to insurers,

� establish security policies for employees whohave access to and process patient health in-formation, and

� establish security protocols for computer sys-tems used to process claims.

The WEDI guidelines were not intended to re-place the need for federal legislation or to absolvesystem operators from responsibility to designand maintain secure computing environments.

Although solutions to the networking problemsof privacy, confidentiality, and security remainunclear, the questions they embody do not: Whatpotential benefits of increased access to healthcare information will materialize, and will theyoutweigh the reduction in individual privacy thatincreased access to information inevitably brings?These questions must receive considered answers.“Opportunities for using electronic networks maybe lost if there is serious mistrust of their safety.”76

The concept of fair information practices setforth in the federal Privacy Act is fundamental to anumber of existing privacy laws and proposed ini-

72 Office of Technology Assessment, op. cit., footnote 60, p. 13.

73 Gostin et al., op. cit., footnote 67.74 Office of Technology Assessment, op. cit., footnote 60, p. 6.75 Workgroup for Electronic Data Interchange, 1992 Report (Hartford, CT, and Chicago, IL: September 1992).76 Gostin et al., op. cit., footnote 67.


tiatives to protect medical information. Commoncharacteristics are:

1. Records pertain to medical information on in-dividuals.

2. Individuals are given the right to access muchof the personal information kept on them.

3. Limits are placed on the disclosure of certainpersonal information to third parties.

4. Health care personnel are required to requestinformation directly from the individual towhom it pertains, whenever possible.

5. When a government entity requests personalinformation from an individual, laws requirethe individual to be notified of the authority forthe collection of data, whether the disclosure ismandatory or voluntary.

6. The individual may contest the accuracy, com-pleteness, and timeliness of his or her personalinformation and request an amendment.

7. Health care personnel must decide whether toamend the information within a fixed time,usually 30 days after receiving a request.

8. The individual whose request for change is de-nied may file a statement of disagreement,which must be included in the record and dis-closed along with it thereafter.

9. The individual can seek review of a denied re-quest.

Protecting Privacy in Computerized MedicalRecords77 noted that basing new protection formedical information solely on the Privacy Act andon principles of fair information practices will failto consider the complexity of today’s informationenvironment, with its distributed processing,sophisticated database management systems, com-puter networks, and widespread use of microcom-puters.

It is apparent that protecting personal in-formation in a computerized environment in-volves, at a minimum, access to records,

security of information flows, and new methodsof informing individuals where information isstored, where it has been sent, and how it is beingused.78

POLICY CONSIDERATIONS FORCONGRESSAttempts to improve administrative efficiency byincreased use of electronic commerce in healthcare are an important component of a larger effortto reduce costs, improve quality of care, and im-prove access. Compared with a paper-based sys-tem, electronic information systems do appear toreduce costs for some users. The industry is mov-ing in this direction. Standards development acti-vities are under way.

However, getting started with electronic com-merce is expensive. Some organizations haveweak financial incentives to make the necessaryinvestments to institute electronic payments,while others are forging ahead without waiting forstandards to be set. Some experts interviewed byOTA commented that the complexities of dealingwith paper records and paper-based transactions,particularly as health care organizations growlarger and enter new lines of business, are forcingsome organizations to implement electronic sys-tems, even if they have no way to measure the ac-tual cost-effectiveness of a particular system. Thecomputer network, like the telephone, is becom-ing a part of the way business is conducted; a firmsimply has to have one to compete in the market,whether it makes economic sense or not.79

There may be some savings for the health caresystem as a whole if electronic medical payments,for example, are implemented on a near-universalscale. However, at current rates of implementa-tion, high levels of use of electronic payments orcompliance with standards may not be achievedfor some time. The health care industry in the

77 Office of Technology Assessment, op. cit., footnote 60.78 Ibid., p. 79.79 Project HOPE Center for Health Affairs, op. cit., footnote 2.


United States is not organized as a “system” with acentral focus or consensus on how to deal withsystemwide problems. The different parts of thesystem have diverse incentives, and efforts to con-trol costs in one area may increase costs in another.However, these shifted costs are so subtle andspread over so many participants in a complexsystem that they are hard to quantify. For example,a major payer, in an effort to reduce its own costs,may begin to request additional data and docu-mentation (beyond what is on the standard forms)when providers submit large claims. All providerswho deal with that payer then incur additionalcosts to resubmit rejected claims, develop andmaintain different versions of the standard form,or provide the additional data with all claims toavoid the problem of deciding when to send it andwhen not to. Situations like these make it difficultfor the industry to establish truly uniform proce-dures.

The trend toward managed care reduces this di-versity of interest to some extent. The percentageof people covered by traditional indemnity insur-ance in the fee-for-service sector can be expectedto decrease, thus reducing the number of transac-tions between providers and payers as well. Somemanaged care organizations, like staff modelHMOs, will internalize these transactions, andwill presumably perform them efficiently out ofsheer corporate self-interest. But managed care istaking many forms, including independent prac-tice associations and other arrangements forwhich transactions will remain external between anetwork of different provider and payer organiza-tions. For the near future, absent a far-reachinggovernment-imposed restructuring of the system,many private insurers and health care providerswill continue to do business as independent firmswhose interests do not coincide.

There are three major areas in which govern-ment action might be considered: 1) providingleadership in the adoption of standards for elec-tronic medical payments and other transactionsand exchanges of health information; 2) establish-ing a system of unique identifiers for people,providers, and payers; and 3) establishing a more

consistent regulatory environment for interstateexchanges of health information.

❚ StandardsThe federal government has already played a ma-jor role in establishing the current level of stan-dardization. For example, in the area of electronicmedical payments, HCFA’s commitment to elec-tronic claims-filing and its adoption of EDI stan-dards have caused many providers and privatepayers to use these technologies. Further steps byHCFA—for example, offering truly expeditedpayment to providers who file electronically(instead of making delayed payment to those whomake paper claims, as is currently the case)—could encourage more providers to make thenecessary investments needed to comply. HCFA’searly adoption of EDI standards for other formsand transactions could also inspire other payers tomake use of them. HCFA’s ongoing plans to estab-lish a national payer file and to automate second-ary payments should also serve as an example ofhow to simplify the complex process of coordina-tion of benefits. Thus, one option for federal ac-tion is to continue to influence the standardizationof health care information transactions throughthe federal government’s role as a major insurer.

However, even HCFA’s leadership will not en-sure universal compliance with standards amongall payers and providers, and it is likely that wide-spread compliance is needed in order to realize no-ticeable savings. As long as some set ofparticipants does not comply, many others willhave to maintain separate systems or multiple ver-sions in order to do business with them. The in-formation involved is very complex, and certainclasses of participants—payers, state govern-ments, and others—will continue to create theneed for new types of data for their own purposes,but not necessarily those of their trading partnersor the system as a whole. If they have either moneyor licensing authority on their side, their tradingpartners will have to comply with their demandsin addition to the standard.

Given that near-universal compliance seems tobe important, but is not being achieved as yet,


Congress may want government to take a more ac-tive role in administrative simplification. Thus, amore active approach would be for Congress toconsider requiring the adoption of industry-devel-oped standards for core electronic transactions,including maximum data sets, and setting timeta-bles for their implementation.

This option suggests the adoption of standardsfor a small set of core transactions within the nearfuture. It assumes that the transition from a fee-for-service environment to a managed care envi-ronment is going to be a gradual one, and that for anumber of years it will be worthwhile to make thebasic fee-for-service transactions as efficient aspossible. This option is also limited in that its aimis not to mandate sweeping requirements for im-plementing electronic transactions, but rather tofocus on a small set of transactions. Core transac-tions include: claims and billing, payment and re-mittance advice, eligibility inquiry, enrollment,and coordination of benefits. Standard forms formanaged care transactions, such as the encounterreport, could also be considered in this group.These are areas where the voluntary standardsprocess is well advanced. Requiring adoption ofstandards for other transactions might be consid-ered in the future.

The option includes a requirement for maxi-mum data sets for each transaction. It will be nec-essary to obtain consensus from providers andpayers about what information is needed for thetransactions, and then ensure that participantsmay not unilaterally increase information require-ments that would lead to the proliferation of non-standard forms.

A requirement for universal compliance withan electronic transaction system would necessari-ly create problems for some providers and payers,particularly small ones. Clearly not all providersand payers will be able to handle electronic trans-actions or modify their proprietary systems tomeet standards within any given timeframe; how-ever, they should be able to contract with commu-nity health information networks, clearinghouses,electronic medical claims services, or other firmswho can provide these services for them.

Unfortunately, a government-imposed stan-dards-setting process would require some centralfocus of authority to set timetables and to ensurecompliance. Therefore, a necessary corollary tothe option discussed above would be to charge agovernment agency with responsibility and au-thority to set standards and data definitions foradministrative transactions in consultation withindustry groups, and to manage changes to stan-dards over time; or create an agency or commis-sion for this purpose.

Establishing a central authority, whether withinan existing agency or in a new commission, is alsoa cost—one that would be shifted from the healthcare system as a whole to the government. How-ever, it is unlikely that standards and timetableswill be adhered to unless someone is in charge.

Possible disadvantages of requiring standard-ization and creating an authority—for example,locking into a standard too soon—do not appear tobe problems for electronic medical payments atthis time, at least for core transactions. Industrygroups have made progress with standards for thebasic core transactions and preliminary versionsare available for many. There is a need, however,to ensure that the standards are implemented in thesame way so their use is uniform. Industry input,from both payers and providers, is definitely need-ed for this. Clearly, if the agency or commissionattempted to develop standards de novo, many un-necessary costs could be incurred; therefore itwould have to work closely with industry groupsalready in existence. A number of industry groupshave voiced support for greater government in-volvement, including actions to speed the stan-dards-setting process.

❚ Standard Identifiers for Individuals,Providers, and Payers

Consistent with the above options, another areafor nationwide action would be to establish a sys-tem of unique identifiers for patients, providers,and payers.

Controversy continues about the particular sys-tem of identifiers to be used for individuals. In the


past, OTA has cautioned against use of the SSN asa national identification number of any kind,largely on privacy grounds. OTA has suggested inearlier work that a new numbering system, withlegal protections against misuse built in from thebeginning, would be more appropriate. Support-ers of the SSN argue, with some merit, that the dis-advantages cited for the SSN are bound to afflictany numbering system eventually, even one that isdeveloped from scratch. With modifications, suchas a check digit or other additional digits, the SSNmay be the fastest and possibly the lowest-cost op-tion for establishing a numbering system.

Identifier systems that meet the needs of bothprivate sector and government users would bemost useful. HCFA has made efforts to include avariety of public and private stakeholders in thedevelopment of its national provider identifier(NPI). That system, which HCFA proposes to im-plement for Medicare providers in 1996, has thepotential to be expanded into a universal system.Expanding the NPI to include non-Medicare pro-viders would require congressional action to al-low HCFA to open up the system and to establishwhich agency should administer it. Similarly,HCFA’s efforts toward developing a payer registryand automating the secondary payment processcould serve as the basis for establishing a national,automated coordination-of-benefits system forprivate payers.

❚ Consistent Regulatory EnvironmentSome state governments, under the influence ofindustry associations and other groups, are at-tempting to change state legislation that limits thedevelopment of computer-based patient records.However, the variety of state legislation that af-fects electronic health information is still bewil-dering and poses a barrier to the efficientdevelopment of interstate electronic commerce inhealth care. One option is to encourage the pas-sage of uniform state legislation with regard toprivacy and confidentiality, allowable storagemedia, and standards for health information. Anumber of industry groups are already working

with legislatures to enact uniform legislation. Inaddition, the Department of Health and HumanServices has recently been tasked by the Adminis-tration to take the lead in developing model stateprivacy laws and model institutional privacy poli-cies for health information. Such leadership by afederal agency may be useful in speeding theadoption of new information laws.

Privacy and confidentiality are particularly im-portant areas in dealing with health information; ifthere is little confidence that an electronic medicalinformation system will protect them, then pro-viders and patients will be unwilling to use it. Ifthe process of revising legislation on a state-by-state basis is seen as too time-consuming, or notsufficiently effective, then some additional feder-al intervention may be necessary either to supportuniform legislation or to provide federal legisla-tion. In this case, Congress may wish to establishfederal legislation and regulation with regard toprivacy and confidentiality of medical informa-tion, as well as storage media for medical recordsand electronic data standards for storage andtransmission of medical information. A corollaryto this option is to charge a government agency,or create a committee or commission, to overseethe protection of health care data; to provide on-going review of privacy issues; to keep abreast ofdevelopments in technology, security measures,and information flow; and to advise Congressabout privacy matters in the area of health careinformation.

The purpose of these options is to create a na-tional environment where electronic commerceand the development of computer-based patientrecords is not discouraged by local differences inregulation. This would establish a minimum floorso that interstate commerce and information ex-change can be maintained. There is still a need forconsiderable research on the computer-based pa-tient record and other kinds of health information.Detailed standards about the computer-based pa-tient record within a particular provider organiza-tion cannot be legislated or established byregulation at this time, and, in fact, such regula-


tion may never be desirable. However, minimumstandards for the storage and protection of healthinformation, and for its exchange among institu-tions, may now be in order.

Many violations of security, privacy, or confi-dentiality are caused by insiders—trusted individ-uals who exceed their authority or put informationthey are authorized to have to an unauthorizeduse.80 Establishing clear and uniform law to pro-tect privacy and confidentiality, along with civiland criminal penalties for violations, would en-courage organizations that handle electronichealth care information to establish strong internalpolicies and procedures, which will be as impor-tant as technological protections for information.With regard to privacy and confidentiality, an ear-lier OTA report cited seven provisions to be con-sidered in any federal legislation affecting healthinformation:1. Define the subject matter of the legislation,

health care information, to encompass the fullrange of medical information collected, stored,and transmitted about individuals, not simplythe patient record.

2. Define the elements comprising invasion ofprivacy of health care information and provide

criminal and civil sanctions for improper pos-session, brokering, disclosure, or sale of healthcare information, with penalties sufficient todeter perpetrators.

3. Establish requirements for informed consent.4. Establish rules for educating patients about in-

formation practices; access to information;amendment, correction, and deletion of in-formation; and creation of databases.

5. Establish protocols for access to informationby secondary users, and determine their rightsand responsibilities in the information they ac-cess.

6. Structure the law to track the information flow,incorporating the ability of computer securitysystems to monitor and warn of leaks and im-proper access to information so the law can beapplied to the information at the point of abuse,not to one “home” institution.

7. Establish a committee, commission, or panel tooversee privacy in health care information.81

These principles will continue to be useful indesigning uniform state or federal regulation withregard to health information security, privacy, andconfidentiality.

80 Office of Technology Assessment, op. cit., footnote 69.81 Office of Technology Assessment, op. cit., footnote 60, p. 87

Documents

Networks for Health Information