July 9, 1997 Public Forum: Role of the NCVHS

07/09/1997

MR. MOORE: I would like to have Don Detmer come up now. He is the chair of the National Committee on Vital and Health Statistics. If you have questions, Don and I will be glad to handle them before we go into the first presentation, which will be after Don.

DR. DETMER: Thank you, Bob, and good morning. As you can see, I have a very brief presentation here. That is a joke.

Actually, I am delighted to see so many of you here. I think the first thing I would like to acknowledge is the enormous help that we have had from Bob Moore, Bill Braithewaite, Jim Scanlon, Marjorie Greenberg, Lynette Oraki, John Fanning, I could go on and on. I think the committee can only be doing its work successfully with this kind of interaction that we have had, not only with the staff, but also I think with many of you in the audience and those of you that participate with us across the country.

HIPAA is the screening test way that the department typically talks about this legislation. The committee has preferred to call it K2, because of the size of the task that it represents to us, and the time that it gives us to scale this mountain. It is however safe to say that the committee has been both excited and cautiously optimistic. We vary, optimistic to cautiously optimistic, as we look at trying to meet the time lines in getting the tasks accomplished. But to date at least, I am happy to report that I think we have been largely on track.

The committee I think is known to many of you. It has been around for many years, approaching 50 years, as essentially the government's central advice to the Secretary on issues of vital and health statistics, in a sense mostly retrospective views and public purpose needs for health data. I think what this legislation did is really reshape the committee's charge.

Essentially, what it is really having us do is refocus, and having us be the government's principal advisory group on how to relate to health information policy generally, and how do we shape not only transaction standards, but such tradeoffs as well as the various public goods, privacy, confidentiality, security, but at the same time as Bob mentioned, the delivery of health care, the payment for that health care, law enforcement, health research, public health and a variety of things that are obviously key in a highly complex, modern technologically sophisticated society.

So essentially, I think that we have tried to reshape our committee to deal with that in a number of things. I came on new to the committee as the chair, and so have had a chance to make some of my own mistakes as chair, but also, work with a very new group.

We also have a good continuing group, about half the committee continuing forward. So we really have had to look at essentially our charge, our time lines, our structure, and we have done that, and essentially, that is complete.

The law mandated some changes as well. The membership increased from 16 to 18 with two members appointed by Congress. They are actively involved at this point. We are mandated to give an annual report to Congress on the implementation, and then serve as a public forum for all interested parties, and provide mechanisms for public input and so forth. I'll review how much we have been working to try to do that over the last few months.

We really have some mandates that are pretty explicit in the law, one relating to standards. We are interested in looking in our concept as a committee, being responsible to its charge to the country, not just standards, but are needs as well. So we really want to look at how should we as a nation be looking at this from the point of view of needs as well as standards and security to manage to those as one set of issues, and we make those recommendations, put those forward in the Federal Register. They are also up on the website.

We also have a set of responsibilities relative to privacy and confidentiality, and have been involved in a lot of hearings, but also interfacing with the Secretary herself as it relates to some of the tangents between privacy and research and such.

We are to report within four years on the standards for the computer-based patient records. So the first leading edge of this relates to the privacy/confidentiality/security standards for administration and those sorts of issues. But coming behind that is the clinical information itself.

Obviously, if you look at the need for more mature data dictionaries and the process by which we keep those updated and served out for use, as well as maintain their currency, that is quite a challenge as well, but it is one that again we are quite excited about, and really do think that ultimately it is going to have a major impact on quality of care and also the value that people get for health care, how much impact does it make on their health as a function of the resources that go into it.

We have full committee meetings quarterly. I almost chuckle, because this has almost become a career for most of the committee members, by the time you add all the subcommittee meetings as well.

But the executive committee has two subcommittees that we have concluded are critical, in addition to just doing the general work for tracking the committee's activities. The first of those is planning and implementation. We have a responsibility not just to make recommendations for standards; we are also mandated to track how those move forward, how they are implemented, what kinds of problems arise. So planning and implementation is one that we are talking about.

I made the comment about speaking to needs as well as standards. We see this issue of planning also one of how do we in a Gretsky kind of way skate to where the puck will be. How do we try to actually anticipate things as well, and move towards those as well as meet the letter of the day requirements that we are also mandated to come forward with.

The second subcommittee is one on patient and public education. It is astonishing to us, as many hearings as we have had. It is really true, if you are inside the Beltway, you have this illusion that you are an outsider, too. In actual fact, it is amazing how people are unaware of this, not only the general public, but even people in the states as well as a whole set of industrial and other players who in many instances have designated somebody to track this intensively, but otherwise have very little understanding about how critical it really is as an activity.

So that has been important. In fact, along that line we made a decision some weeks ago to have one set of hearings. We had it in San Francisco. We found it not only refreshing, but actually very useful. We get very useful information in our hearings here in town as well, but I think we tended to get a bit more candor, a little more relaxed perhaps an atmosphere, and it was very useful. There were also people who don't have the resources to come to Washington.

So I think we will try as we can to occasionally have other opportunities to visit other parts of the country as we move forward over time. I think we are mostly here, and it is probably most economical to do it here, but the money is actually very well spent also to get out and really try to get closer to where these issues really hit the lives of people.

Then we have subcommittees, a subcommittee on privacy and confidentiality, a subcommittee on health data needs, standards and security, and a subcommittee on population specific or special populations, basically.

There are a set of issues that essentially we do not want to get lost in the shuffle, whether you are talking about groups with disabilities, whether you are talking about certain minority groups, disadvantaged groups in different ways, economically and so forth. We really want to have a matrix concern on this, so that we don't get so concerned along our data needs, security and standards thinking of the main flow of things, that we overlook also very relevant social dimensions that just cannot afford to be overlooked in our society.

So that is fairly complex, and at times there is a little tension as it relates to that. We consider that a creative tension. It is something we are committed to managing, too. We have very good committee members working on all these. Bob Gelman chairs the privacy and confidentiality group. Dr. Barbara Starfield, the health data needs standards and security. John Lumpkin chairs a work group within that, that relates to the K2 mandates for data. Dr. Lisa Izioni from Boston, Harvard, chairs the subcommittee on population specific issues.

This is a place where you can find what we have been up to. I think the website really has been useful to all of us. Our recommendations have already started to come out. In fact, Bob mentioned the time line for August. We actually at our last meeting did put forth our first annual report, if you will, to the Secretary relative to privacy, and I'll talk a bit about that in a moment.

We don't like being late. I don't think anybody does. I don't know if you heard the story of the tour that was in England some years ago. It seemed like everywhere they went, they were about 15 minutes late. They had gone to the Tower of London, and got there about 10 minutes after it closed, and the group was grumbling some. Then the next day they wanted to see the changing of the guard at Buckingham Palace, they missed that. They had to head out to Runnymeade the next day, and they got out there and the guide, once they got there a little late, of course, was talking about Runnymeade, that this is where the Magna Carta was signed, and how important that was. One of the people in the tour piped up and said, when was that? The guide says, 1215. He said, doggone it, we missed it by another 45 minutes.

At any event, I think we have been working hard to try to stay on these time lines. Whether we will be able to always track on that, I don't know.

I do want to just mention briefly -- Bob mentioned that we have been trying to reach out and hear from folks. We have had on data standards alone eight total days of hearings, six specifically just to that, where we heard from 77 witnesses. We also had two additional days where we heard on data standards as well as privacy and security issues, confidentiality issues, another 40 witnesses. Then in our regular meetings, we have heard from an additional 17 witnesses.

So altogether, we heard from 134 witnesses on the data standards side alone. I think that that has been not only important in terms of getting us content, but also giving us a real sense of what is currently going on out there. It is very dynamic, but at the same time, we have an amazing spread of things going on still on handwritten three by five cards, up to fairly sophisticated data transfer. To try to deal with policy that can relate to those issues in an intelligent way is no small matter.

It has been very useful. We have had more focus on standards than we have on security. To that end, a meeting is scheduled for August 5 and 6 to get into security standards. There was a recent report. A number of our committee members were on that committee that the NRC recently put out from the Academy. You can get to their website at the NAS EDU, the National Academy Press, NAP, on shoring up confidentiality. We knew that report was coming, so we also had plenty on our plate the way it was.

Paul Clayton chaired that report. I think it is a good report, and the National Library actually requested that. I think they will be speaking to the security standards issues August 5 and 6. If you weren't aware of that, that may be helpful to you.

The subcommittee on privacy and confidentiality has had six full days of public hearings, where we heard from 43 witnesses. We also heard as I said from an additional 40 out in California. So we have really had quite an intensive interest in hearing from the research community, quality assurance community, industry, managed care, law enforcement, providers, claims processors, drug executives, drug industry, federal agencies, consumer and health privacy advocates. So quite an array of points of view within this great pluralistic society of ours.

So we had finally got a little white smoke out of the chimney. So of our recommendations -- I want to just hit a few of the high points about. Most of the day will be spent talking about the health data standards, the administrative transaction messages, and identifiers. So I am really not going to go into those. Less attention will be given, essentially little, to the privacy content. That is my task, and I want to try to cover that, and we can answer and respond to conversation or questions after this.

Just to hit the high points of our recommendations, first, almost all the witnesses and all of the committee agree that we really need federal health privacy legislation, going the route of the default regulatory approach. Regulatory approaches is seen as not the way to do this. I think if there is one absolute consensus, that I think is it.

Now, obviously, how do you then get that accomplished, and what does it look like. There, a lot of conversation starters going in. I think we also convinced that the country is in the midst of a crisis as it relates to the health privacy issues. The protection of health records has been eroded significantly in the last two decades.

We see that in addition, two major contributing factors have really played into this. One is the absence of federal privacy health legislation. The very fact that we have nothing on the books is pre-emptive and strong. It certainly doesn't help when you get a free-fall situation going there.

But we also have with the failure of some form of universal access to health care as a society, we have gotten into a situation as well where at times, personal health data is used against people, either relating to their insurability or work place or jobs, and that is a major issue. I think our own feeling is that we need not just privacy health legislation, but also anti-discriminatory legislation relative to insurability and also related to the work place. K2 did a piece of this, but there is still a chunk of that that needs to be done.

So these two things are really needed. I think short of that, it is going to be really tough. The committee believes that this should get done during this legislative session for a variety of reasons. One, obviously technology continues to move, but we are setting some of these standards for administration, security systems and such. It is going to be much easier if we try to do those things in concert than if we try to back fit or side slip those things in when they are not something that we have just said, okay, we are into this new era, let's go ahead and try to get this done at this point, and do it well.

I think that we really do believe that that is as important for the implementation side of this, as well as obviously the fact that if we do not do it, states will continue to do their own approach to this. We are seeing this in different parts of the country. I think the committee members have somewhat differing views on that, but generally speaking I think there is a sense that there is enough experience in Europe and other places in how to deal with these issues, and that in fact, to have a thousand or 50 different experiments going on in the country really is not necessarily in the best interests. First of all, people cross state lines a lot for health care and employment and such. A lot of the population, about 50 percent, is near a state border, so that becomes very problematic if people have different policies in all these jurisdictions.

So I won't go further into that at this point. But I think the point is, we want a very high level, the highest possible level of privacy for the American public as it relates to their personal health data. We urge the Secretary and the Administration to move this as a very high priority for the executive branch during this legislative session.

We have to have a situation that meets some of the criteria mentioned up above, ability of people to amend the record, get access to the record, know what their data is being used for. The committee also supports the idea that data should be limited to the uses for that, in other words, that you don't just send out a lot of information when a little will do.

In our current situation with paper records, that is a very expensive proposition and very tough to do. I think we move increasingly to computer based records, we not only can have audit trails, and more security and privacy, but you also will be much more able to limit how widely the information could go and how much needs to go anywhere.

We also know that the issue of privacy doesn't stand alone. It is in competition with a variety of other social goods, and this is what makes this such a rick area for debate and conversation as well, as far as that goes. At the same time you do need and want to have privacy so that people can trust the interaction that they have with their doctor or other health care provider and feel like they can tell them what is happening in their life that is important to their care and their disease and problem, at the same time we do have legitimate concerns relating to public health, relating to law enforcement and such. So how do we manage to those tensions is a really critical issue.

So what we call for is a law that requires the creators and users of identifiable health information to insure a full range of fair information practices, as I mentioned, including the patient's right to access a record, to amend the records, to be informed about the uses for the health information. That both industry as well as health care providers accept reasonable restrictions and conditions on access to and use of identifiable health information. That you have protections for health information as it passes into the hands of secondary and tertiary users, so there are no loopholes that allow health information to escape from privacy controls. That you provide adequate security for health data, no matter what media are used to create, transmit or store the data. That you accept accountability for actions that affect the privacy interests of patients. That you use non-identifiable coded or encrypted information when a function can be fully or substantially accomplished without more specific identifiers. So in other words, you don't use personal specific data except where it is absolutely critical as well.

The law must also impose restrictions on disclosure and use of the information, require adequate security and impose sanctions for violation, and increase reliance on non-identifiable information whenever possible.

The committee strongly supports the use of health records for health research, subject to independent review of research protocols and other procedural protections for patients. If modern health care was not effective, this would not strike us as being important, but the fact is, we all know that we have improved the quality of life through care, and that has only come actually through our capacity to do research, and at times person specific information is critical to that.

The committee strongly supports limiting disclosure of identifiable information for more than just the minimum amount necessary to accomplish this. It also believes that when identifiable health information is available for non-health uses, patients deserve strong assurances that the data will not be used to harm them.

The committee calls on everyone to work together on this in good faith. This is not an easy challenge for us. The probability candidly that we can pass a law that will be perfect is very unlikely. I think the issue is, can we in fact pass solid legislation that will at least get us benchmarked and on the right track. Clearly, we are one of the nation's few industrially developed countries that does not have anything like this. We clearly are lagging, and it is not a matter of competition; we ought to do it because it is the right thing to do.

The point is though, health information becomes available for other uses. So unless we get this in place, and get it in fairly soon, we see both risk to patients as well as risks to the record keepers themselves will grow.

We believe that everyone will benefit by a well-crafted set of fair information practices. It will impose constraints and restrictions on industry, but I think those are just part of what it is going to appropriately take to be right by this, to the society at large and individual patients. Patients will have new rights and greater protection for sensitive information, that is a given. Providers and insurers will have clearer responsibilities and roles and rules. The will needs policies as well as procedures and the technology. Secondary users will know when they can have information, when they can't, what their obligations are, and what penalties will result if these obligations are ignored.

None of these benefits will be achieved unless everyone approaches the legislative process with a spirit of compromise. I think actually, there is a lot of good will, but these are issues of tension, and as you understand, people obviously see their position as one that they came to sensibly. So I think there is no question that it will be also hard work.

In closing, I think just speaking for the committee, we are eager to continue working with HHS. It has been a very productive interface, as well as all of you folks, state and local governments, public health agencies and such. We really do want not only to respond to the HIPAA requirements and such, but also as we say, improve the health of all of our citizens and all the people visiting our country as well. We benefit very much from the continuing input and advice.

This law has given all of us really a tremendous opportunity. The time frames are tight, but so far, I think there is confidence that we can meet them. And certainly, the mobilization that I think we have seen in the department to relate to this is certainly quite impressive.

I think as a result of passage of this legislation, the national framework for the widespread adoption of health data standards and health information privacy will become a reality for our country. Adopting and implementing the kinds of standards and privacy protections to realize those benefits will take a coordinated, cooperative effort, and also I will say a continuing one over time certainly.

In any event, I am pleased, just speaking for the committee as well, that we could be on a program with this today, and have a public forum for these deliberations. So, thank you.

DR. MOORE: Are there any questions for either myself or Don? What we propose to do is take a 10-minute break before we get into the infrastructure team and the claims teams' presentations, which will occur prior to lunch. After lunch, we will go into the other four teams. We plan to take as long as we need. We are going to use about 20 minutes for the presentations and 40 minutes for your questions for each team. We are here for your benefit, not ours. Ours would be what information you can feed back to us that helps us make a better decision or change our mind about where we are, because what we intend to do today is tell you where we hope to be, come October of this year, or where that reg will take us.

We are not holding anything back. It is your business that we are going to be affecting, and we need to know how you feel about it.

We are going to take an hour and a half for lunch at noon. If it takes until five, we will be here until five. If we can finish earlier, we will finish earlier, and you will let me go back to Baltimore earlier.

But do you have any questions for either Don or myself? Yes, sir. Would you go to the mike, because this is being recorded, and any speakers, I would rather you go to the mike rather than speak from the general floor.

DR. TRACY: The question is for Don. Don is in the private sector, so I feel I can ask him a more controversial question than Bob's earlier response to the mandate being proposed in your response to the Secretary, which I finished reading.

Basically, it suggests that Congress should write all this stuff, and it should be enacted into law. I am aware that you personally were involved in trying to do mark-ups of S.1360, and efforts with H.R.52, and Congress has an abysmal track record of dealing with controversial issues that might cost the representatives' votes.

So I am wondering how you believe that Congress is going to take care of some of the questions that your own report suggests remain somewhat controversial. The absence of action tends to hurt the public. I think those are all fair characterizations of the content of your document.

So my question is, on what basis do you believe Congress will make progress?

DR. DETMER: I actually just got back from my high school reunion in Kansas. If you choose to live out there where these two tornadoes come through, and whether it wipes you out every few years, you either become a pessimist, or you are a die-hard optimist. I guess I still have some of that spirit in my blood.

But at any event, I think that the issue is not one of naivete as to the nature of this challenge. This country has tried to get this kind of legislation for quite a long time. Actually, in the '70s we had some privacy protections for the federal data, and led the world at that point and since then it has had a terrible time trying to move forward on the health side.

I think the point is not so much that -- I don't think we can afford not to get the legislation. I'm not saying -- it is like I say, watching law made is like watching sausage made; it is not for the weak of heart.

On the other hand, it is the best form of government on earth, as we have so far discovered. I think our alternative, of trying to essentially do this strictly through regulation from the Secretary's side, at least, on the basis of the committee's discussion and the experts and such, we see as less desirable.

When I said that would we in fact come forward with perfect legislation that passed? No, I doubt it. On the other hand, I think that this is something that we do need to, as I say, see as something that needs to happen, that we will all have to try to work together and do some compromising. I still think that the greater good has a better chance of being served through aggressive, hard-working, well thought out but good debated legislative process than essentially doing it through inheriting regulation.

But that is my view. Again, I think all the people on the committee had their personal views. The Secretary appointed me to this position; I try to do the bet job I can as chair, and really give that responsibility its overriding attention and respect. But I think that this is something all of us need to weigh in on.

I don't know how responsive that is, but that at least is my own response. I see it as a public obligation: we really need to get this done. It only will be better law if people really do work on it.

DR. MOORE: Any other questions? Yes.

PARTICIPANT: Mr. Moore, in your comments you made a brief reference to health care providers who are still using or still wish to use paper records, not having the kind of reporting requirements, computerized reporting requirements that the act contemplates. But isn't it correct that all patients will be receiving a unique health identifier, and under the act, all physicians, even if they don't presently use computerized capabilities, will be required to use a type of health care data clearinghouse to generate electronic records, in other words, all patients will have their medical records put on a database, regardless of whether their doctors presently use paper records or not.

DR. MOORE: The identifiers are required for the electronic record. The law is specific to the electronic record. I don't see how the health care community can support different identifiers for paper. But if a provider tried to do that, I think the payer would resist it. Identifiers will be issued for all payers, employers, plans, and eventually individuals.

PARTICIPANT: What opportunities do you understand there to be under the act for private pay patients, in other words, people who do not wish and can afford to exercise that right not to have their private medical information be computerized and generally available? Will that be provided for?

DR. MOORE: I don't think the law prohibits a person from going in and being a self-pay and says, I don't want any information submitted. I want to pay you, you will treat me. That is an agreement between the provider and the patient. If they choose not to divulge that they have insurance of any type and they are going to self pay, I would assume that the provider would accept that payment.

Don, as a physician, do you see a problem?

DR. DETMER: Yes, I think so. I think the only problem that could arise -- and it really doesn't relate to HIPAA -- is if the person has something that is already law because of public health requirements that would require somebody to report information simply because of the nature of the information that came forward. But as far as -- if it weren't that, it is strictly between the clinician and the patient.

PARTICIPANT: Mr. Detmer, just one question for you. A large part of your presentation spoke about educating the public about all the work that is to be done in the future. Could you address how the administrative simplification section of this bill itself was passed with literally no public debate and no public comment, given particularly that the act affects such private details of persons' lives? I think it is fair to understand that the vast majority of U.S. population frankly has no idea even of the existence of the bill as it now stands, let alone the work to be done in the future. Can you address that?

DR. DETMER: That relates to the earlier question and comment. Our legislative process is a wondrous thing. I think everybody was pretty surprised that that came forward. So that is our country.

I think on the other hand, the bill did mandate an awfully lot of activity to look at this, and tried to engage the issue. So we will have to judge I guess how good that progress and process is as it moves forward. But clearly, it is quite nonlinear. That is certainly the case.

Actually, the issue of trying to get the public education piece of this out is a really challenging one for us. In fact, if some of you have some advice for it, because we really have not had that as part of our mandate and function in the past; we just see it as important. So your advice on that could be quite useful.

I will not be here throughout the whole day, but I will be here through the break. So if you do have some other specific questions for me that go into our break time, please come forward. Thanks.

DR. MOORE: Any other questions before the break? One other, two.

DR. BUCCAFURNO: I noticed in your slides that you had a --

DR. MOORE: Can you speak up?

DR. BUCCAFURNO: Sure. That you were going to be reporting to the Secretary within four years on legislation and recommendations for computerized patient records. My question was, there are so many health care providers today implementing such systems, and so many vendors out there supplying them, within four years time, won't everybody already be on some kind of a computerized patient record system? And how do you foresee them changing over or complying in the future?

DR. DETMER: I'm smiling. I chaired the 1991 study that the Institute of Medicine did on the computer-based patient record. The computer-based records have been in some form or other around for a very long time, and it is like a unicorn: everybody has heard of them, but no one has seen a lot of them.

The thing is fascinating. We have a new report coming out, by the way, an update on where these are. The answer is both yes and no. I think the thing that is really fascinating is, absolutely, computers are involved in some regard and some pieces of most every setting. You go to Holland, and 90 percent of their primary care is delivered -- all the record keeping, by computer system.

Part of our problem in my view is that we don't have incentives, actually, enough incentives to see this happen. But in any event, I do see it as inevitable, however disquieting that may be to some folks.

Whether those time lines will be too short or too long, goodness gracious, I don't know. I have been tracking computer-based records and medical records generally for 25 years, and it is an interesting kind of thing, how it both happens and doesn't.

PARTICIPANT: There is a large industry out there that is involved in health information and acts as agents of providers and managed care organizations and insurers. In your statements, you have suggested that insurers are going to have roles and responsibilities on the information that they can pass on to secondary organizations.

I am wondering what kind of thought and deliberation has been given to allowing that kind of agency relationship to continue, or is it going to hamper that whole industry, which is enormous?

DR. DETMER: Well, clearly it is going to put another variable into the equation that many would just as soon ignore and not want to think about. But the fact of the matter is, I don't think there is any avoiding this. There is going to have to be more acceptance of responsibility and a spirit of trying to work through some of this from all player sites.

So yes, I think that if I hear you, and I think I do, it is not going to be simple, but it is going to be something that cannot be ignored. I just think that is the way it is. But I think it is going to be important. That is why these kinds of efforts at dialogue and maintaining that spirit of rolling up the sleeves and just staying working at it is going to be -- but it is amazing; most of the people that came to testify thought that, for example, a lot of the privacy and confidentiality things were really good, but just don't change the way I do my work, because I've got real problems that arise if I try to change that. Well, that just isn't going to quite do it. I'm not saying you are expressing that, but that kind of came through. But that is just not going to get it done. We will in fact need to stand up to this, realize that it needs to happen, must happen, will happen, and how can we have the best set of tradeoffs at the end of the day.

But it will have cost implications. That is what is interesting as well. This legislation was -- one of the key reasons it did pass was a real concern that we are spending 25 to 26 cents of the health care dollar on administrative costs. If you look around the world, you may be able to do that for seven or eight cents, 10 cents. That seems like a lot of wasted money, when we have 37, 45 million people who don't have access to health care services. Maybe we can try to deal with that.

So this is what was driving this, was an issue to simplify the thing. But I think if we simplify it but don't also then put in pretty strong attention to the safeguards of security and confidentiality, it won't come out right.

Now, I don't think that -- the cost equations are so complex that you can't sort out in my view how all that is going to shake out. But there will be costs and there will be a lot of logistic issues, and a lot of technology issues involved.

PARTICIPANT: Do you really see that those kinds of agency relationships are going to be legislated or regulated?

DR. DETMER: Obviously, there is both the disposition in Congress not to in fact have the federal government tell everybody what to do. That is very clearly a strong issue. On the other hand, you also have this issue that if you let a thousand flowers bloom, you don't necessarily get a bouquet. So that is the other issue. You've got 26 cents on the dollar administrative costs, because we are not coordinating. So yes, there will be regulation. The question is, will it be regulation that is so verdant that it really is strangulating, or can you have the right kind of tension in that. I don't think there is a clean answer to that. It is a matter of tensions and how this will play out.

But clearly, this law did not just speak to federal programs. It spoke to it all. So that is clearly there in the mandate.

PARTICIPANT: Thank you.

DR. DETMER: Is that how you see that?

DR. MOORE: Yes. One of the things -- just to relate to the costs, one of the problems that we wrestle with in producing the first reg that we have tried to get out on the national provider identifier has to be the cost and the savings. Our approach that you will see in the reg is that we are going to look at the administrative simplification act as its entirety, that is, all of the standards, the transactions, the security, the code sets, all parts of the identifiers, and estimate the cost to the public to do this, and the savings that are going to be achieved by doing this as its entirety. We are not going to be looking at what does it save and cost to do a claim or something else of that nature.

So when you get the first reg, which will be -- I won't make another prediction, I've predicted it about a dozen times now, but we still have a few issues that we are resolving to get out. But that will be in there.

If there are no other questions, we want to take a break. It is 10:15. Can we get back at 10:25, because we want to start promptly on the infrastructure team?