NRPM: Standards for Privacy of Individually Identifiable Health Information. D. Consultations.


The Congress explicitly required the Secretary to consult with specified groups in developing the standards under sections 262 and 264. Section 264(d) of HIPAA specifically requires the Secretary to consult with the National Committee on Vital and Health Statistics (NCVHS) and the Attorney General in carrying out her responsibilities under the section. Section 1172(b)(3) of the Act, which was enacted by section 262, requires that, in developing a standard under section 1172 for which no standard setting organization has already developed a standard, the Secretary must, before adopting the standard, consult with the National Uniform Billing Committee (NUBC), the National Uniform Claim Committee (NUCC), the Workgroup for Electronic Data Interchange (WEDI), and the American Dental Association (ADA). Section 1172(f) also requires the Secretary to rely on the recommendations of the NCVHS and consult with other appropriate federal and State agencies and private organizations.

We engaged in the required consultations including the Attorney General, NUBC, NUCC, WEDI and the ADA. We consulted with the NCVHS in developing the Recommendations, upon which this proposed rule is based. In addition we are continuing to consult with this committee by requesting the committee to review this proposed rule and provide comments, and recommendations will be taken into account in developing the final regulation. We consulted with representatives of the National Congress of American Indians, the National Indian Health Board, and the self governance tribes. We also met with representatives of the National Governors’ Association, the National Conference of State Legislatures, the National Association of Public Health Statistics and Information Systems, and a number of other State organizations to discuss the framework for the proposed rule, issues of special interests to the States, and the process for providing comments on the proposed rule.

In addition to the required consultations, we met with numerous individuals, entities, and agencies regarding the regulation, with the goal of making these standards as compatible as possible with current business practices, while still enhancing privacy protection. Relevant federal agencies participated in an interagency working group, with additional representatives from all operating divisions and many staff offices of HHS. The following federal agencies and offices were represented on the interagency working group: the Department of Justice, the Department of Commerce, the Social Security Administration, the Department of Defense, the Department of Veterans Affairs, the Department of Labor, the Office of Personnel Management, and the Office of Management and Budget. The interagency working group developed the policies of the proposed rules set forth below.