Copyright 2000 Federal News Service, Inc.
Federal News Service
April 26, 2000, Wednesday
SECTION: PREPARED TESTIMONY
LENGTH: 2092 words
HEADLINE:
PREPARED TESTIMONY OF HEALTH INDUSTRY MANUFACTURERS ASSOCIATION - HIMA
BEFORE THE SENATE COMMITTEE ON HEALTH,
EDUCATION, LABOR AND PENSIONS
BODY:
This
testimony is submitted on behalf of the Health Industry Manufacturers
Association (HIMA) and its 800 member companies. HIMA is the largest medical
technology trade association in the world, representing manufacturers of medical
devices, in vitro diagnostic products and health information systems. HIMA
member companies supply nearly 90 percent of the $68 billion in
health care technology products purchased annually in the United States and more
than 50 percent of the $159 billion purchased annually
worldwide. We welcome the opportunity to submit testimony for the record on
issues surrounding the privacy of individually identifiable
health information.
Medical devices are comprised of
thousands of diverse life-saving and life-enhancing products used by more than
50 medical specialties in numerous procedures and applications. Due to advances
in medical technology, more lives are saved, illnesses are prevented and
recovery times are shorter. Medical Device Innovation Requires Open
Communications and Continuous Feedback from Providers and Patients Medical
device innovation development differs significantly from pharmaceutical
innovation in that most devices on the market today result from a series of
incremental improvements to preexisting devices. These improvements result from
continued vigilance by the manufacturer and substantial input from the provider
community. Although well-designed research plays a significant role, formal
research projects cannot substitute for the one-to-one interaction between the
researchers tasked with developing and improving a technology and the clinical
personnel who use it in their therapeutic and diagnostic interactions with
patients. Continuity and perseverance in research and the ability to communicate
freely with caregivers and patients are key drivers of innovation.
HIMA
Supports Confidentiality Standards that Ensure Safe Patient Care and Allow for
Continued Innovation
HIMA strongly supports the development of
reasonable patient confidentiality standards that ensure both the quality and
safety of patient care and the continuing progress of medical research. We
believe confidentiality laws and regulations should: Ensure the quality and
safety of patient care by permitting providers to communicate freely to medical
device manufacturers when seeking information about how the operation or use of
a device will affect an individual's diagnosis or treatment. Support patient
access to new medical technologies by not impeding the exchange of medical
research information between providers and device manufacturers. Construct
medical research approval systems that do not place an undue burden on providers
and researchers. Promote a cost-effective health care system by permitting
device manufacturers to collect the information they need for coverage and
reimbursement determinations.
Proposed Confidentiality Regulation Has
Numerous Shortcomings
We recognize the difficulties associated with
developing privacy standards as highlighted by the Department of Health and
Human Services (HHS) in the Background section of the preamble to the proposed
rule. HHS has made a considerable effort toward ensuring that patient safety,
the quality of care and medical research remain unaffected. Nevertheless, we
believe the proposed rule still has many shortcomings. There are numerous
requirements that are unrealistic and will not meet the needs of a health care
system that is far more complex than that contemplated by the proposed
regulation or the statute. Many items are ambiguous or require much more
explanation and clarification.
Taken together, the shortcomings of the
proposed confidentiality regulation create concern from our perspective about
the safety and quality of patient care, and our ability to collect data to
support medical research. We believe these problems must be addressed in a
satisfactory manner before any final regulatory framework is implemented.
We are pleased to share with the Committee our concerns about the
proposed HHS privacy regulation. These are:
Device Manufacturers Should
Be Permitted to Support Treatment and Diagnosis
The proposed rule does
not permit manufacturers to support providers with treatment or diagnosis where
protected health information may be disclosed. As a result, patient care may be
jeopardized and access to life-saying and life-enhancing technologies may be
seriously delayed.
Device manufacturers frequently assist providers with
the operation and use of a particular device or customize devices for particular
patients. In many cases, the Food and Drug Administration (FDA) requires these
activities and thus would be permitted by the proposed rule. Occasionally,
however, a provider may ask a manufacturer for support that is not required by
FDA, an activity not permitted by the proposed rule. In these instances, and in
order to assure appropriate patient care or speedy patient access to needed
devices, the regulation should allow a provider to disclose protected health
information without individual authorization to the manufacturer.
The
Proposed Rule Will Discourage the Collection of Needed Public Health Information
The proposed rule permits disclosure of protected health information to
device manufacturers when the information is needed to comply with rules or
other directions of a governmental authority. However, the proposed rule lists
only one requirement, device tracking, as an example. The device industry must
comply with hundreds of FDA requirements that require the disclosure of
protected health information. These requirements are in place to assure that
devices are developed and manufactured such that patient care is not
jeopardized.
Given the severe civil and criminal penalties which will
apply to entities violating the confidentiality standards established by the
rule, we are gravely concerned that an atmosphere may develop where hospitals
and other providers who now freely provide needed information to device
manufacturers, will be reluctant to provide that same information in the future.
To ensure that medical device manufacturers can carry out the activities
mandated by FDA and other government agencies that require protected health
information without individual authorization, it is essential that the final
rule enumerate the many requirements with which device manufacturers must
comply.
Device Manufacturers Should Be Permitted to Train Providers
Frequently, device manufacturers are the only entities with the
knowledge and experience to train providers on the use of a device.
In
addition to written instructional materials, such training frequently includes
one-on-one tutorials in which the needs of individual patients are necessarily
addressed. As currently written, the proposed regulation prohibits this type of
provider training unless patient authorization is obtained, although the rule
permits similar types of training if it is provided by health care
professionals.
To ensure the continued safe and proper use of medical
devices, we have urged HHS to change the proposed rule to reflect that effective
medical education results from a variety of sources including medical device
companies and that this type of training should be permissible without patient
authorization.
Requirements to "Deidentify" Individual Health
Information are Unworkable
We believe the rule's requirement that 19
identifiers be removed before protected health information can be considered
"deidentified" is unworkable and will yield information which is in most cases,
useless for research purposes. Additionally, the proposed rule deviates from the
"reasonable basis" standard promulgated by the Health Insurance Portability and
Accountability Act (HIPAA) and instead adopts a standard which will be very
difficult to meet, where one must, in effect, demonstrate that there is "no
reason to believe" that a recipient of protected health information could
"reidentify" the recipient.
In light of HIPAA's civil and criminal
provisions, it is likely these requirements, if adopted, will severely impede
medical research by creating an atmosphere of extreme uncertainty surrounding
what data can be legitimately released by a covered entity. We have urged HHS to
adopt the HIPAA standard regarding individually identifiable health information.
This will allow health information to be used unless there is a reasonable basis
to believe that the information can be used to identify the individual.
The Proposed Requirements for Research Invalidate the Common Rule
The proposed rule establishes new criteria to be included in patient
consent forms for participation in medical research which conflict with current
law governing human participation in clinical trials and which are inappropriate
for medical device trials.Currently, the form and content of patient
authorizations to participate in medical device trials are established by
Institutional Review Board's acting in accord with the federal regulatory
framework for the protection of human subjects (known as the Common Rule). The
proposed rule invalidates a number of the elements required by the Common Rule.
Additionally, a number of the elements in the proposed form are confusing and
inappropriate for medical device clinical trials and the volunteers who
participate in them.
Device Manufacturers Should Be Permitted to Support
Data Collection Activities of Governmental and Private Entities
The
proposed rule permits disclosure of protected health information to a government
health data system used to collect data for analysis in support of policy,
planning, regulatory or management functions authorized by law. Government
(specifically the Health Care Financing Administration (HCFA)) as well as
private payers often rely on device manufacturers to supply this information
specifically to support reimbursement and coverage policies.
We believe
the rule should allow device manufacturers to collect protected health
information that will be used to support HFCA's reimbursement policies and other
related decisions. The rule should also allow device manufacturers to collect
the same information for third party payers who, in turn, must supply device
reimbursement information to HCFA.
The Definition of Covered Entity
Should Exclude Most Device Manufacturers
We are extremely troubled that
the proposed rule does not clarify that the vast majority of device
manufacturers are not covered entities. As currently drafted, the definition of
covered entity includes device manufacturers who act as Medicare suppliers.
These types of companies comprise a very small portion of the medical device
industry. Because the definition of a covered entity does not distinguish
between the majority of device manufacturers and the "supplier manufacturers,"
it has the potential to be misinterpreted by implying that device manufacturers,
in general, are covered entities.
The rule is also vague in cases where
a "supplier manufacturer" has only one part of its business that acts as the
"supplier." Thus, in addition to urging HHS to clarify that the vast majority of
device manufacturers are not intended to be covered entities under the rule, we
have urged more detail regarding the scope of the supplier component and its
relationship to the rest of the company's business.
The Definition of
Public Health Authority Must Be Expanded
Finally, the proposed rule has
a severely limited definition of public health authority. Medical device
manufacturers operate in a global environment. As such, device manufacturers
must provide protected health information not only to U.S. government entities,
but also to government entities in other countries as well as private
organizations. It is critical, therefore, that the definition of public health
authority be expanded to allow disclosures to foreign governments and private
sector organizations.
Conclusion
In conclusion, HIMA strongly
supports measures that will ensure that individual health information is
appropriately protected while maintaining the safety and quality of care through
necessary communications and procedures. We believe the proposed privacy rule
has a number of shortcomings that will impede important research needed to
support device innovation and patient access to new and improved medical
technologies. We look forward to workable solutions that will guarantee safe
patient access to innovative technologies through mechanisms that promote
medical research and quality of care.
END
LOAD-DATE: April 27, 2000 
