On January 23, 2012, the Data Bank will introduce a number of enhancements aimed at streamlining processes for many Data Bank reporters and queriers, including State Licensing and Certification Agencies and Data Bank Administrators who are responsible for registering their organizations. The changes, summarized below, have the potential to benefit a large segment of the Data Bank community.
Report Forwarding to State Boards
One of the main new features coming to the Data Bank in January will eliminate the need for reporters to mail a copy of Data Bank reports to their relevant State Licensing Board. Reporters of Medical Malpractice Payments, Clinical Privilege, and Professional Society actions must print and mail a copy of the report to the appropriate State agency. Now, the Data Bank will make it easier for reporting organizations to comply with this requirement by enabling them to transmit reports electronically to State Licensing Boards that opt to participate in the new feature.
The automatic report forwarding option requires dual authorization-first by State Boards that must elect to participate, and subsequently by reporters at the time they submit each report. Electronic forwarding will not occur unless both sides agree to the exchange. To take advantage of this feature, each State Board that opts for report forwarding will verify the health care practitioner types they license or certify and agree to receive the reports electronically. Refer to the new State Board Profile page in Figure 1. Reporting organizations will choose to electronically forward their reports to the relevant agency on a report-by-report basis. Electronic report forwarding facilitates compliance with the law, and reporters who take advantage of it no longer need to remember to print and mail paper reports to State Boards.
In cases where a State Board declines to participate, or if a reporting organization prefers not to use the new feature for submitting a report, reporters remain responsible for sending a copy of the Report Verification Document to the appropriate State Board. The new service will be available initially through the Integrated Querying and Reporting System (IQRS). All State Boards will have a new State Board Profile button on the Administrator Options page, where they may enroll in the service, withdraw their agreement to participate, or modify their profile at any time.
Figure 1 State Boards must select the practitioner categories they license or certify when they first set up their profiles. This measure is designed to prevent inadvertent disclosures to the wrong licensing agency.
Please refer to the link below to access Figure 1
After a report is forwarded electronically, both the reporter and the Board will receive a Notice of Action via email and Data Bank correspondence, notifying them that a report was filed. Another email will notify the reporter when the report is viewed, or if a State Board fails to view a report within 7 days. Figure 2 depicts in more detail how the report forwarding process works. Several mechanisms will help track activity among electronically forwarded reports: The Historical Report Selection page may be used to find reports that have been electronically transmitted to State Boards; and the monthly Data Bank summary email for both reporters and State Boards will include information about the number of reports forwarded electronically and whether the reports were viewed. Use of this convenient report forwarding feature will require less manual work and enable the sending and receiving of required reports more quickly.
Figure 2. State Boards and reporting organizations may elect to use the new report forwarding feature. The process is outlined above.
Please refer to the link below to access Figure 2
Another important enhancement taking place in January is a more intuitive entity registration process. This enhancement will simplify an entity's determination of its statutory authority by having the entity answer a few straightforward questions about its organization. As organizations re-register, they also will be able to select additional primary functions to more accurately describe their organizations.
Professional School Report Fields
The professional school report field will be expanded to include schools for chiropractors as well as the existing physician occupations.
Eliminate Mailing of Paper Reports
The Data Bank will begin transitioning toward more reliance on online report change notices instead of sending paper copies by mail. Since 2008, organizations have received report change notices via paper as well as electronically. Most organizations view these notices electronically but have not explicitly opted out of the paper copy, so the January enhancement will complete the transition to on-line report viewing. Organizations that have never reviewed a report change notice online will be given instructions on how to do so and over time they, too, will transition to electronic viewing. Report subjects who currently receive a paper Subject Notification Document will receive instructions on how to view the report online through the Report Response Service. This will not only help protect personally identifiable information by reducing the amount of sensitive information that is sent by mail service, but it also will reduce the amount of paper we print by about 50 percent. Be sure to take advantage of these new features as they become available on January 23rd.
Health Care Reform Law Will Streamline Data Bank Operations
Last year's health care reform law, the Patient Protection and Affordable Care Act of 2010, included a provision to streamline Data Bank operations. Section 6403 of the Affordable Care Act was designed to eliminate duplicative data reporting and access requirements between the National Practitioner Data Bank (NPDB) and the Healthcare Integrity and Protection Data Bank (HIPDB). The statute requires the Secretary of the U.S. Department of Health and Human Services (HHS) to establish a transition period to transfer all data in the HIPDB to the NPDB and, once completed, to cease HIPDB operations. Information previously collected and disclosed through the HIPDB will then be collected and disclosed through the NPDB. The statute's intent is to transition HIPDB operations to the NPDB while maintaining reporting and querying requirements. HHS is drafting a Notice of Proposed Rulemaking to implement Section 6403 and anticipates its publication in the Federal Register in the near future.
Security in Review: Exercising Vigilance
Security is a continuous, high-priority activity at the Data Bank, and in recent years we have implemented an exceptional number and variety of improvements. Some security enhancements were highly visible to Data Bank users, while others may not have been generally obvious. Recent initiatives have included encrypting personally identifiable information, masking data, strengthening password protocols, requiring challenge questions, introducing secure messaging, and changing the way entities and users register with the Data Bank by implementing e-authentication.
There are numerous categories of security threats that all information systems must address to safeguard their information assets. In today's technological environment, the Data Bank is susceptible to a variety of threats, including:
- Identity threats leading to fraudulent access.
- Risk of data corruption.
- Improper data disclosure.
- Physical storage safety.
As technology evolves, the risks to information systems become more sophisticated and more numerous. Data Bank security initiatives reflect an ongoing commitment to confront these challenges promptly and thoroughly by following security standards and guidelines prescribed by the National Institute of Standards and Technology (NIST). For the Federal Government especially, adherence to NIST standards is compulsory and provides the foundation for an effective security policy.
NIST may issue any number of recommendations in a given year. As each new standard is published, the Data Bank must determine how best to incorporate these requirements into the framework of its system architecture, while taking into account its own requirements for meeting the needs of Data Bank users. The ongoing reassessment of security is a process that entails a great deal of planning and preparation, and often the renegotiation of priorities. In essence, security is a constant balancing act between risk and usability, with the ultimate goal of ensuring the safety of Data Bank information.
As we begin a new year, the Data Bank urges its users to review their work areas where threats may exist, from safeguarding physical assets at workplaces to restricting access where and when it is needed. As technology advances, the need for security will remain a challenge that requires continuing vigilance. Safe practices result in secure data, and the entire Data Bank community plays an important role in bringing that about.
Reporting Responsibilities for Health Plans
Health plans exercise an enormous influence on the delivery of health care in the United States. By reporting to the Data Bank, health plans help to protect patients from incompetent practitioners and to stop fraudulent health care practices. The Healthcare Integrity and Protection Data Bank (HIPDB) defines a "health plan" as a plan, program, or organization that provides health benefits, whether directly through insurance, through reimbursement, or otherwise. Examples of health plans include health maintenance organizations, third party administrators, and health insurance companies.
Health plans are required to report to the HIPDB and, in some cases, the National Practitioner Data Bank (NPDB). This article provides a brief overview of the dual eligibility requirements for health plans and their associated reporting responsibilities.
HIPDB Reporting Requirements
HIPDB regulations specify two types of final adverse actions that health plans must report: health care-related civil judgments and "other adjudicated actions or decisions." These actions must be reported to the Data Bank within 30 days of the action being taken. Table 1 describes each HIPDB reporting requirement, identifies the type of Data Bank report that a health plan would use to submit information about an action, and provides examples of reportable actions.
NPDB Reporting Requirements
The NPDB definition of a "health care entity" includes organizations that provide health care services and have a formal peer review process to further quality health care. The phrase "provides health care services" means the delivery of health care services through any of a broad array of coverage arrangements or other relationships with practitioners, either by employing them directly or through contractual or other arrangements. The definition, therefore, may include a range of managed care organizations or other types of health plans.
Health care entities are required to report adverse clinical privileges and panel membership actions to the NPDB within 30 days of the action being taken. Table 2 lists the specific NPDB reporting requirements for health plans that are "Health Care Entities." In addition, any entity, including a health plan that makes medical malpractice payments for the benefit of a health care practitioner, must report those payments to the NPDB.
Table 1. HIPDB Reporting Requirements for Health Plans
Please refer to the link below to access Table 1.