-
Start Preamble
AGENCY:
Health Resources and Services Administration (HRSA), HHS.
ACTION:
Final rule.
SUMMARY:
This final rule revises existing regulations under sections 401-432 of the Health Care Quality Improvement Act of 1986 and section 1921 of the Social Security Act, governing the National Practitioner Data Bank, to incorporate statutory requirements under the Patient Protection and Affordable Care Act of 2010 (Affordable Care Act). The Department of Health and Human Services (HHS) also is removing regulations which implemented the Healthcare Integrity and Protection Data Bank. Section 6403 of the Affordable Care Act, the statutory authority for this regulatory action, was designed to eliminate duplicative data reporting and access requirements between the Healthcare Integrity and Protection Data Bank (HIPDB) (established under section 1128E of the Social Security Act) and the National Practitioner Data Bank (NPDB). It requires the Secretary to establish a transition period to transfer all data in the Healthcare Integrity and Protection Data Bank to the National Practitioner Data Bank, and, once completed, to cease operations of the Healthcare Integrity and Protection Data Bank. Information previously collected and disclosed to eligible parties through the HIPDB will then be collected and disclosed to eligible parties through the NPDB. This regulatory action consolidates the collection and disclosure of information from both data banks into one part of the CFR.
DATES:
The effective date of this rule is May 6, 2013.
Start Further InfoFOR FURTHER INFORMATION CONTACT:
Director, Division of Practitioner Data Banks, Bureau of Health Professions, Health Resources and Services Administration, Parklawn Building, 5600 Fishers Lane, Room 8-103, Rockville, MD 20857; telephone number: (301) 443-2300.
End Further Info End Preamble Start Supplemental InformationSUPPLEMENTARY INFORMATION:
I. Background
A. Legal Authorities Governing the Data Banks
The paragraphs below provide a summary of the legal authorities governing the NPDB and the HIPDB.
(1) The Health Care Quality Improvement Act of 1986 (42 U.S.C. 11101 et seq.)
The NPDB was established by the Health Care Quality Improvement Act of 1986 (HCQIA), as amended (42 U.S.C. 11101 et seq.). The HCQIA authorizes the NPDB to collect reports of adverse licensure actions against physicians and dentists (including revocations, suspensions, reprimands, censures, probations, and surrenders); adverse clinical privileges actions against physicians and dentists; adverse professional society membership actions against physicians and dentists; Drug Enforcement Administration (DEA) certification actions; Medicare/Medicaid exclusions; and medical malpractice payments made for the benefit of any health care practitioner. Organizations that have access to this data system include hospitals, other health care entities that have formal peer review processes and provide health care services, state medical or dental boards and other health care practitioner state boards. Individual practitioners may self-query. Information under the HCQIA is reported by medical malpractice payers, state medical and dental boards, professional societies with formal peer review, and hospitals and other health care entities (such as health maintenance organizations).
(2) Section 1921 of the Social Security Act (42 U.S.C. 1396r-2) (Prior to the Passage of the Affordable Care Act)
Section 1921 of the Social Security Act (herein referred to as section 1921), as amended by section 5(b) of the Medicare and Medicaid Patient and Program Protection Act of 1987, Public Law 100-93, and as amended by the Omnibus Budget Reconciliation Act of 1990, Public Law 101-508, expanded the scope of the NPDB. Section 1921 requires each state to adopt a system for reporting to the Secretary certain adverse licensure actions taken against health care practitioners and entities by any authority of the state responsible for the licensing of such practitioners or entities. It also requires each state to report any negative action or finding that a state licensing authority, a peer review organization, or a private accreditation entity had taken against a health care practitioner or health care entity.
Groups with access to this information include all organizations eligible to query the NPDB under the HCQIA (hospitals, other health care entities that have formal peer review and provide health care services, state medical or dental boards, and other health care practitioner state boards), other state licensing authorities, agencies administering government health care programs (including private entities administering such programs under contract), state agencies administering or supervising the administration of government health care programs, state Medicaid fraud control units, certain law enforcement agencies, and utilization and quality control Quality Improvement Organizations (QIOs). Individual health care practitioners and entities may self-query. Information under section 1921 is reported by state licensing and certification authorities, peer review organizations, and private accreditation entities.
Final regulations implementing section 1921 were issued on January 28, 2010 (75 FR 4656). The NPDB began collecting and disclosing section 1921 information on March 1, 2010.
(3) Section 1128E of the Social Security Act (42 U.S.C. 1320a-7e) (Prior to the Passage of the Affordable Care Act)
Section 1128E of the Social Security Act (herein referred to as section 1128E), as added by section 221(a) of the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, directed the Secretary to establish and maintain a national health care fraud and abuse data collection Start Printed Page 20474program for the reporting and disclosing of certain final adverse actions taken against health care practitioners, providers, or suppliers. This data bank is known as the HIPDB. Section 1128E required Federal and state government agencies and health plans to report to the HIPDB the following final adverse actions: licensing and certification actions; criminal convictions and civil judgments related to the delivery of health care services; exclusions from government health care programs; and other adjudicated actions or decisions. Federal and state government agencies and health plans have access to this information. Individual practitioners, providers, and suppliers may self-query the HIPDB.
The HIPDB began collecting reports in November 1999. Requirements of both HCQIA and section 1921 overlap with the requirements under section 1128E, although each law has unique characteristics, including differences in the types of reportable actions and the types of agencies, entities, and officials with access to information. For example, all three reporting schemes require the reporting of state licensure actions. The HCQIA, however, only requires the reporting of licensure actions taken against physicians and dentists that are based on professional competence or conduct. In contrast, sections 1921 and 1128E do not have a requirement that reportable adverse licensure actions be based on professional competence or conduct and also differ in the types of subjects reported. In addition, sections 1921 and 1128E authorize access to many of the same types of agencies, organizations, and officials. For example, both statutes authorize access by law enforcement agencies, agencies that administer or pay for health care services or programs, and state licensing authorities. Private-sector hospitals and health care service providers are only able to access information reported under the HCQIA and section 1921, but not under section 1128E.
(4) Section 6403 of the Patient Protection and Affordable Care Act of 2010
Section 6403 of the Patient Protection and Affordable Care Act of 2010 (hereinafter referred to as section 6403), Public Law 111-148, amends sections 1921 and 1128E to eliminate duplication between the HIPDB and the NPDB, and requires the Secretary to establish a transition period for transferring data collected in the HIPDB to the NPDB and to cease HIPDB operations. Information previously collected and disclosed through the HIPDB will then be collected and disclosed through the NPDB. No new data elements have been added as a result of section 6403. All actions currently reported in the NPDB and HIPDB will be reported to the NPDB.
All security standards that are currently in place to protect the confidentiality of information in the Data Banks will be retained. HRSA follows the National Institute of Standards and Technology (NIST) security guidelines. More specifically, the Data Bank has extensive operational, management, and technical controls that ensure the security of the system and protect the data in the system. The Data Bank contains information classified under the Privacy Act that is considered personally identifiable information (PII). On an annual basis, the Data Bank conducts a detailed security review process that tests the effectiveness of the security controls to ensure the PII in the system remains safe. Finally, every three years, the Data Bank is Certified and Accredited (C&A) as a requirement to have an Authority to Operate (ATO), in order to function as a Federal system.
The specific amendments section 6403 makes to sections 1921 and 1128E are described in greater detail in the paragraphs below.
Subsection (a) of section 6403 amends section 1128E to require reporting to the NPDB instead of the HIPDB. Subsection (a) also eliminates requirements in section 1128E related to reporting by state agencies; conforms the requirements for reporting Federal licensing and certification actions to those that apply to state agencies under section 1921; provides that the information reported pursuant to section 1128E will be available to the agencies, entities, and officials authorized to access information reported pursuant to section 1921; and authorizes the Secretary to establish reasonable fees for the disclosure of the information, with no exception from the fee for Federal Government agencies. Finally, subsection (a) requires the Secretary, in implementing the amendments to section 1128E, to provide for the maximum appropriate coordination between part B of the HCQIA and section 1921.
Subsection (b) of section 6403 adds to section 1921 the state agency reporting requirements that were eliminated from section 1128E by subsection (a). These state actions, taken against health care practitioners, providers, and suppliers, include state licensing and certification actions, state health care-related criminal convictions and civil judgments, exclusions from government health care programs, and other adjudicated actions or decisions. Subsection (b) also conforms the requirements for reporting state licensing and certification actions to those that apply to Federal agencies under section 1128E and makes amendments to expand the data access provisions of section 1921(b) so that entities that were authorized to access final adverse action information reported to the HIPDB by state agencies under section 1128E will retain access to that information when it is reported to the NPDB under section 1921. Subsection (b) also adds new provisions under section 1921 that are modeled on similar provisions in section 1128E. These new provisions require the Secretary to disclose reported information to a subject of a report and establish other requirements designed to ensure that the information reported pursuant to section 1921 is accurate; authorize the Secretary to establish or approve reasonable fees for the disclosure of information reported pursuant to section 1921; and provide protection against liability in a civil action for entities reporting information as required by section 1921 (so long as such entities have no knowledge of the falsity of the information). Subsection (b) also provides definitions for the following terms: (1) “State licensing or certification agency;” (2) “State law or fraud enforcement agency;” and (3) “final adverse action.” Finally, subsection (b) requires the Secretary, in implementing the amendments to section 1921, to provide for the maximum appropriate coordination with HCQIA and section 1128E.
Subsection (c) of section 6403 amends section 1128C of the Social Security Act regarding the HHS Office of Inspector General's responsibilities with respect to section 1128E by deleting the HHS Office of Inspector General's responsibility to provide for the reporting and disclosure of certain final adverse actions against health care providers, suppliers, or practitioners pursuant to the data collection system established under section 1128E. Subsection (d) establishes requirements for a transition process; authorizes the Department of Veterans Affairs to access, free of charge for one year, information that was formerly reported only to the HIPDB; describes the availability of additional funds for the transition process, if necessary; and includes the effective date for the section.
Effectively, in addition to transferring HIPDB data and operations to the NPDB, section 6403 transfers all section 1128E reporting requirements by state agencies to section 1921, thereby eliminating Start Printed Page 20475duplication in certain state agency reporting requirements under both statutes, while leaving Federal agency and health plan reporting requirements under the authority of section 1128E. Section 6403 also creates a common list of queriers for section 1921 and section 1128E data. There are exceptions to this common querier list. Hospitals and other health care entities, professional societies, and QIOs have access to section 1128E data as well as licensing and certification actions under section 1921, but have no additional access to data as a result of section 6403. By maintaining many of the same reporting requirements and by maintaining different levels of access depending on who is requesting information in section 6403, Congress further indicated its intent that, despite the transition of HIPDB operations to the NPDB, original reporting and querying requirements remain the same to the greatest extent possible, while ensuring the maximum coordination among the three statutes. Section 6403 does not affect reporting requirements or query access under the HCQIA, so existing requirements under the HCQIA for hospitals, other health care entities, professional societies, or medical malpractice payers will not change.
The reporting and querying requirements of sections 1921 and 1128E, as amended by section 6403, are described in greater detail below.
B. Section 1921 as Amended by Section 6403
As amended by section 6403, section 1921 requires each state to have in effect a system of reporting licensure and certification actions taken against a health care practitioner or entity by a state licensing or certification agency. Section 6403 defines a state licensing or certification agency to include state licensing authorities, peer review organizations, and private accreditation entities. Licensing and certification actions include certain adverse actions taken by a state licensing authority as well as any negative action or finding that a state licensing authority, a peer review organization, or a private accreditation entity has concluded against a health care practitioner or entity. Each state also must have in effect a system of reporting information with respect to any final adverse action (not including settlements in which no findings of liability have been made) taken against a health care practitioner, provider, or supplier by a state law or fraud enforcement agency. These final adverse actions include criminal convictions or civil judgments in state court related to the delivery of health care services, exclusions from participation in a government health care program, and any other adjudicated action or decision. In addition, final adverse actions include any licensure or certification action taken against a supplier by a state licensing or certification agency. Section 1921 information is now available to agencies administering government health care programs, including private entities administering such programs under contract; state licensing or certification agencies, and Federal agencies responsible for the licensing and certification of health care practitioners, providers, and suppliers; state agencies administering or supervising the administration of government health care programs; health plans; state law or fraud enforcement agencies; and the U.S. Attorney General and other law enforcement officials as the Secretary deems appropriate. In addition, QIOs, as well as hospitals, professional societies, and other health care entities have access to “licensure and certification actions” reported under section 1921. These entities do not have access to “final adverse actions” added to section 1921 by section 6403. Potential subjects of section 1921 reports, including health care practitioners, health care entities, providers, and suppliers, may self-query.
C. Section 1128E, as Amended by Section 6403
Section 6403 amends section 1128E to require the Secretary to maintain a national health care fraud and abuse data collection program under this section for the reporting of certain final adverse actions against health care practitioners, providers, and suppliers. The Secretary shall furnish the information collected under section 1128E to the NPDB. Federal Government agencies and health plans are required to report to the NPDB the following final adverse actions: licensing and certification actions; criminal convictions and civil judgments in Federal or state court related to the delivery of health care services; exclusions from government health care programs; and other adjudicated actions or decisions.
The information collected under section 1128E shall be available from the NPDB to all agencies, authorities, and officials which are authorized under the amended section 1921 access provisions. However, under the section 1921 access provisions, hospitals, other health care entities, professional societies, and QIOs are only authorized to receive certain section 1921 information. Individual practitioners, providers, and suppliers may self-query the NPDB to receive section 1128E information.
The table below further illustrates the impact that section 6403 has on current data bank requirements, presenting the requirements for the HCQIA, sections 1921 and 1128E before the passage of section 6403, and the updated requirements after passage of section 6403.
The table is only a summary of the statutory reporting and querying requirements before and after passage of section 6403. All elements in the table, including definitions of terms used, are detailed in various sections of this final rule.
Table 1—Data Banks Statutory Requirements Before and After Passage of Section 6403*
Statutory Requirements before Passage of Section 6403 Reporting/Querying Requirements after Passage of Section 6403 WHO REPORTS? WHO REPORTS? HCQIA (NPDB) HCQIA (NPDB) Medical malpractice payers Boards of Medical/Dental Examiners Hospitals and other healthcare entities Professional societies with formal peer review Drug Enforcement Administration Health and Human Services-Office of Inspector General Medical malpractice payers Boards of Medical/Dental Examiners Hospitals and other healthcare entities Professional societies with formal peer review Drug Enforcement Administration Health and Human Services-Office of Inspector General SECTION 1921 (NPDB) SECTION 1921 (NPDB) Start Printed Page 20476 Peer review organizations Private accreditation organizations State authorities that license practitioners and entities Peer review organizations Private accreditation organizations State authorities that license or certify practitioners, entities, providers, suppliers State law or fraud enforcement agencies SECTION 1128E (HIPDB) SECTION 1128E (NPDB) Federal and state government agencies (including state law or fraud enforcement agencies) Health plans Federal Government agencies Health plans WHAT INFORMATION IS REPORTED? WHAT INFORMATION IS REPORTED? HCQIA (NPDB) HCQIA (NPDB) Medical malpractice payments Adverse licensure actions (physicians/dentists): —revocation, suspension, reprimand, probation, surrender, censure Adverse clinical privileges actions (primarily physicians/dentists) Adverse professional society membership (primarily physicians/dentists) DEA certification actions Medicare/Medicaid exclusions Medical malpractice payments Adverse licensure actions (physicians/dentists): —revocation, suspension, reprimand, probation, surrender, censure Adverse clinical privileges actions (primarily physicians/dentists) Adverse professional society membership (primarily physicians/dentists) DEA certification actions Medicare/Medicaid exclusions SECTION 1921 (NPDB) SECTION 1921 (NPDB) Licensing actions (practitioners and entities): —revocation, reprimand, censure, suspension, probation —any dismissal or closure of the proceedings by reason of surrendering the license or leaving the state or jurisdiction —any other loss of the license —any negative action or finding by a state licensing authority, peer review organization, or private accreditation entity Licensing or certification actions (practitioners, entities, providers, and suppliers): —revocation, reprimand, censure, suspension, probation —any dismissal or closure of the proceedings by reason of surrendering the license or leaving the state or jurisdiction —any other loss of, or loss of the right to apply for, or renew a license SECTION 1128E (HIPDB) —any negative action or finding by a state licensing or certification Licensing and certification actions (practitioners, providers, and suppliers) —revocation, reprimand, suspension, censure, —any other loss of license, or right to apply for, or renew, a license, whether by voluntary surrender, non-renewability, or otherwise —any other negative action or finding that is publicly available information Health care-related civil judgments in state court (practitioners, providers, suppliers) Exclusions from government health care programs (practitioners, providers, suppliers) Other adjudicated actions or decisions (practitioners, providers, suppliers) authority, peer review organization, or private accreditation entity Health care-related state criminal convictions (practitioners, providers, suppliers) Health care-related civil judgments in Federal or state court (practitioners, providers, suppliers) Exclusions from government health care programs (practitioners, providers, suppliers) Other adjudicated actions or decisions (practitioners, providers, suppliers) SECTION 1128E (NPDB) Federal licensing/certification actions (practitioners, providers, and suppliers): —revocation, reprimand, censure, suspension, probation —any dismissal or closure of the proceedings by reason of surrendering the license or leaving the state or jurisdiction —any other loss of, or right to apply for, or renew, a license, whether by voluntary surrender, non-renewability, or otherwise —any negative action or finding that is publicly available information Health care-related civil judgments in Federal or state court (practitioners, providers, suppliers) Health care-related Federal or state criminal convictions (practitioners, providers, suppliers) Exclusions from government health care programs (practitioners, providers, suppliers) Other adjudicated actions or decisions (practitioners, providers, suppliers) WHO CAN QUERY? WHO CAN QUERY? HCQIA (NPDB) HCQIA (NPDB) Start Printed Page 20477 Hospitals Other health care entities with formal peer review Professional societies with formal peer review Boards of Medical/Dental Examiners Other health care practitioner state licensing boards Plaintiff's attorney/pro se plaintiffs (limited circumstances) Health care practitioners (self-query) Researchers (statistical data only) Hospitals Other health care entities with formal peer review Professional societies with formal peer review Boards of Medical/Dental Examiners Other health care practitioner state licensing boards Plaintiff's attorney/pro se plaintiffs (limited circumstances) Health care practitioners (self-query) Researchers (statistical data only) SECTION 1921 (NPDB) SECTION 1921 and SECTION 1128E (NPDB) Hospitals and other health care entities (HCQIA) Professional societies with formal peer review Quality Improvement Organizations State licensing agencies that license practitioners and entities Agencies administering government health care programs, or their contractors State agencies administering government health care programs State Medicaid fraud control units U.S. Comptroller General U.S. Attorney General and other law enforcement Health care practitioners/entities (self-query) Researchers (statistical data only) Hospitals and other health care entities (HCQIA)** Professional societies with formal peer review** Quality Improvement Organizations** State licensing or certification agencies that license or certify practitioners, entities, providers, or suppliers Agencies administering (including those providing payment for services) government health care programs and their contractors State agencies administering government health care programs Federal agencies that license or certify practitioners, providers, suppliers Health plans State law or fraud enforcement agencies (including state medicaid fraud control units) SECTION 1128E (HIPDB) Federal and state government agencies Health plans Health care practitioners/providers/suppliers (self-query) Researchers (statistical data only) U.S. Comptroller General U.S. Attorney General and other Federal law enforcement Health care practitioners, entities, providers, suppliers (self-query) Researchers (statistical data only). * For NPDB requirements, the term “practitioners” is used throughout this table to mean “practitioners, physicians, and dentists.” ** Under Section 1921, these entities only have access to reported licensing or certification actions, which is consistent with these entities' access prior to enactment of the Affordable Care Act. D. Maximum Coordination When Implementing Section 6403
Sections 6403(a)(3) and 6403(b)(4) require the Secretary to provide for the maximum appropriate coordination among HCQIA, section 1921, and section 1128E when implementing the provisions of section 6403. We have made significant efforts to develop this final rule in a manner that minimizes the burden on reporters. Reporters previously responsible for reporting adverse actions to both the NPDB and HIPDB only needed to submit one report per action, provided that reporting was done through the Department's web-based system that sorted the appropriate actions into the HIPDB, the NPDB, or both. Similarly, under the revised regulations, reporters will only need to submit one report per action.
Congress's mandate that the Secretary provide for the maximum appropriate coordination among the statutes makes it necessary, in certain cases, to make slight modifications when combining sometimes overlapping statutory requirements. These instances are described in the paragraphs below, and in the discussion of the final regulatory definitions.
E. Terms Used To Describe Subjects of Reports Under Sections 1921 and 1128E
We clarified statutory language used to describe report subjects in several ways. First, we use the term “health care practitioner” throughout these regulations to refer to physicians, dentists, and other health care practitioners. The HIPDB definition of “health care practitioner” includes physicians and dentists. However, prior to implementation of this regulation, the NPDB definition of “health care practitioner” specifically excluded physicians and dentists. Therefore, when combining the HIPDB and NPDB definition in this rule, a decision had to be made about which definition to use. For the purposes of clarity, HRSA has decided to use the HIPDB definition. This decision does not expand or contract reporting requirements and does not make any substantive changes to the rule, but simply affects how certain subjects are described in the regulation. Further, this is consistent with how HRSA uses the term in guidance documents. We continue to define and use the terms “physician” and “dentist” in the Rule when there are specific references to physicians and dentists.
Second, we clarified statutory language with respect to report subjects by consistently using the term “entity, provider, and supplier” in referring to section 1921 entity report subjects. Both original and amended section 1921 reporting requirements include certain adverse actions taken against a “health care practitioner or entity,” and NPDB regulations use the HCQIA definition of “health care entity” to define the range of these report subjects. It is clear from the context of section 6403 that the use of the term “entity” also includes “supplier” subjects. Specifically, section 6403(b), which added the disclosure and correction provision in section 1921(d), refers only to “health care practitioner” and “entity” report subjects. It is not reasonable to conclude that Congress intended to prevent providers and suppliers from having access to their own reports or being able to dispute a report, while giving that ability to health care practitioners and entities. Although the provision only uses the terms practitioner and entity, it must be read broadly to keep the congressional intent of not making significant changes to current reporting and querying requirements. Therefore, we apply this provision to all section Start Printed Page 204781921 report subjects, including health care practitioners, entities, providers, and suppliers.
Finally, the proposed rule sometimes refers to “practitioner, provider, and supplier” as one grouping. The manner in which the regulation defines supplier may be read to include physicians and dentists. In the final rule, where physicians and dentists are specified, but other suppliers are not, it is intended that other suppliers are not included in those instances. Where suppliers are mentioned along with physicians and dentists, the intent is not to imply that suppliers do not include physicians and dentists, but that all terms were included for the sake of clarity.
F. Sanction Authority
HIPDB regulations include sanctions against Federal and state agencies and health plans for failure to report as required. For Federal and state government agencies, the Secretary provides for publication of a public report that identifies those agencies that have failed to report information as required. Health plans that fail to report information as required under section 1128E are subject to a civil money penalty of up to $25,000 for each action not reported. While section 6403 transfers state agency reporting requirements from section 1128E to section 1921, we plan to maintain existing sanction authority (publication of a public report) for those state agencies that are required to report licensure and certification actions, exclusions from government health care programs, criminal convictions and civil judgments in a state court, and other adjudicated actions or decisions. Further, we plan to maintain existing sanction authority, as stated above, and which currently exists in section 1128E, for those Federal agencies that fail to report. These sanctions are currently part of the agency's compliance plan, and we are attempting to maintain consistency between current and future Data Bank operational policy.
G. Authorization Dates for Collecting Reports
The authorization dates for collecting adverse actions under section 1921 and section 1128E are based on the original legislation for the requirements and are unchanged by the passage of section 6403. Amendments made by section 6403 represent a reorganization of existing statutory requirements and not an imposition of new actions. Therefore, the passage of section 6403 does not affect reporters' obligations to report action back to the dates currently in use for the system. Actions taken by state agencies transferred from section 1128E to section 1921 will retain their original authorization dates.
II. Summary of the Proposed Rule
The proposed regulation published on February 15, 2012 (77 FR 9138) amended the following sections of the regulations.
60.1 The National Practitioner Data Bank
The proposed rule amended this section by incorporating the statutory provisions for section 1128E of the Social Security Act.
60.2 Applicability of These Regulations
The proposed rule amended this section by revising the reporting requirements to include those organizations and agencies required to report under section 1921 and section 1128E (both as amended by section 6403).
60.3 Definitions
In the proposed rule, we incorporated existing definitions from the HIPDB regulations and added new statutory definitions created by section 6403. We also modified existing regulatory definitions by combining similar regulatory definitions for the same term where NPDB and HIPDB terms overlapped and were inconsistent, or deleted terms where a combination would not make sense. For example, the term “Act” was deleted because it was vague and could not be used to distinguish between the three statutes that now govern the operation of the NPDB. We believe this approach is consistent with the mandate that the Secretary provide for the maximum appropriate coordination among the HCQIA, section 1921, and section 1128E. The proposed rule also clarified new statutory definitions by providing additional examples of the scope of the definitions.
As a result, we added the following new terms to this section, which are in the current HIPDB regulations: “civil judgment,” “criminal conviction,” “exclusion,” “Federal Government agency,” “health care provider,” “health care supplier,” “health plan,” “other adjudicated actions or decisions,” “state law or fraud enforcement agency,” and “state licensing or certification agency.”
In addition to the new terms we added in this section, we also slightly amended the definitions of the following existing terms to ensure the maximum appropriate coordination among requirements for the HCQIA, and sections 1921 and 1128E of the Social Security Act: “board of medical examiners, or board,” “health care entity,” “health care practitioner, licensed health care practitioner, licensed practitioner, or practitioner,” “hospital,” “negative action or finding,” “peer review organization,” “physician,” “private accreditation entity,” and “voluntary surrender of license or certification.”
In addition to the definitions we have added or clarified, we also eliminated the term “Act” from section 60.3. We chose this approach to avoid confusion when referencing the different statutes governing NPDB operations. NPDB regulations currently define “Act” as the Health Care Quality Improvement Act of 1986, title IV of Public Law 99-660, as amended. HIPDB regulations define “Act” as the Social Security Act. We instead reference each of these statutes (as well as other governing statutes) by name where they appear in the regulations.
We also used the NPDB definition for the term, “state,” as it relates to all requirements under the HCQIA and sections 1921 and 1128E.
60.4 How Information Must Be Reported
The proposed rule sought to amend this section by changing the reference to “§ 60.11” to read “§ 60.12” and including references to the newly added §§ 60.10, 60.11, 60.13, 60.14, 60.15, and 60.16. The reference to reporting to the Board of Medical Examiners was also removed.
60.5 When Information Must Be Reported
The proposed rule sought to amend this section of the existing NPDB regulations by:
a. Revising the introductory text of this section to include references to the newly added §§ 60.10, 60.13, 60.14, 60.15, and 60.16 and redesignated §§ 60.11 and 60.12;
b. Adding the August 21, 1996, legacy reporting date for section 1128E actions; and
c. Removing paragraphs (a)—(d) and replacing them with a list of reportable actions. This list reflects the combination of reporting categories from the NPDB and the HIPDB regulations.
The proposed rule brought the HIPDB reporting time frame in line with the NPDB and eliminated references from the current HIPDB regulation to reporting by the close of an entity's next monthly reporting cycle. The proposed rule also eliminated from the current NPDB regulation the requirement for Start Printed Page 20479reporting within a 15-day window for those entities that have a dual obligation to report to a state authority. Thus, all reports must be made within 30-calendar days from the date the final adverse action was taken. This rule also sought to clarify the state reporting obligations for persons or entities responsible for submitting malpractice payments (§ 60.7), negative actions or findings (§ 60.11), and adverse actions (§ 60.12). Reports for these three categories are submitted directly to the NPDB and a copy of the report must be mailed to the appropriate state licensing or certification agency. This has been the operational practice of the NPDB since 1990 and fulfills the statutory state reporting obligation for these reporters.
60.6 Reporting Errors, Omissions, Revisions or Whether an Action is on Appeal
The proposed rule sought to amend this section by:
a. Revising the title to include reporting of whether an action is on appeal. This information currently must be reported for final adverse actions specified in HIPDB regulations;
b. Revising the first and last sentences in paragraph (b) to include the requirement to report revisions to actions for all licensure and certification actions, criminal convictions, civil judgments, exclusions, and other adjudicated actions or decisions. The HIPDB regulations require reporting of revisions to these actions;
c. Revising the third sentence of paragraph (b) to include the requirement to report when an action is on appeal for licensure and certification actions, criminal convictions, civil judgments, exclusions, and other adjudicated actions; and
d. Adding a new sentence at the end of paragraph (a) and new paragraphs (c) and (d) to clarify current data bank policy regarding notifying subjects of a report and the steps subjects may take to ensure the information reported is accurate. These clarifications generally are included in HIPDB regulations, but the same policy has applied to the NPDB as well.
60.7 Reporting medical malpractice payments. (The proposed rule made no changes to this section.)
60.8 Reporting Licensure Actions Taken by Boards of Medical Examiners
The proposed rule sought to amend this section by revising the reference to “'§ 60.11” in the last sentence of paragraph (c) to read “'§ 60.12.” This change reflects the fact that 60.11 was redesignated as § 60.12 in these proposed rules. The proposed rule also added “Individual Tax Identification Number (ITIN)” to § 60.8(b)(4) after the word Social Security Number.
60.9 Reporting Licensure and Certification Actions Taken by States
The proposed rule amended § 60.9 to reflect the changes made by section 6403 to the section 1921 licensure action reporting requirements by state agencies. The title of this section was revised to include licensure and certification actions, as required under section 6403(b)(1)(A)(i). The term “certification” has two distinct meanings in both the NPDB and HIPDB regulations. First, in both sets of regulations, “certification” is related to licensure. Licensure includes certification and other forms of authorization to provide health care services, and, based on their individual laws and requirements, states may “license,” “certify,” or “register” certain types of health care practitioners, health care entities, providers, or suppliers. For example, states may certify nurse's aides. Second, in section 1128E and the HIPDB regulations, the term “certification” is also used to refer to certification of a health care practitioner, provider, or supplier to participate in a government health care program. In this context, certification includes certification agreements and contracts for participation in a government health care program. State certification actions such as termination of a hospital's Medicaid participating provider agreement or contract are now being reported to the NPDB under this part.
The proposed rule also modified paragraphs (a) and (b) to reflect the range of subjects reported under this section to include health care practitioners, health care entities, providers, and suppliers. In addition, the proposed rule amended paragraphs (a)(1) through (a)(4) to reflect changes to those reporting requirements made by section 6403(b)(1)(A), which intended to harmonize state licensure and certification action reporting requirements with Federal licensure and certification action reporting requirements under section 1128E. To reflect the fact that section 6403 transferred state licensure and certification action reporting requirements from section 1128E to section 1921, the proposed rule made the following changes to ensure that the original reporting requirements from the HIPDB regulations remain unchanged. First, we amended language in paragraphs (a)(1) through (4) to clarify the range of reportable licensure and certification actions with respect to a license, certification agreement, or contract for participation in government health care programs. Second, in paragraph (c)(4)(ii), which was previously a reserved field, we added a data element for the date of any appeal. Third, we added paragraph (e) to incorporate the sanctions for failure to report that were included in the HIPDB regulations for state licensure and certification actions. Finally, we are also adding “Individual Tax Identification Number (ITIN)” to § 60.9(b)(1)(ii) after the word Social Security Number.
60.10 Reporting Licensure and Certification Actions Taken by Federal Agencies
The proposed rule redesignated § 60.10 as § 60.11, and added a new § 60.10 to implement the reporting requirements for Federal licensure and certification agencies. These agencies must report to the NPDB the following final adverse actions that are taken against a health care practitioner, provider, or supplier (regardless of whether the final adverse action is the subject of a pending appeal):
- Formal or official actions, such as revocation or suspension of a license or certification agreement or contract for participation in government health care programs (and the length of any such suspension), reprimand, censure, or probation;
- Any dismissal or closure of the proceedings by reason of the health care practitioner, provider, or supplier surrendering their license or certification agreement or contract for participation in government health care programs, or leaving the state or jurisdiction;
- Any other loss of the license or loss of the certification agreement or contract for participation in a government health care program, or the right to apply for, or renew, a license or certification agreement or contract of the health care practitioner, provider, or supplier, whether by operation of law, voluntary surrender, nonrenewal (excluding non-renewals due to nonpayment of fees, retirement, or change to inactive status), or otherwise; and
- Any other negative action or finding by such Federal agency that is publicly available information.
Further, the proposed rule substituted the acronym “ITIN” in place of the word “Individual Tax Identification Number” in § 60.10(b)(1)(ii).Start Printed Page 20480
60.11 Reporting Negative Actions or Findings Taken by Peer Review Organizations or Private Accreditation Entities. [Redesignated]
The proposed rule redesignated § 60.11 as § 60.12 and added redesignated § 60.10 as § 60.11. In accordance with the changes to the scope of “entity” report subjects required by section 6403, the proposed rule amended paragraph (a) of this section to include the reporting of health care practitioners, health care entities, providers, and suppliers. While peer review organizations will continue to report negative actions or findings taken against health care practitioners, private accreditation entities are required to report actions taken against health care entities, providers, or suppliers. Paragraph (a) is revised to reflect that the reporting entity, (i.e., peer review organization or private accreditation entity) not the state, must submit reports directly to the NPDB and then provide a copy of the report to the appropriate state licensing or certification authority by mail. The remaining paragraphs (b)-(d) are accordingly modified to reflect this reporting scheme.
60.12 Reporting Adverse Actions Taken Against Clinical Privileges. [Redesignated]
The proposed rule redesignated § 60.12 as § 60.17 and added redesignated § 60.11 as § 60.12. As done with § 60.11, the reporting scheme under paragraph (a) is revised to reflect that health care entities send reports directly to the NPDB and provide a copy of the report to the State Board of Medical Examiners.
Further, the proposed rule slightly modified the heading of § 60.12(a) to read “Reporting by Health Care Entities to the NPDB.”
60.13 Reporting Federal or State Criminal Convictions Related to the Delivery of a Health Care Item or Service
The proposed rule redesignated § 60.13 as § 60.18, and added a new § 60.13 to implement the requirements of section 6403. Under this provision, Federal and state prosecutors are required to report criminal convictions against health care practitioners, providers, or suppliers related to the delivery of a health care item or service (regardless of whether the conviction is the subject of a pending appeal).
60.14 Reporting Civil Judgments Related to the Delivery of a Health Care Item or Service
The proposed rule redesignated § 60.14 as § 60.19, and added a new § 60.14 to implement the requirements of section 6403. Under this provision Federal and state attorneys and health plans must report civil judgments against health care practitioners, providers, or suppliers related to the delivery of a health care item or service (regardless of whether the civil judgment is the subject of a pending appeal).
60.15 Reporting Exclusions From Participation in Government Health Care Programs
The proposed rule redesignated § 60.15 as § 60.20, and added a new § 60.15 to implement the requirements of section 6403. Under this provision, Federal Government agencies and state law and fraud enforcement agencies must report health care practitioners, providers, and suppliers excluded from participating in government health care programs, including exclusions resulting from a settlement that is not reported because no findings or admissions of liability have been made (regardless of whether the exclusion is the subject of a pending appeal).
60.16 Reporting Other Adjudicated Actions or Decisions
The proposed rule redesignated § 60.16 as § 60.21, and added a new § 60.16 to implement the requirements of section 6403. Under this provision, Federal Government agencies, state law and fraud enforcement agencies, and health plans must report other adjudicated actions or decisions as defined in § 60.3 related to the delivery, payment or provision of a health care item or service against health care practitioners, providers, and suppliers (regardless of whether the other adjudicated action or decision is subject to a pending appeal).
60.17 Information Which Hospitals Must Request From the National Practitioner Data Bank [Redesignated]
The proposed rule redesignated § 60.12 as § 60.17.
60.18 Requesting Information From the National Practitioner Data Bank [Redesignated]
The proposed rule redesignated § 60.13 as § 60.18. The proposed rule sought to amend § 60.18, paragraph (a) of the existing NPDB regulations to clarify to whom information under the HCQIA as well as the amended sections 1921 and 1128E components of the NPDB would be made available by:
a. Redesignating § 60.13 as § 60.18 to implement the requirements of section 6403;
b. Revising the reference to “§ 60.11” in paragraph (a)(1) to read “§ 60.12;”
c. Revising the reference to “§ 60.12” in paragraph (a)(1)(v) to read “§ 60.17;”
d. Adding the references to include §§ 60.10, 60.11, 60.13, 60.14, 60.15, and 60.16 in paragraph (a)(2);
e. Revising paragraph (a)(2)(i) to include the following language in parentheses after the word administering: “including those providing payment for services;”
f. Replacing the text in paragraphs (a)(2), (ii), (iv), (v), (vi), and (vii) to reflect the revised list of entities which may receive information reported under §§ 60.9, 60.10, 60.11, 60.13, 60.14, 60.15 and 60.16; and
g. Inserting paragraph (a)(2)(viii).
Based on section 6403 amendments, state licensing or certification agencies and Federal agencies responsible for the licensing and certification of health care practitioners, providers and suppliers are authorized to query the NPDB under section 1921 and 1128E. We understand the statutory language to limit query access to those state licensing and certification agencies that license or certify health care practitioners, entities, providers, or suppliers. These agencies would include only authorities of the state responsible for licensure or certification and would exclude peer review organizations and private accreditation entities. Such an interpretation of the statutory language is consistent with the goal of maintaining existing NPDB and HIPDB reporting and querying requirements to the greatest extent possible.
Consistent with section 6403 language, hospitals and other health care entities, professional societies, and QIOs will have access to section 1921 information reported in §§ 60.9 and 60.11, and section 1128E information reported in §§ 60.10, 60.13, 60.14, 60.15, and 60.16. Access to the section 1921 information for these groups was not affected by the passage of section 6403. Section 6403 expands the access that these groups have with respect to Federal information under section 1128E.
60.19 Fees Applicable to Requests for Information [Redesignated]
The proposed rule amended redesignated § 60.19(a) to reflect, based on section 6403 amendments, the full range of subjects that will be sent a copy of a report submitted about them.Start Printed Page 20481
60.20 Confidentiality of National Practitioner Data Bank Information [Redesignated]
The proposed rule slightly amended redesignated § 60.20 so that it reflects the limitations on disclosure provisions based on current NPDB and HIPDB regulatory language. These confidentiality requirements would apply to all information obtained from the NPDB.
60.21 How To Dispute the Accuracy of National Practitioner Data Bank Information [Redesignated]
The dispute process for the NPDB and the HIPDB is identical; however, HIPDB regulations currently provide a more detailed account of the process than do the NPDB regulations. Therefore, the proposed rule amended this section to include the HIPDB regulatory provisions for disputing the accuracy of data bank information.
60.22 Immunity.
Section 6403 added a provision to section 1921 that provides reporters of NPDB information immunity from liability in a civil action filed by the subject of a report, unless the individual, entity, or authorized agent submitting the report has actual knowledge of the falsity of the information contained in the report. HIPDB regulations also contain a similar immunity provision. The proposed rule added this provision, which will apply to all individuals who, and entities and authorized agents that, report information to the NPDB.
III. Summary and Response to Public Comments
The proposed rule set forth a 60-day public comment period, ending April 16, 2012. HRSA received 11 public comments from several private citizens, a health care entity, a state department of public health, a consumer rights advocacy group, a health care accrediting body, and several national associations representing physicians, nurses, health insurers, and health plans. None of the public comments opposed the merger of the HIPDB with the NPDB. Four out of the 11 comments did not request any changes or clarifications and wrote expressly to commend HRSA for taking this step to improve efficiency and reduce duplication of effort by the government. The remaining seven comments touched upon the following issues: definitions (§ 60.3), the scope of the Secretary's access to documents related to private accreditation actions (§ 60.11), due process requirements for clinical privilege actions (§ 60.12), clarification on reporting civil judgments (§ 60.14), query fees (§ 60.19), and the confidentiality of NPDB information (§ 60.20).
Set forth below is an overview of these comments and our responses by section number of the proposed rule.
Definitions (§ 60.3)
1. Health Care Entity, Health Care Provider, and Health Care Supplier
Comment: One commenter requested that HRSA eliminate redundant and or conflicting definitions for health care provider, supplier, and entity. This commenter specifically urged HRSA to “establish clear and explicit definitions and criteria for determining the subjects of private accreditation entity reporting.”
Response: Accreditation entities should report only those organizations or business entities that they accredit and that meet the definition of entity, supplier, or provider. Our intention is not to expand who is subject to accreditation entity reporting. These definitions have not proven to be problematic in the past and we believe that the definitions for provider, supplier and entity are well-defined.
Comment: Another commenter also required clarification regarding our usage of the term “entity” in a chart in the proposed rule and raised concern over whether HRSA intended to expand the scope of who may query the Data Bank by not providing a specific definition.
Response: HRSA has provided a definition for “health care entity,” which is contained in Title IV of HCQIA and was carried over into the proposed rule. The proposed rule has not introduced any new categories of queriers. The section of the chart in question shows that entities could self-query under Section 1921 before the passage of section 6403, and also shows that entities have that same ability after the passage of section 6403.
2. Negative action or finding
Comment: HRSA specifically invited comments on the definition of “negative action or finding” in the proposed rule because this was a new definition resulting from the merger of the HIPDB definition with the NPDB definition. We received only two comments. One commenter requested a more detailed definition to avoid inconsistent reporting, while the other commenter requested that the definition not change without a separate rulemaking. The former commenter suggested revising the definition for negative action or finding to read, “* * * any action or finding which in any way restricts a subject's ability to practice or engage in business or which a reasonable person would interpret as reflecting criticism in any way on the subject even if the subject's ability to practice or engage in business is not affected. This includes reprimands, letters of concern, consent orders, settlement agreements and any other similar item regardless of what it is called.”
Response: HRSA acknowledges that a change in the definition of negative action or finding could have wide-spread implications. We do not believe that we received sufficient comments to warrant a change to the definition at this time. We also acknowledge that additional guidance on the application of this definition would be useful, in particular as the definition pertains to Federal or state licensing or certification authorities. While licensure actions such as revocation, suspension, probation, reprimand or censure that are the result of formal proceedings are clearly understood to be universally reportable, state laws determine how each state defines any additional negative action or finding. Each state must be prepared to justify their decisions, supported by state law, to report or decline to report these actions by referencing specific state statutes. Further, concerning the use of consent agreements or other vehicles through which a board takes formal action, it is our policy that the vehicle itself (i.e., consent agreement) does not make an action reportable or not. Rather, we look at the action taken. For example, if a board issues a reprimand in a consent agreement, the reprimand is reportable. Likewise, if a board issues a consent agreement and orders a person to pay an administrative fine but does not take any other actions, and the state law does not define this as a negative action or finding, this action is not reportable.
3. Peer review organization
Comment: One commenter requested that the definition for “peer review organization” be modified to remove the exclusion for Medicare Quality Improvement Organizations (QIOs). This commenter stated that excluding QIOs from reporting to the NPDB “* * * is contrary to the statute [Section 1921] these proposed regulations are intended to implement.” The argument for changing this definition hinges upon the use of the phrase “any peer review organization” in the statute. This commenter stated that, according to the statutory definition, a QIO is a kind of “peer review organization” and should not Start Printed Page 20482have been excluded from reporting to the NPDB.
Response: The issue regarding reporting requirements for QIOs was last addressed in a separate rulemaking that was published in the Federal Register on March 21, 2006 (71 FR 14135). At that time we invited comments related to the exemption of QIOs from reporting under Section 1921 and received four comments supporting this exemption and only one comment against this exemption. The final rule was published on January 28, 2010 (75 FR 4656), and the rationale for maintaining the exemption was explained in the preamble of that rule. Under the current rulemaking, specific comments were not elicited on this definition because it is not a new definition that resulted from the merger. Therefore, we find that this comment falls outside the scope of this rulemaking.
4. Other adjudicated actions or decisions
Comment: One commenter requested that HRSA clarify the definition for “Other adjudicated actions or decisions” to exclude personnel terminations that are made for administrative or business reasons that are unrelated to health care fraud or abuse or quality of care. According to this commenter, some states and the Centers for Medicare & Medicaid Services (CMS) have mandated a due process mechanism for practitioners in situations where a health plan may have terminated contracts for business reasons (e.g., a health plan ceases operations in a certain geographic area and terminates provider contracts in that region). The commenter feels the current definition could be interpreted to require reporting to the NPDB because of the existence of a due process mechanism.
Response: HRSA agrees with this commenter and has provided examples of business or administrative terminations that are excluded from this definition in the text of the final rule.
5. Professional review action
Comment: One commenter requested that HRSA revise the definition of “professional review action” under subsection (d)(4) to insert the word “physician” before the term “health care practitioner” when talking about the class of members. This request stems from a concern that leaving out this term might suggest that physicians are not excluded under this subsection because it is inconsistent with our practice throughout the proposed rule of spelling out the term “practitioner” when talking about the full range of providers subject to the NPDB regulations.
Response: HRSA made the decision to use the term “health care practitioner” to be inclusive of physicians and dentists. Therefore, there is no need to add the term “physician” to the referenced text.
6. State Law or Fraud Enforcement Agency
Comment: One commenter requested that HRSA revise the proposed definition for “state law or fraud enforcement agency” to exclude state agencies administering a government health care program. This commenter specifically worries that HRSA is broadening the scope of the NPDB to include actions that may not be attributable to fraudulent activity and is trying to expand the class of queriers.
Response: All state actions under Section 1128E were transferred to Section 1921 with the passage of section 6403 of the Affordable Care Act. State agencies administering a government health care program were already included under Section 1921 as reporters and queriers prior to the passage of section 6403. Thus these agencies do not constitute a new group of reporters or queriers. To ensure that this group continues to have the same reporting requirements it has always had, we included it under the definition of state law or fraud enforcement agency because the state agencies carry out investigative functions.
Reporting Negative Actions or Findings Taken by Peer Review Organizations or Private Accreditation Entities (§ 60.11)
Comment: One commenter requested that HRSA establish a clear scope, purpose, and limitation on the access the Secretary has to documents related to private accreditation actions.
Response: Access to documents by the Secretary or Secretary's designee in this section pertains solely to assuring compliance with NPDB reporting requirements. Thus, the authority to request documents is limited to the purpose of ensuring proper reporting of peer review and accreditation actions and we believe that such scope is clearly defined. The Secretary has similar access to documents related to other actions.
Reporting Adverse Actions Taken Against Clinical Privileges (§ 60.12)
Comment: One commenter requested that additional regulatory language be added to this section to require a due process mechanism for advanced practice registered nurses and other health care practitioners to ensure that these practitioners are afforded due process rights and procedures equal to those afforded physicians. This commenter suggested adding the following language: “(d) Exception. Notwithstanding the foregoing, no adverse action taken against the clinical privileges of any health care practitioner shall be reported unless the health care practitioner received a due process hearing before adverse action was taken.”
Response: As indicated in the proposed rule, the current regulations governing the NPDB that were not modified by section 6403 of the Affordable Care Act are not subject to review and comment. The reporting requirements for clinical privileges continue to fall under Title IV of the HCQIA and were not modified by section 6403. Therefore, this comment falls outside the scope of this rulemaking.
Reporting Civil Judgments Related to the Delivery of a Health Care Item or Service (§ 60.14)
Comment: One commenter requested clarification regarding the requirement that health plans must report civil judgments against health care practitioners, providers, or suppliers related to the delivery of a health care item or service. This commenter noted that during the course of a health plan's credentialing processes, the plan may become aware of civil judgments against a practitioner to which the health plan was not a party. The commenter specifically requests that the reporting requirement specify that health plans report only those civil judgments resulting from cases involving the health plan.
Response: Health plans are required to report only those civil judgments to which they are a party. Health plans and other users of the NPDB may notify us if they identify actions that may not have been reported.
Fees Applicable to Requests for Information (§ 60.19)
Comment: Two commenters requested clarification on whether query fees would be raised by the merger of the HIPDB with the NPDB.
Response: Currently, each traditional query costs the querier $4.75 per data bank. Self-queries are $8.00 and Continuous Query enrollments are $3.25 per data bank per year. Once the HIPDB and NPDB are consolidated, queriers who were authorized to query both data banks will need to pay only one single fee instead of two fees. Currently, there are no plans to raise these query fees. To the extent that the fees are changed in Start Printed Page 20483the future, the Department will announce such changes in the Federal Register.
Confidentiality of National Practitioner Data Bank information (§ 60.20)
Comment: Two commenters asked HRSA to describe to what extent NPDB confidentiality would be protected and whether state Freedom of Information Acts (FOIA) would apply to the information contained in the NPDB. Another commenter asked HRSA to revise language in this section to strike the phrase “from its own files to create such reports” regarding the disclosure of information by a party under applicable state or Federal law. This third commenter expressed concerns that this inserted language might invite researchers and others to seek out the reporting entity to ask for information from the entities' own files and felt that the proposed change was “superfluous”.
Response: Information reported to the NPDB is considered confidential, and access to and use of the information is prescribed by the three statutes that govern the NPDB. As stated in § 60.20, “Persons and entities receiving information from the NPDB, either directly or from another party, must use it solely with respect to the purpose for which it was provided.” Both improper use and access to NPDB information may result in a civil monetary penalty that is currently set at up to $11,000 for each violation. The Privacy Act also protects the contents of Federal records on individuals from disclosure without the individual's consent, unless the disclosure is for a routine use of the system of records as published annually in the Federal Register. The published routine uses of NPDB information, which are based on the laws and the regulations under which the NPDB operates, do not allow disclosure to the general public. Given these statutory restrictions on NPDB information, NPDB information is not releasable through FOIA.
The confidentiality provisions prohibit the release of the report submitted to the Data Bank. These provisions, though, do not apply to the original documents or records from which the reported information is obtained. The NPDB's confidentiality provisions do not impose any new confidentiality requirements or restrictions on those documents or records. Thus, the confidentiality provisions do not bar or restrict the release of the underlying documents, or the information itself, by the entity taking the adverse action or making the payment in settlement of a written medical malpractice complaint or claim. For this reason we inserted clarifying language in § 60.20, which already existed in the HIPDB regulations, stating that an entity is free to release information “from its own files” provided that such disclosure is otherwise permitted by state and Federal law.
This provision allows the disclosure of information used to create an NPDB report, consistent with other legal requirements, however it does not permit the release of the NPDB report itself. So, for instance, if a state FOIA law requires the release of records, while it may require the release of the records underlying the report, it would not permit the release of the NPDB report itself.
Comment: One commenter raised concern over whether Tax Identification Numbers (TINs) would be viewable on NPDB query reports.
Response: Social Security Numbers and TINs are masked and not viewable on query reports requested by authorized entities. This is done to protect health care practitioners and entities from potential identity theft or misuse of this sensitive information.
IV. Summary of Revisions in the Final Rule
Based on our review and response to HHS and public comments, and on the discretionary authority granted to the Department under section 6403 of the Affordable Care Act, we have made the following revisions to the proposed regulations.
Definitions. (§ 60.3)
We are revising the definition of “health care practitioner, licensed health care practitioner, licensed practitioner, or practitioner” to include physicians and dentists.
We are revising the definition of “other adjudicated actions or decisions” to include examples of non-reportable contract terminations.
Confidentiality of National Practitioner Data Bank information. (§ 60.20)
We modified language in this section to clarify that a Data Bank report itself may not be disclosed, except as permitted by §§ 60.17, 60.18, and 60.21. The final rule now states “The Data Bank report may not be disclosed, but nothing in this section will prevent the disclosure of information by a party from its own files used to create such reports where disclosure is otherwise authorized under applicable state or Federal law.”
How to Dispute the Accuracy of National Practitioner Data Bank information. (§ 60.21)
We slightly modified the language in section (b)(1) and (c)(1) to allow for procedural changes as a result of new technologies. Subjects currently dispute a report or request a review of a disputed report online, rather than in writing. We changed the phrase “in writing” to “in the format as determined by the Secretary.” In addition, to add clarity, in section (c) we changed the phrase “Procedures for requesting a Secretarial review” to “Procedures for requesting a review of a disputed report.”
V. Regulatory Impact Statement
A. Regulatory Analysis
This final rule is technical in nature. It involves transferring data reporting requirements under 45 CFR part 61 for the Healthcare Integrity and Protection Data Bank (HIPDB) to 45 CFR part 60 for the National Practitioner Data Bank (NPDB), another data bank receiving like reports. The result of this transfer does not increase the regulatory burden on affected entities; it alleviates duplication.
1. Executive Orders 12866 and 13563
Executive Orders 13563 and 12866 direct agencies to assess all costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). Executive Order 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This rule is not being treated as a “significant regulatory action” under section 3(f) of Executive Order 12866. Accordingly, the rule has not been reviewed by the Office of Management and Budget.
2. Regulatory Flexibility Act
The Regulatory Flexibility Act (RFA) and the Small Business Regulatory Enforcement and Fairness Act of 1996, which amended the RFA, require HRSA to analyze options for regulatory relief of small businesses. For purposes of the RFA, small entities include small businesses, nonprofit organizations, and government agencies. Further, in accordance with the RFA, if a rule has a significant economic effect on a substantial number of small entities, the Secretary must specifically consider the economic effect of the rule on small Start Printed Page 20484entities and analyze regulatory options that could lessen the impact of the rule. The purpose of the final rule is to eliminate duplication between the HIPDB and the NPDB. The NPDB will serve as the sole repository for all information previously captured in the HIPDB. This will not substantially alter reporting requirements. Therefore, the Secretary certifies that these regulations will not have a significant impact on a substantial number of small entities.
3. Unfunded Mandates Reform Act
Section 202 of the Unfunded Mandates Reform Act of 1995 (UMRA) (Pub. L. 104-4) requires agencies to assess anticipated costs and benefits for any rulemaking that may result in an annual expenditure of $139 million or more by state, local, or tribal governments, or the private sector. HRSA has determined that this rule does not impose any additional mandates on state, local, or tribal governments, or the private sector, that will result in an annual expenditure of $139 million or more. A full analysis under the UMRA is not necessary.
4. Executive Order 13132—Federalism
Executive Order 13132 establishes certain requirements that an agency must meet when it promulgates a rule imposing substantial direct requirements or costs on state and local governments, preempts state law, or otherwise has federalism implications. In reviewing this rule under the threshold criteria of Executive Order 13132, the Secretary has determined that this rule will not significantly affect the rights, roles, and responsibilities of state or local governments because the actions that are already reported under HIPDB are merely shifting to the NPDB.
B. Paperwork Reduction Act
This final rule does not add any new reporter categories, but information-collection requirements may be expanded for some reporters. For instance, the final rule interprets statutory references to “entity” reporting subjects under the amended section 1921 to include “health care providers and suppliers.” As a result, accreditation entities will now be required to report actions taken against providers and suppliers in addition to those subjects that meet the definition of a “health care entity.” However, these sorts of expansions are subtle and will not significantly alter the current requirements under the HIPDB and NPDB regulations. The NPDB and HIPDB regulations contain information collection requirements that have been approved by OMB under the Paperwork Reduction Act of 1995 (PRA) and assigned control numbers 0915-0126 and 0915-0239, respectively.
The only impact of the merging of 45 CFR part 61 with 45 CFR part 60 is to eliminate duplication and streamline internal operations. By combining two data banks into a single data bank, the need to capture like information in two data bases is eliminated.
Start SignatureDated: March 20, 2013.
Mary Wakefield,
Administrator, Health Resources and Services Administration.
Approved: March 26, 2013.
Kathleen Sebelius,
Secretary.
List of Subjects
45 CFR Part 60
- Billing and transportation services
- Claims
- Durable medical equipment suppliers and manufacturers
- Fraud
- Health care insurers
- Health maintenance organizations (HMOs)
- Health professions
- Hospitals
- Home health care agencies
- Hospitals
- Insurance companies
- Malpractice
- Pharmaceutical suppliers and manufacturers
- Reporting and recordkeeping requirements
- Skilled nursing facilities
45 CFR Part 61
- Confidential business information
- Health care
- Health professions
- Penalties
- Reporting and recordkeeping requirements
For the reasons set forth in the preamble, HHS amends 45 CFR subtitle A as follows:
Start Amendment Part1. Part 60 is revised to read as follows:
End Amendment Part Start PartPART 60—NATIONAL PRACTITIONER DATA BANK
- 60.1
- The National Practitioner Data Bank.
- 60.2
- Applicability.
- 60.3
- Definitions.
- 60.4
- How information must be reported.
- 60.5
- When information must be reported.
- 60.6
- Reporting errors, omissions, revisions or whether an action is on appeal.
- 60.7
- Reporting medical malpractice payments.
- 60.8
- Reporting licensure actions taken by Boards of Medical Examiners.
- 60.9
- Reporting licensure and certification actions taken by states.
- 60.10
- Reporting Federal licensure and certification actions.
- 60.11
- Reporting negative actions or findings taken by peer review organizations or private accreditation entities.
- 60.12
- Reporting adverse actions taken against clinical privileges.
- 60.13
- Reporting Federal or state criminal convictions related to the delivery of a health care item or service.
- 60.14
- Reporting civil judgments related to the delivery of a health care item or service.
- 60.15
- Reporting exclusions from participation in government health care programs.
- 60.16
- Reporting other adjudicated actions or decisions.
- 60.17
- Information which hospitals must request from the National Practitioner Data Bank.
- 60.18
- Requesting information from the National Practitioner Data Bank.
- 60.19
- Fees applicable to requests for information.
- 60.20
- Confidentiality of National Practitioner Data Bank information.
- 60.21
- How to dispute the accuracy of National Practitioner Data Bank information.
- 60.22
- Immunity.
Subpart A—General Provisions Subpart B—Reporting of Information Subpart C—Disclosure of Information by the National Practitioner Data Bank Subpart A—General Provisions
The National Practitioner Data Bank.The Health Care Quality Improvement Act of 1986 (HCQIA), as amended, title IV of Public Law 99-660 (42 U.S.C. 11101 et seq.) (hereinafter referred to as “title IV”), authorizes the Secretary to establish (either directly or by contract) a National Practitioner Data Bank (NPDB) to collect and release certain information relating to the professional competence and conduct of physicians, dentists and other health care practitioners. Section 1921 of the Social Security Act (hereinafter referred to as “section 1921”), as amended, (42 U.S.C. 1396r-2) expanded the requirements under the NPDB and requires each state to adopt a system of reporting to the Secretary adverse licensure or certification actions taken against health care practitioners, health care entities, providers, and suppliers, as well as certain final adverse actions taken by state law and fraud enforcement agencies against health care practitioners, providers, and suppliers. Section 1128E of the Social Security Act (hereinafter referred to as “section 1128E”), as amended, (42 U.S.C. 1320a-7e) authorizes the Secretary to implement a national healthcare fraud and abuse data collection program for the reporting and disclosing of certain final adverse actions taken by Federal Government agencies and health plans against health care practitioners, providers, and suppliers. Information from section 1921 and section 1128E is to be reported and distributed through Start Printed Page 20485the NPDB. The regulations in this part set forth the reporting and disclosure requirements for the NPDB, as well as procedures to dispute the accuracy of information contained in the NPDB.
Applicability.The regulations in this part establish reporting requirements applicable to hospitals, health care entities, Boards of Medical Examiners, professional societies of health care practitioners which take adverse licensure or professional review actions; state licensing or certification authorities, peer review organizations, and private accreditation entities that take licensure or certification actions or negative actions or findings against health care practitioners, health care entities, providers, or suppliers; entities (including insurance companies) making payments as a result of medical malpractice actions or claims; Federal Government agencies, state law and fraud enforcement agencies and health plans that take final adverse actions against health care practitioners, providers, and suppliers. They also establish procedures to enable individuals or entities to obtain information from the NPDB or to dispute the accuracy of NPDB information.
Definitions.Adversely affecting means reducing, restricting, suspending, revoking, or denying clinical privileges or membership in a health care entity.
Affiliated or associated refers to health care entities with which a subject of a final adverse action has a business or professional relationship. This includes, but is not limited to, organizations, associations, corporations, or partnerships. This also includes a professional corporation or other business entity composed of a single individual.
Board of Medical Examiners, or Board, means a body or subdivision of such body which is designated by a state for the purpose of licensing, monitoring, and disciplining physicians or dentists. This term includes a Board of Osteopathic Examiners or its subdivision, a Board of Dentistry or its subdivision, or an equivalent body as determined by the state. Where the Secretary, pursuant to section 423(c)(2) of the HCQIA (42 U.S.C. 11112(c)), has designated an alternate entity to carry out the reporting activities of § 60.12 of this part due to a Board's failure to comply with § 60.8 of this part, the term Board of Medical Examiners or Board refers to this alternate entity.
Civil judgment means a court-ordered action rendered in a Federal or state court proceeding, other than a criminal proceeding. This reporting requirement does not include Consent Judgments that have been agreed upon and entered to provide security for civil settlements in which there was no finding or admission of liability.
Clinical privileges means the authorization by a health care entity to a health care practitioner for the provision of health care services, including privileges and membership on the medical staff.
Criminal conviction means a conviction as described in section 1128(i) of the Social Security Act.
Dentist means a doctor of dental surgery, doctor of dental medicine, or the equivalent who is legally authorized to practice dentistry by a state (or who, without authority, holds himself or herself out to be so authorized).
Exclusion means a temporary or permanent debarment of an individual or entity from participation in any government health-related program, in accordance with which items or services furnished by such person or entity will not be reimbursed under any government health-related program.
Federal Government agency includes, but is not limited to:
(1) The U.S. Department of Justice;
(2) The U.S. Department of Health and Human Services;
(3) Federal law enforcement agencies, including law enforcement investigators;
(4) Any other Federal agency that either administers or provides payment for the delivery of health care services, including, but not limited to the U.S. Department of Defense and the U.S. Department of Veterans Affairs; and
(5) Federal agencies responsible for the licensing and certification of health care practitioners, providers, and suppliers.
Formal peer review process means the conduct of professional review activities through formally adopted written procedures which provide for adequate notice and an opportunity for a hearing.
Formal proceeding means a proceeding held before a state licensing or certification authority, peer review organization, or private accreditation entity that maintains defined rules, policies, or procedures for such a proceeding.
Health care entity means, for purposes of this part:
(1) A hospital;
(2) An entity that provides health care services, and engages in professional review activity through a formal peer review process for the purpose of furthering quality health care, or a committee of that entity; or
(3) A professional society or a committee or agent thereof, including those at the national, state, or local level, of health care practitioners that engages in professional review activity through a formal peer review process, for the purpose of furthering quality health care.
(4) For purposes of paragraph (2) of this definition, an entity includes: a health maintenance organization which is licensed by a state or determined to be qualified as such by the Department of Health and Human Services; and any group or prepaid medical or dental practice which meets the criteria of paragraph (2).
Health care practitioner, licensed health care practitioner, licensed practitioner, or practitioner means an individual who is licensed or otherwise authorized by a state to provide health care services (or any individual who, without authority, holds himself or herself out to be so licensed or authorized).
Health care provider means, for purposes of this part, a provider of services as defined in section 1861(u) of the Social Security Act; any organization (including a health maintenance organization, preferred provider organization or group medical practice) that provides health care services and follows a formal peer review process for the purpose of furthering quality health care, and any other organization that, directly or through contracts, provides health care services.
Health care supplier means, for purposes of this part, a provider of medical and other health care services as described in section 1861(s) of the Social Security Act; or any individual or entity, other than a provider, who furnishes, whether directly or indirectly, or provides access to, health care services, supplies, items, or ancillary services (including, but not limited to, durable medical equipment suppliers, manufacturers of health care items, pharmaceutical suppliers and manufacturers, health record services [such as medical, dental, and patient records], health data suppliers, and billing and transportation service suppliers). The term also includes any individual or entity under contract to provide such supplies, items, or ancillary services; health plans as defined in this section (including employers that are self-insured); and health insurance producers (including but not limited to agents, brokers, solicitors, consultants, and reinsurance intermediaries).Start Printed Page 20486
Health plan means, for purposes of this part, a plan, program or organization that provides health benefits, whether directly, through insurance, reimbursement or otherwise, and includes but is not limited to:
(1) A policy of health insurance;
(2) A contract of a service benefit organization;
(3) A membership agreement with a health maintenance organization or other prepaid health plan;
(4) A plan, program, agreement, or other mechanism established, maintained, or made available by a self-insured employer or group of self-insured employers, a health care practitioner, provider, or supplier group, third-party administrator, integrated health care delivery system, employee welfare association, public service group or organization or professional association;
(5) An insurance company, insurance service or insurance organization that is licensed to engage in the business of selling health care insurance in a state and which is subject to state law which regulates health insurance; and
(6) An organization that provides benefit plans whose coverage is limited to outpatient prescription drugs.
Hospital means, for purposes of this part, an entity described in paragraphs (1) and (7) of section 1861(e) of the Social Security Act.
Medical malpractice action or claim means a written complaint or claim demanding payment based on a health care practitioner's provision of or failure to provide health care services, and includes the filing of a cause of action based on the law of tort, brought in any state or Federal court or other adjudicative body.
Negative action or finding by a Federal or State licensing or certification authority, peer review organization, or private accreditation entity means:
(1) A final determination of denial or termination of an accreditation status from a private accreditation entity that indicates a risk to the safety of a patient(s) or quality of health care services;
(2) Any recommendation by a peer review organization to sanction a health care practitioner; or
(3) Any negative action or finding that, under the state's law, is publicly available information and is rendered by a licensing or certification authority, including but not limited to, limitations on the scope of practice, liquidations, injunctions, and forfeitures. This definition also includes final adverse actions rendered by a Federal or state licensing or certification authority, such as exclusions, revocations, or suspension of license or certification, that occur in conjunction with settlements in which no finding of liability has been made (although such a settlement itself is not reportable under the statute). This definition excludes administrative fines or citations and corrective action plans and other personnel actions, unless they are:
(i) Connected to the delivery of health care services, or
(ii) Taken in conjunction with other adverse licensure or certification actions such as revocation, suspension, censure, reprimand, probation, or surrender.
Organization name means the subject's business or employer at the time the underlying acts occurred. If more than one business or employer is applicable, the one most closely related to the underlying acts should be reported as the “organization name,” with the others being reported as “affiliated or associated health care entities.”
Organization type means a description of the nature of that business or employer.
Other adjudicated actions or decisions means formal or official final actions taken against a health care practitioner, provider, or supplier by a Federal governmental agency, a state law or fraud enforcement agency, or a health plan, which include the availability of a due process mechanism, and are based on acts or omissions that affect or could affect the payment, provision, or delivery of a health care item or service. For example, a formal or official final action taken by a Federal governmental agency, a state law or fraud enforcement agency, or a health plan may include, but is not limited to, a personnel-related action such as suspensions without pay, reductions in pay, reductions in grade for cause, terminations, or other comparable actions. A hallmark of any valid adjudicated action or decision is the availability of a due process mechanism. The fact that the subject elects not to use the due process mechanism provided by the authority bringing the action is immaterial, as long as such a process is available to the subject before the adjudicated action or decision is made final. In general, if an “adjudicated action or decision” follows an agency's established administrative procedures (which ensure that due process is available to the subject of the final adverse action), it would qualify as a reportable action under this definition. This definition specifically excludes clinical privileging actions taken by Federal Government agencies or state law and fraud enforcement agencies and similar paneling decisions made by health plans. This definition does not include overpayment determinations made by Federal or state government programs, their contractors or health plans, and it does not include denial of claims determinations made by Federal Government agencies, state law or fraud enforcement agencies, or health plans. This definition also does not include business or administrative decisions taken by health plans that result in contract terminations unrelated to health care fraud or abuse or quality of care (e.g., when a practitioner's contract is terminated because the practitioner no longer practices at a facility in the health plan's network, or a health plan terminates all provider contracts in a certain geographic area because it ceases business operations in that area). For health plans that are not government entities, an action taken following adequate notice and the opportunity for a hearing that meets the standards of due process set out in section 412(b) of the HCQIA (42 U.S.C. 11112(b)) also would qualify as a reportable action under this definition.
Peer review organization means, for purposes of this part, an organization with the primary purpose of evaluating the quality of patient care practices or services ordered or performed by health care practitioners measured against objective criteria which define acceptable and adequate practice through an evaluation by a sufficient number of health care practitioners in such an area to ensure adequate peer review. The organization has due process mechanisms available to health care practitioners. This definition excludes utilization and quality control peer review organizations described in Part B of Title XI of the Social Security Act (referred to as QIOs) and other organizations funded by the Centers for Medicare & Medicaid Services (CMS) to support the QIO program.
Physician means, for purposes of this part, a doctor of medicine or osteopathy legally authorized to practice medicine or surgery by a state (or who, without authority, holds himself or herself out to be so authorized).
Private accreditation entity means an entity or organization that:
(1) Evaluates and seeks to improve the quality of health care provided by a health care entity, provider, or supplier;
(2) Measures a health care entity's, provider's, or supplier's performance based on a set of standards and assigns a level of accreditation;
(3) Conducts ongoing assessments and periodic reviews of the quality of health care provided by a health care entity, provider, or supplier; and Start Printed Page 20487
(4) Has due process mechanisms available to health care entities, providers, or suppliers.
Professional review action means an action or recommendation of a health care entity:
(1) Taken in the course of professional review activity;
(2) Based on the professional competence or professional conduct of an individual health care practitioner which affects or could affect adversely the health or welfare of a patient or patients; and
(3) Which adversely affects or may adversely affect the clinical privileges or membership in a professional society of the health care practitioner.
(4) This term excludes actions which are primarily based on:
(i) The health care practitioner's association, or lack of association, with a professional society or association;
(ii) The health care practitioner's fees or the health care practitioner's advertising or engaging in other competitive acts intended to solicit or retain business;
(iii) The health care practitioner's participation in prepaid group health plans, salaried employment, or any other manner of delivering health services whether on a fee-for-service or other basis;
(iv) A health care practitioner's association with, supervision of, delegation of authority to, support for, training of, or participation in a private group practice with, a member or members of a particular class of health care practitioner or professional; or
(v) Any other matter that does not relate to the competence or professional conduct of a health care practitioner.
Professional review activity means an activity of a health care entity with respect to an individual health care practitioner:
(1) To determine whether the health care practitioner may have clinical privileges with respect to, or membership in, the entity;
(2) To determine the scope or conditions of such privileges or membership; or
(3) To change or modify such privileges or membership.
Quality Improvement Organization means a utilization and quality control peer review organization (as defined in part B of title XI of the Social Security Act) that:
(1)(i) Is composed of a substantial number of the licensed doctors of medicine and osteopathy engaged in the practice of medicine or surgery in the area and who are representative of the practicing physicians in the area, designated by the Secretary under section 1153, with respect to which the entity shall perform services under this part, or
(ii) Has available to it, by arrangement or otherwise, the services of a sufficient number of licensed doctors of medicine or osteopathy engaged in the practice of medicine or surgery in such area to assure that adequate peer review of the services provided by the various medical specialties and subspecialties can be assured;
(2) Is able, in the judgment of the Secretary, to perform review functions required under section 1154 in a manner consistent with the efficient and effective administration of this part and to perform reviews of the pattern of quality of care in an area of medical practice where actual performance is measured against objective criteria which define acceptable and adequate practice; and
(3) Has at least one individual who is a representative of consumers on its governing body.
Secretary means the Secretary of Health and Human Services and any other officer or employee of the Department of Health and Human Services to whom the authority involved has been delegated.
State means the fifty states, the District of Columbia, Puerto Rico, the Virgin Islands, Guam, American Samoa, and the Northern Mariana Islands.
State law or fraud enforcement agency includes, but is not limited to:
(1) A state law enforcement agency;
(2) A state Medicaid fraud control unit (as defined in section 1903(q) of the Social Security Act); and
(3) A state agency administering (including those providing payment for services) or supervising the administration of a government health care program (as defined in section 1128(h) of the Social Security Act).
State licensing or certification agency includes, but is not limited to, any authority of a state (or of a political subdivision thereof) responsible for the licensing or certification of health care practitioners (or any peer review organization or private accreditation entity reviewing the services provided by health care practitioners), health care entities, providers, or suppliers. Examples of such state agencies include Departments of Professional Regulation, Health, Social Services (including State Survey and Certification and Medicaid Single State agencies), Commerce, and Insurance.
Voluntary surrender of license or certification means a surrender made after a notification of investigation or a formal official request by a Federal or state licensing or certification authority for a health care practitioner, health care entity, provider, or supplier to surrender the license or certification (including certification agreements or contracts for participation in government health care programs). The definition also includes those instances where a health care practitioner, health care entity, provider, or supplier voluntarily surrenders a license or certification (including program participation agreements or contracts) in exchange for a decision by the licensing or certification authority to cease an investigation or similar proceeding, or in return for not conducting an investigation or proceeding, or in lieu of a disciplinary action.
Subpart B—Reporting of Information
How information must be reported.Information must be reported to the NPDB as required under §§ 60.7, 60.8, 60.9, 60.10, 60.11, 60.12, 60.13, 60.14, 60.15 and 60.16 in such form and manner as the Secretary may prescribe.
When information must be reported.Information required under §§ 60.7, 60.8, and 60.12 must be submitted to the NPDB within 30 days following the action to be reported, beginning with actions occurring on or after September 1, 1990; information required under § 60.11 must be submitted to the NPDB within 30 days following the action to be reported, beginning with actions occurring on or after January 1, 1992; and information required under §§ 60.9, 60.10, 60.13, 60.14, 60.15, and 60.16 must be submitted to the NPDB within 30 days following the action to be reported, beginning with actions occurring on or after August 21, 1996. Persons or entities responsible for submitting reports of malpractice payments (§ 60.7), negative actions or findings (§ 60.11), or adverse actions (§ 60.12) must additionally provide to their respective state authorities a copy of the report they submit to the NPDB. Following is the list of reportable actions:
(a) Malpractice payments (§ 60.7);
(b) Licensure and certification actions (§§ 60.8, 60.9, and 60.10);
(c) Negative actions or findings (§ 60.11);
(d) Adverse actions (§ 60.12);
(e) Health Care-related Criminal Convictions (§ 60.13);
(f) Health Care-related Civil Judgments (§ 60.14);
(g) Exclusions from government health care programs (§ 60.15); and
(h) Other adjudicated actions of decisions (§ 60.16).
Start Printed Page 20488Reporting errors, omissions, revisions or whether an action is on appeal.(a) Persons and entities are responsible for the accuracy of information which they report to the NPDB. If errors or omissions are found after information has been reported, the person or entity which reported it must send an addition or correction to the NPDB and in the case of reports made under § 60.12 of this part, also to the Board of Medical Examiners, as soon as possible. The NPDB will not accept requests for readjudication of the case by the NPDB, and will not examine the underlying merits of a reportable action.
(b) An individual or entity which reports information on licensure or certification, negative actions or findings, clinical privileges, criminal convictions, civil or administrative judgments, exclusions, or adjudicated actions or decisions under §§ 60.8, 60.9, 60.10, 60.11, 60.12, 60.13, 60.14, 60.15, or 60.16 must also report any revision of the action originally reported. Revisions include, but are not limited to, reversal of a professional review action or reinstatement of a license. In the case of actions reported under §§ 60.9, 60.10, 60.13, 60.14, 60.15 or 60.16, revisions also include whether an action is on appeal. Revisions are subject to the same time constraints and procedures of §§ 60.5, 60.8, 60.9, 60.10, 60.11, 60.12, 60.13, 60.14, 60.15, or 60.16 as applicable to the original action which was reported.
(c) The subject will be sent a copy of all reports, including revisions and corrections to the report.
(d) Upon receipt of a report, the subject:
(1) Can accept the report as written;
(2) May provide a statement to the NPDB that will be permanently appended to the report, either directly or through a designated representative; (The NPDB will distribute the statement to queriers, where identifiable, and to the reporting entity and the subject of the report. Only the subject can, upon request, make changes to the statement. The NPDB will not edit the statement; however the NPDB reserves the right to redact personal identifying and offensive language that does not change the factual nature of the statement.) or
(3) May follow the dispute process in accordance with § 60.21.
Reporting medical malpractice payments.(a) Who must report. Each entity, including an insurance company, which makes a payment under an insurance policy, self-insurance, or otherwise, for the benefit of a health care practitioner in settlement of or in satisfaction in whole or in part of a claim or a judgment against such health care practitioner for medical malpractice, must report information as set forth in paragraph (b) of this section to the NPDB and to the appropriate state licensing board(s) in the state in which the act or omission upon which the medical malpractice claim was based. For purposes of this section, the waiver of an outstanding debt is not construed as a “payment” and is not required to be reported.
(b) What information must be reported. Entities described in paragraph (a) of this section must report the following information:
(1) With respect to the health care practitioner for whose benefit the payment is made:
(i) Name,
(ii) Work address,
(iii) Home address, if known,
(iv) Social Security Number, if known, and if obtained in accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a note),
(v) Date of birth,
(vi) Name of each professional school attended and year of graduation,
(vii) For each professional license: the license number, the field of licensure, and the name of the state or territory in which the license is held,
(viii) Drug Enforcement Administration registration number, if known,
(ix) Name of each hospital with which he or she is affiliated, if known;
(2) With respect to the reporting entity:
(i) Name and address of the entity making the payment,
(ii) Name, title, and telephone number of the responsible official submitting the report on behalf of the entity, and
(iii) Relationship of the reporting entity to the health care practitioner for whose benefit the payment is made;
(3) With respect to the judgment or settlement resulting in the payment:
(i) Where an action or claim has been filed with an adjudicative body, identification of the adjudicative body and the case number,
(ii) Date or dates on which the act(s) or omission(s) which gave rise to the action or claim occurred,
(iii) Date of judgment or settlement,
(iv) Amount paid, date of payment, and whether payment is for a judgment or a settlement,
(v) Description and amount of judgment or settlement and any conditions attached thereto, including terms of payment,
(vi) A description of the acts or omissions and injuries or illnesses upon which the action or claim was based,
(vii) Classification of the acts or omissions in accordance with a reporting code adopted by the Secretary, and
(viii) Other information as required by the Secretary from time to time after publication in the Federal Register and after an opportunity for public comment.
(c) Sanctions. Any entity that fails to report information on a payment required to be reported under this section is subject to a civil money penalty not to exceed the amount specified at 42 CFR 1003.103(c).
(d) Interpretation of information. A payment in settlement of a medical malpractice action or claim shall not be construed as creating a presumption that medical malpractice has occurred.
Reporting licensure actions taken by Boards of Medical Examiners.(a) What actions must be reported. Each Board of Medical Examiners must report to the NPDB any action based on reasons relating to a physician's or dentist's professional competence or professional conduct:
(1) Which revokes or suspends (or otherwise restricts) a physician's or dentist's license,
(2) Which censures, reprimands, or places on probation a physician or dentist, or
(3) Under which a physician's or dentist's license is surrendered.
(b) Information that must be reported. The Board must report the following information for each action:
(1) The physician's or dentist's name,
(2) The physician's or dentist's work address,
(3) The physician's or dentist's home address, if known,
(4) The physician's or dentist's Social Security number or Individual Tax Identification Number (ITIN), if known, and if obtained in accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a note),
(5) National Provider Identifier (NPI),
(6) The physician's or dentist's date of birth,
(7) Name of each professional school attended by the physician or dentist and year of graduation,
(8) For each professional license, the physician's or dentist's license number, the field of licensure and the name of the state or territory in which the license is held,
(9) The physician's or dentist's Drug Enforcement Administration registration number, if known,
(10) A description of the acts or omissions or other reasons for the action taken, Start Printed Page 20489
(11) A description of the Board action, the date the action was taken, its effective date and duration,
(12) Classification of the action in accordance with a reporting code adopted by the Secretary, and
(13) Other information as required by the Secretary from time to time after publication in the Federal Register and after an opportunity for public comment.
(c) Sanctions. If, after notice of noncompliance and providing opportunity to correct noncompliance, the Secretary determines that a Board has failed to submit a report as required by this section, the Secretary will designate another qualified entity for the reporting of information under § 60.12 of this part.
Reporting licensure and certification actions taken by states.(a) What actions must be reported. Each state is required to adopt a system of reporting to the NPDB actions, as listed below, which are taken against a health care practitioner, health care entity, provider, or supplier (all as defined in § 60.3 of this part). The actions taken must be as a result of formal proceedings (as defined in § 60.3). The actions which must be reported are:
(1) Any adverse action taken by the licensing or certification authority of the state as a result of a formal proceeding, including revocation or suspension of a license, or certification agreement or contract for participation in a government health care program (and the length of any such suspension), reprimand, censure, or probation;
(2) Any dismissal or closure of the formal proceeding by reason of the health care practitioner, health care entity, provider, or supplier surrendering the license or certification agreement or contract for participation in a government health care program, or leaving the state or jurisdiction;
(3) Any other loss of license or loss of the certification agreement or contract for participation in a government health care program, or the right to apply for, or renew, a license or certification agreement or contract of the health care practitioner, health care entity, provider or supplier, whether by operation of law, voluntary surrender, nonrenewal (excluding non-renewals due to nonpayment of fees, retirement, or change to inactive status), or otherwise;
(4) Any negative action or finding by such authority, organization, or entity regarding the health care practitioner, health care entity, provider, or supplier.
(b) What information must be reported. Each state must report the following information (not otherwise reported under § 60.8 of this part):
(1) If the subject is an individual, personal identifiers, including:
(i) Name,
(ii) Social Security Number or ITIN, if known, and if obtained in accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a note),
(iii) Home address or address of record,
(iv) Sex, and
(v) Date of birth.
(2) If the subject is an individual, employment or professional identifiers, including:
(i) Organization name and type,
(ii) Occupation and specialty, if applicable,
(iii) National Provider Identifier (NPI),
(iv) Name of each professional school attended and year of graduation, and
(v) With respect to the professional license (including professional certification and registration) on which the reported action was taken, the license number, the field of licensure, and the name of the state or territory in which the license is held.
(3) If the subject is an organization, identifiers, including:
(i) Name,
(ii) Business address,
(iii) Federal Employer Identification Number (FEIN), or Social Security Number when used by the subject as a Taxpayer Identification Number (TIN),
(iv) The NPI,
(v) Type of organization, and
(vi) With respect to the license (including certification and registration) on which the reported action was taken, the license and the name of the state or territory in which the license is held.
(4) For all subjects:
(i) A narrative description of the acts or omissions and injuries upon which the reported action was based,
(ii) Classification of the acts or omissions in accordance with a reporting code adopted by the Secretary,
(iii) Classification of the action taken in accordance with a reporting code adopted by the Secretary, and the amount of any monetary penalty resulting from the reported action,
(iv) The date the action was taken, its effective date and duration,
(v) Name of the agency taking the action,
(vi) Name and address of the reporting entity, and
(vii) The name, title and telephone number of the responsible official submitting the report on behalf of the reporting entity.
(c) What information may be reported, if known. Reporting entities described in paragraph (a) of this section may voluntarily report, if known, the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Other name(s) used,
(ii) Other address,
(iii) FEIN, when used by the individual as a TIN, and
(iv) If deceased, date of death.
(2) If the subject is an individual, employment or professional identifiers, including:
(i) Other state professional license number(s), field(s) of licensure, and the name(s) of the state or territory in which the license is held,
(ii) Other numbers assigned by Federal or state agencies, including, but not limited to DEA registration number(s), Unique Physician Identification Number(s) (UPIN), and Medicaid and Medicare provider number(s),
(iii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(iv) Nature of the subject's relationship to each associated or affiliated health care entity.
(3) If the subject is an organization, identifiers, including:
(i) Other name(s) used,
(ii) Other address(es) used,
(iii) Other FEIN(s) or Social Security Number(s) used,
(iv) Other NPI(s) used,
(v) Other state license number(s) and the name(s) of the state or territory in which the license is held,
(vi) Other numbers assigned by Federal or state agencies, including, but not limited to DEA registration number(s), Clinical Laboratory Improvement Act (CLIA) number(s), Food and Drug Administration (FDA) number(s), and Medicaid and Medicare provider number(s),
(vii) Names and titles of principal officers and owners,
(viii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(ix) Nature of the subject's relationship to each associated or affiliated health care entity.
(4) For all subjects:
(i) Whether the subject will be automatically reinstated.
(ii) The date of appeal, if any.
(d) Access to documents. Each state must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in paragraphs (a)(1) through (4) of this section, as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.Start Printed Page 20490
(e) Sanctions for failure to report. The Secretary will provide for a publication of a public report that identifies failures to report information on adverse actions as required to be reported under this section.
Reporting Federal licensure and certification actions.(a) What actions must be reported. Federal licensing and certification agencies must report to the NPDB the following final adverse actions that are taken against a health care practitioner, physician, dentist, provider, or supplier (regardless of whether the final adverse action is the subject of a pending appeal):
(1) Formal or official actions, such as revocation or suspension of a license or certification agreement or contract for participation in government health care programs (and the length of any such suspension), reprimand, censure or probation,
(2) Any dismissal or closure of the proceedings by reason of the health care practitioner, provider, or supplier surrendering their license or certification agreement or contract for participation in government health care programs, or leaving the state or jurisdiction,
(3) Any other loss of the license or loss of the certification agreement or contract for participation in government health care programs, or the right to apply for, or renew, a license or certification agreement or contract of the health care practitioner, provider, or supplier, whether by operation of law, voluntary surrender, nonrenewal (excluding non-renewals due to nonpayment of fees, retirement, or change to inactive status), or otherwise, and
(4) Any other negative action or finding by such Federal agency that is publicly available information.
(b) What information must be reported. Each Federal agency described in paragraph (a) of this section must report the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Name,
(ii) Social Security Number or ITIN,
(iii) Home address or address of record,
(iv) Sex, and
(v) Date of birth.
(2) If the subject is an individual, employment or professional identifiers, including:
(i) Organization name and type,
(ii) Occupation and specialty, if applicable,
(iii) National Provider Identifier (NPI),
(iv) Name of each professional school attended and year of graduation, and
(v) With respect to the state professional license (including professional certification and registration) on which the reported action was taken, the license number, the field of licensure, and the name of the state or territory in which the license is held.
(3) If the subject is an organization, identifiers, including:
(i) Name,
(ii) Business address,
(iii) Federal Employer Identification Number (FEIN), or Social Security Number (or ITIN) when used by the subject as a Taxpayer Identification Number (TIN),
(iv) The NPI,
(v) Type of organization, and
(vi) With respect to the state license (including certification and registration) on which the reported action was taken, the license and the name of the state or territory in which the license is held.
(4) For all subjects:
(i) A narrative description of the acts or omissions and injuries upon which the reported action was based,
(ii) Classification of the acts or omissions in accordance with a reporting code adopted by the Secretary,
(iii) Classification of the action taken in accordance with a reporting code adopted by the Secretary, and the amount of any monetary penalty resulting from the reported action,
(iv) The date the action was taken, its effective date and duration,
(v) Name of the agency taking the action,
(vi) Name and address of the reporting entity, and
(vii) The name, title, and telephone number of the responsible official submitting the report on behalf of the reporting entity.
(c) What information may be reported, if known. Reporting entities described in paragraph (a) of this section may voluntarily report, if known, the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Other name(s) used,
(ii) Other address,
(iii) FEIN, when used by the individual as a TIN, and
(iv) If deceased, date of death.
(2) If the subject is an individual, employment or professional identifiers, including:
(i) Other state professional license number(s), field(s) of licensure, and the name(s) of the state or territory in which the license is held,
(ii) Other numbers assigned by Federal or state agencies, including, but not limited to DEA registration number(s), Unique Physician Identification Number(s) (UPIN), and Medicaid and Medicare provider number(s),
(iii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(iv) Nature of the subject's relationship to each associated or affiliated health care entity.
(3) If the subject is an organization, identifiers, including:
(i) Other name(s) used,
(ii) Other address(es) used,
(iii) Other FEIN(s) or Social Security Number(s) used,
(iv) Other NPI(s) used,
(v) Other state license number(s) and the name(s) of the state or territory in which the license is held,
(vi) Other numbers assigned by Federal or state agencies, including, but not limited to DEA registration number(s), Clinical Laboratory Improvement Act (CLIA) number(s), Food and Drug Administration (FDA) number(s), and Medicaid and Medicare provider number(s),
(vii) Names and titles of principal officers and owners,
(viii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(ix) Nature of the subject's relationship to each associated or affiliated health care entity.
(4) For all subjects:
(i) Whether the subject will be automatically reinstated.
(ii) The date of appeal, if any.
(d) Sanctions for failure to report. The Secretary will provide for a publication of a public report that identifies those agencies that have failed to report information on adverse actions as required to be reported under this section.
Reporting negative actions or findings taken by peer review organizations or private accreditation entities.(a) What actions must be reported. Peer review organizations and private accreditation entities are required to report any negative actions or findings (as defined in § 60.3 of this part) which are taken against a health care practitioner, health care entity, provider, or supplier to the NPDB and provide a copy to the appropriate state licensing or certification agency. The health care practitioner, health care entity, provider, or supplier must be licensed or otherwise authorized by the state to provide health care services. The actions taken must be as a result of formal proceedings (as defined in § 60.3).
(b) What information must be reported. Each peer review organization Start Printed Page 20491and private accreditation entity must report the information as required in § 60.9(b) of this part.
(c) What information may be reported, if known. Each peer review organization and private accreditation entity should report, if known, the information as described in § 60.9(c).
(d) Access to documents. Each peer review organization and private accreditation entity must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in this section as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.
Reporting adverse actions taken against clinical privileges.(a) Reporting by health care entities to the NPDB. (1) Actions that must be reported and to whom the report must be made. Each health care entity must report to the NPDB and provide a copy of the report to the Board of Medical Examiners in the state in which the health care entity is located the following actions:
(i) Any professional review action that adversely affects the clinical privileges of a physician or dentist for a period longer than 30 days,
(ii) Acceptance of the surrender of clinical privileges or any restriction of such privileges by a physician or dentist:
(A) While the physician or dentist is under investigation by the health care entity relating to possible incompetence or improper professional conduct, or
(B) In return for not conducting such an investigation or proceeding, or
(iii) In the case of a health care entity which is a professional society, when it takes a professional review action concerning a physician or dentist.
(2) Voluntary reporting on other health care practitioners. A health care entity may report to the NPDB information as described in paragraph (a)(3) of this section concerning actions described in paragraph (a)(1) in this section with respect to other health care practitioners.
(3) What information must be reported. The health care entity must report the following information concerning actions described in paragraph (a)(1) of this section with respect to a physician or dentist:
(i) Name,
(ii) Work address,
(iii) Home address, if known,
(iv) Social Security Number, if known, and if obtained in accordance with section 7 of the Privacy Act of 1974,
(v) Date of birth,
(vi) Name of each professional school attended and year of graduation,
(vii) For each professional license: the license number, the field of licensure, and the name of the state or territory in which the license is held,
(viii) DEA registration number, if known,
(ix) A description of the acts or omissions or other reasons for privilege loss, or, if known, for surrender,
(x) Action taken, date the action was taken, and effective date of the action, and
(xi) Other information as required by the Secretary from time to time after publication in the Federal Register and after an opportunity for public comment.
(b) Reporting by the Board of Medical Examiners to the NPDB. Each Board must report any known instances of a health care entity's failure to report information as required under paragraph (a)(1) of this section. In addition, each Board of Medical Examiners must simultaneously report this information to the appropriate state licensing board in the state in which the health care entity is located, if the Board of Medical Examiners is not such licensing board.
(c) Sanctions. (1) Health care entities. If the Secretary has reason to believe that a health care entity has substantially failed to report information in accordance with this section, the Secretary will conduct an investigation. If the investigation shows that the health care entity has not complied with this section, the Secretary will provide the entity with a written notice describing the noncompliance, giving the health care entity an opportunity to correct the noncompliance, and stating that the entity may request, within 30 days after receipt of such notice, a hearing with respect to the noncompliance. The request for a hearing must contain a statement of the material factual issues in dispute to demonstrate that there is cause for a hearing. These issues must be both substantive and relevant. The hearing will be held in the Washington, DC, metropolitan area. The Secretary will deny a hearing if:
(i) The request for a hearing is untimely,
(ii) The health care entity does not provide a statement of material factual issues in dispute, or
(iii) The statement of factual issues in dispute is frivolous or inconsequential.
In the event that the Secretary denies a hearing, the Secretary will send a written denial to the health care entity setting forth the reasons for denial. If a hearing is denied, or, if as a result of the hearing the entity is found to be in noncompliance, the Secretary will publish the name of the health care entity in the Federal Register. In such case, the immunity protections provided under section 411(a) of HCQIA will not apply to the health care entity for professional review activities that occur during the 3-year period beginning 30 days after the date of publication of the entity's name in the Federal Register.
(2) Board of Medical Examiners. If, after notice of noncompliance and providing opportunity to correct noncompliance, the Secretary determines that a Board of Medical Examiners has failed to report information in accordance with paragraph (b) of this section, the Secretary will designate another qualified entity for the reporting of this information.
Reporting Federal or state criminal convictions related to the delivery of a health care item or service.(a) Who must report. Federal and state prosecutors must report criminal convictions against health care practitioners, providers, and suppliers related to the delivery of a health care item or service (regardless of whether the conviction is the subject of a pending appeal).
(b) What information must be reported. Entities described in paragraph (a) of this section must report the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Name,
(ii) Social Security Number (or ITIN) (states must report this information, if known, and if obtained in accordance with section 7 of the Privacy Act of 1974),
(iii) Home address or address of record,
(iv) Sex, and
(v) Date of birth.
(2) If the subject is an individual, that individual's employment or professional identifiers, including:
(i) Organization name and type,
(ii) Occupation and specialty, if applicable, and
(iii) National Provider Identifier (NPI).
(3) If the subject is an organization, identifiers, including:
(i) Name,
(ii) Business address,
(iii) Federal Employer Number (FEIN), or Social Security Number (or ITIN) when used by the subject as a Taxpayer Identification Number (TIN),
(iv) The NPI, and
(v) Type of organization.
(4) For all subjects:Start Printed Page 20492
(i) A narrative description of the acts or omissions and injuries upon which the reported action was based,
(ii) Classification of the acts or omissions in accordance with a reporting code adopted by the Secretary,
(iii) Name and location of court or judicial venue in which the action was taken,
(iv) Docket or court file number,
(v) Type of action taken,
(vi) Statutory offense(s) and count(s),
(vii) Name of primary prosecuting agency (or the plaintiff in civil actions),
(viii) Date of sentence or judgment,
(ix) Length of incarceration, detention, probation, community service, or suspended sentence,
(x) Amounts of any monetary judgment, penalty, fine, assessment, or restitution,
(xi) Other sentence, judgment, or orders,
(xii) If the action is on appeal,
(xiii) Name and address of the reporting entity, and
(xiv) The name, title, and telephone number of the responsible official submitting the report on behalf of the reporting entity.
(c) What information may be reported, if known. Entities described in paragraph (a) of this section and each state should report, if known, the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Other name(s) used,
(ii) Other address(es), and
(iii) FEIN, when used by the individual as a TIN.
(2) If the subject is an individual, that individual's employment or professional identifiers, including:
(i) State professional license (including professional certification and registration) number(s), field(s) of licensure, and the name(s) of the state or territory in which the license is held,
(ii) Other numbers assigned by Federal or state agencies, to include, but not limited to DEA registration number(s), Unique Physician Identification Number(s) (UPIN), and Medicaid and Medicare provider number(s);
(iii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(iv) Nature of the subject's relationship to each associated or affiliated health care entity.
(3) If the subject is an organization, identifiers, including:
(i) Other name(s) used,
(ii) Other address(es) used,
(iii) Other FEIN(s) or Social Security Numbers(s) (or ITINs) used,
(iv) Other NPI(s) used,
(v) State license (including certification and registration) number(s) and the name(s) of the state or territory in which the license is held,
(vi) Other numbers assigned by Federal or state agencies, to include, but not limited to DEA registration number(s), Clinical Laboratory Improvement Act (CLIA) number(s), Food and Drug Administration (FDA) number(s), and Medicaid and Medicare provider number(s),
(vii) Names and titles of principal officers and owners,
(viii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(ix) Nature of the subject's relationship to each associated or affiliated health care entity.
(4) For all subjects:
(i) Prosecuting agency's case number,
(ii) Investigative agencies involved,
(iii) Investigative agencies case or file number(s), and
(iv) The date of appeal, if any.
(d) Access to documents. Each state must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in paragraphs (a)(1) through (4) of this section, as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.
(e) Sanctions for failure to report. The Secretary will provide for publication of a public report that identifies those agencies that have failed to report information on criminal convictions as required to be reported under this section.
Reporting civil judgments related to the delivery of a health care item or service.(a) Who must report. Federal and state attorneys and health plans must report civil judgments against health care practitioners, providers, or suppliers related to the delivery of a health care item or service (regardless of whether the civil judgment is the subject of a pending appeal). If a government agency is party to a multi-claimant civil judgment, it must assume the responsibility for reporting the entire action, including all amounts awarded to all the claimants, both public and private. If there is no government agency as a party, but there are multiple health plans as claimants, the health plan which receives the largest award must be responsible for reporting the total action for all parties.
(b) What information must be reported. Entities described in paragraph (a) of this section must report the information as required in § 60.13(b) of this part.
(c) What information may be reported, if known. Entities described in paragraph (a) of this section should report, if known the information as described in § 60.13(c) of this part.
(d) Access to documents. Each state must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in paragraphs (a)(1) through (4) of this section, as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.
(e) Sanctions for failure to report. Any health plan that fails to report information on a civil judgment required to be reported under this section will be subject to a civil money penalty (CMP) of not more than $25,000 for each such adverse action not reported. Such penalty will be imposed and collected in the same manner as CMPs under subsection (a) of section 1128A of the Social Security Act. The Secretary will provide for publication of a public report that identifies those government agencies that have failed to report information on civil judgments as required to be reported under this section.
Reporting exclusions from participation in government health care programs.(a) Who must report. Federal Government agencies and state law and fraud enforcement agencies must report health care practitioners, providers, or suppliers excluded from participating in government health care programs, including exclusions that were made in a matter in which there was also a settlement that is not reported because no findings or admissions of liability have been made (regardless of whether the exclusion is the subject of a pending appeal).
(b) What information must be reported. Entities described in paragraph (a) of this section must report the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Name,
(ii) Social Security Number (or ITIN) (state law and fraud enforcement agencies must report this information if known, and if obtained in accordance with section 7 of the Privacy Act of 1974),
(iii) Home address or address of record,
(iv) Sex, and
(v) Date of birth.Start Printed Page 20493
(2) If the subject is an individual, that individual's employment or professional identifiers, including:
(i) Organization name and type,
(ii) Occupation and specialty, if applicable, and
(iii) National Provider Identifier (NPI).
(3) If the subject is an organization, identifiers, including:
(i) Name,
(ii) Business address,
(iii) Federal Employer Identification Number (FEIN) or Social Security Number (or ITIN) when used by the subject as a Taxpayer Identification Number (TIN),
(iv) The NPI, and
(v) Type of organization.
(4) For all subjects:
(i) A narrative description of the acts or omissions and injuries upon which the reported action was based,
(ii) Classification of the acts or omissions in accordance with a reporting code adopted by the Secretary,
(iii) Classification of the action taken in accordance with a reporting code adopted by the Secretary, and the amount of any monetary penalty resulting from the reported action,
(iv) The date the action was taken, its effective date and duration,
(v) If the action is on appeal,
(vi) Name of the agency taking the action,
(vii) Name and address of the reporting entity, and
(viii) The name, title, and telephone number of the responsible official submitting the report on behalf of the reporting entity.
(c) What information may be reported, if known. Entities described in paragraph (a) of this section should report, if known, the following information:
(1) If the subject is an individual, personal identifiers, including:
(i) Other name(s) used,
(ii) Other address(es),
(iii) FEIN, when used by the individual as a TIN,
(iv) Name of each professional school attended and year of graduation, and
(v) If deceased, date of death.
(2) If the subject is an individual, that individual's employment or professional identifiers, including:
(i) State professional license (including professional registration and certification) number(s), field(s) of licensure, and the name(s) of the state or territory in which the license is held,
(ii) Other numbers assigned by Federal or state agencies, to include, but not limited to DEA registration number(s), Unique Physician Identification Number(s) (UPIN), and Medicaid and Medicare provider number(s),
(iii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(iv) Nature of the subject's relationship to each associated or affiliated health care entity.
(3) If the subject is an organization, identifiers, including:
(i) Other name(s) used,
(ii) Other address(es) used,
(iii) Other FEIN(s) or Social Security Numbers(s) (or ITINs) used,
(iv) Other NPI(s) used,
(v) State license (including registration and certification) number(s) and the name(s) of the state or territory in which the license is held,
(vi) Other numbers assigned by Federal or state agencies, to include, but not limited to DEA registration number(s), Clinical Laboratory Improvement Act (CLIA) number(s), Food and Drug Administration (FDA) number(s), and Medicaid and Medicare provider number(s),
(vii) Names and titles of principal officers and owners,
(viii) Name(s) and address(es) of any health care entity with which the subject is affiliated or associated, and
(ix) Nature of the subject's relationship to each associated or affiliated health care entity.
(4) For all subjects:
(i) If the subject will be automatically reinstated, and
(ii) The date of appeal, if any.
(d) Access to documents. Each state must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in paragraphs (a)(1) through (4) of this section, as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.
(e) Sanctions for failure to report. The Secretary will provide for publication of a public report that identifies those government agencies that have failed to report information on exclusions or debarments as required to be reported under this section.
Reporting other adjudicated actions or decisions.(a) Who must report. Federal Government agencies, state law or fraud enforcement agencies, and health plans must report other adjudicated actions or decisions as defined in § 60.3 of this part related to the delivery, payment or provision of a health care item or service against health care practitioners, providers, and suppliers (regardless of whether the other adjudicated action or decision is subject to a pending appeal).
(b) What information must be reported. Entities described in paragraph (a) of this section must report the information as required in § 60.15(b) of this part.
(c) What information may be reported, if known. Entities described in paragraph (a) of this section should report, if known, the information as described in § 60.15(c) of this part.
(d) Access to documents. Each state must provide the Secretary (or an entity designated by the Secretary) with access to the documents underlying the actions described in paragraphs (a)(1) through (4) of this section, as may be necessary for the Secretary to determine the facts and circumstances concerning the actions and determinations for the purpose of carrying out section 1921.
(e) Sanctions for failure to report. Any health plan that fails to report information on another adjudicated action or decision required to be reported under this section will be subject to a civil money penalty (CMP) of not more than $25,000 for each such action not reported. Such penalty will be imposed and collected in the same manner as CMPs under subsection (a) of section 1128A of the Social Security Act. The Secretary will provide for publication of a public report that identifies those government agencies that have failed to report information on other adjudicated actions as required to be reported under this section.
Subpart C—Disclosure of Information by the National Practitioner Data Bank
Information which hospitals must request from the National Practitioner Data Bank.(a) When information must be requested. Each hospital, either directly or through an authorized agent, must request information from the NPDB concerning a health care practitioner, as follows:
(1) At the time a health care practitioner, applies for a position on its medical staff (courtesy or otherwise), or for clinical privileges at the hospital; and
(2) Every 2 years concerning any health care practitioner, who is on its medical staff (courtesy or otherwise) or has clinical privileges at the hospital.
(b) Failure to request information. Any hospital which does not request the information as required in paragraph (a) of this section is presumed to have knowledge of any information reported to the NPDB concerning this health care practitioner.
(c) Reliance on the obtained information. Each hospital may rely upon the information provided by the NPDB to the hospital. A hospital shall not be held liable for this reliance Start Printed Page 20494unless the hospital has knowledge that the information provided was false.
Requesting information from the National Practitioner Data Bank.(a) Who may request information and what information may be available. Information in the NPDB will be available, upon request, to the persons or entities, or their authorized agents, as described below:
(1) Information reported under §§ 60.7, 60.8, and 60.12 of this part is available to:
(i) A hospital that requests information concerning a health care practitioner who is on its medical staff (courtesy or otherwise) or has clinical privileges at the hospital,
(ii) A health care practitioner who requests information concerning himself or herself,
(iii) A State Medical Board of Examiners or other state authority that licenses health care practitioners,
(iv) A health care entity which has entered or may be entering into an employment or affiliation relationship with a health care practitioner, or to which the health care practitioner has applied for clinical privileges or appointment to the medical staff,
(v) An attorney, or individual representing himself or herself, who has filed a medical malpractice action or claim in a state or Federal court or other adjudicative body against a hospital, and who requests information regarding a specific health care practitioner who is also named in the action or claim. This information will be disclosed only upon the submission of evidence that the hospital failed to request information from the NPDB, as required by § 60.17(a) of this part, and may be used solely with respect to litigation resulting from the action or claim against the hospital,
(vi) A health care entity with respect to professional review activity, and
(vii) A person or entity requesting statistical information, in a form which does not permit the identification of any individual or entity.
(2) Information reported under §§ 60.9, 60.10, 60.11, 60.13, 60.14, 60.15, and 60.16 of this part is available to the agencies, authorities, and officials listed below that request information on licensure or certification actions, any other negative actions or findings, or final adverse actions concerning an individual practitioner, health care entity, provider, or supplier. These agencies, authorities, and officials may obtain data for the purposes of determining the fitness of individuals to provide health care services, protecting the health and safety of individuals receiving health care through programs administered by the requesting agency, and protecting the fiscal integrity of these programs.
(i) Agencies administering (including those providing payment for services) government health care programs, including private entities administering such programs under contract,
(ii) State licensing or certification agencies and Federal agencies responsible for the licensing and certification of health care practitioners, providers, or suppliers,
(iii) State agencies administering or supervising the administration of government health care programs (as defined in 42 U.S.C. 1128(h)),
(iv) State law or fraud enforcement agencies,
(v) Law enforcement officials and agencies such as:
(A) United States Attorney General,
(B) United States Chief Postal Inspector,
(C) United States Inspectors General;
(D) United States Attorneys,
(E) United States Comptroller General,
(F) United States Drug Enforcement Administration,
(G) United States Nuclear Regulatory Commission, or
(H) Federal Bureau of Investigation,
(vi) Utilization and quality control peer review organizations described in part B of title XI and to appropriate entities with contracts under section 1154(a)(4)(C) of the Social Security Act with respect to eligible organizations reviewed under the contracts, but only with respect to information provided pursuant to §§ 60.9 and 60.11 of this part, as well as information provided pursuant to §§ 60.13, 60.14, 60.15, and 60.16 of this part by Federal agencies and health plans,
(vii) Hospitals and other health care entities (as defined in section 431 of the Health Care Quality Improvement Act of 1986), with respect to health care practitioners who have entered (or may be entering) into employment or affiliation relationships with, or have applied for clinical privileges or appointments to the medical staff of such hospitals or other health care entities, but only with respect to information provided pursuant to §§ 60.9 and 60.11, as well as information provided pursuant to §§ 60.13, 60.14, 60.15, and 60.16 by Federal agencies and health plans,
(viii) Health plans,
(ix) A health care practitioner, health care entity, provider, or supplier who requests information concerning himself, herself, or itself, and
(x) A person or entity requesting statistical information, in a form which does not permit the identification of any individual or entity. (For example, researchers may use statistical information to identify the total number of nurses with adverse licensure actions in a specific state. Similarly, researchers may use statistical information to identify the total number of health care entities denied accreditation.)
(b) Procedures for obtaining National Practitioner Data Bank information. Persons and entities may obtain information from the NPDB by submitting a request in such form and manner as the Secretary may prescribe. These requests are subject to fees as described in § 60.19 of this part.
Fees applicable to requests for information.(a) Policy on fees. The fees described in this section apply to all requests for information from the NPDB. The amount of such fees will be sufficient to recover the full costs of operating the NPDB. The actual fees will be announced by the Secretary in periodic notices in the Federal Register. However, for purposes of verification and dispute resolution at the time the report is accepted, the NPDB will provide a copy—at the time a report has been submitted, automatically, without a request and free of charge, of the record to the health care practitioner, entity, provider, or supplier who is the subject of the report and to the reporter.
(b) Criteria for determining the fee. The amount of each fee will be determined based on the following criteria:
(1) Direct and indirect personnel costs, including salaries and fringe benefits such as medical insurance and retirement,
(2) Physical overhead, consulting, and other indirect costs (including materials and supplies, utilities, insurance, travel, and rent and depreciation on land, buildings, and equipment),
(3) Agency management and supervisory costs,
(4) Costs of enforcement, research, and establishment of regulations and guidance,
(5) Use of electronic data processing equipment to collect and maintain information—the actual cost of the service, including computer search time, runs and printouts, and
(6) Any other direct or indirect costs related to the provision of services.
(c) Assessing and collecting fees. The Secretary will announce through notice in the Federal Register from time to time the methods of payment of NPDB fees. In determining these methods, the Secretary will consider efficiency, effectiveness, and convenience for the Start Printed Page 20495NPDB users and the Department. Methods may include: credit card, electronic fund transfer, and other methods of electronic payment.
Confidentiality of National Practitioner Data Bank information.(a) Limitations on disclosure. Information reported to the NPDB is considered confidential and shall not be disclosed outside the Department of Health and Human Services, except as specified in §§ 60.17, 60.18, and 60.21 of this part. Persons and entities receiving information from the NPDB, either directly or from another party, must use it solely with respect to the purpose for which it was provided. The Data Bank report may not be disclosed, but nothing in this section will prevent the disclosure of information by a party from its own files used to create such reports where disclosure is otherwise authorized under applicable state or Federal law.
(b) Penalty for violations. Any person who violates paragraph (a) of this section shall be subject to a civil money penalty of up to $11,000 for each violation. This penalty will be imposed pursuant to procedures at 42 CFR part 1003.
How to dispute the accuracy of National Practitioner Data Bank information.(a) Who may dispute the NPDB information. The NPDB will routinely mail or transmit electronically to the subject a copy of the report filed in the NPDB. In addition, as indicated in § 60.18, the subject may also request a copy of such report. The subject of the report or a designated representative may dispute the accuracy of a report concerning himself, herself, or itself as set forth in paragraph (b) of this section.
(b) Procedures for disputing a report with the reporting entity. (1) If the subject disagrees with the reported information, the subject must request in the format as determined by the Secretary that the NPDB enter the report into “disputed status.”
(2) The NPDB will send the report, with a notation that the report has been placed in “disputed status,” to queriers (where identifiable), the reporting entity and the subject of the report.
(3) The subject must attempt to enter into discussion with the reporting entity to resolve the dispute. If the reporting entity revises the information originally submitted to the NPDB, the NPDB will notify the subject and all entities to whom reports have been sent that the original information has been revised. If the reporting entity does not revise the reported information, or does not respond to the subject within 60 days, the subject may request that the Secretary review the report for accuracy. The Secretary will decide whether to correct the report within 30 days of the request. This time frame may be extended for good cause. The subject also may provide a statement to the NPDB, either directly or through a designated representative that will permanently append the report.
(c) Procedures for requesting a review of a disputed report. (1) The subject must request, in the format as determined by the Secretary, that the Secretary review the report for accuracy. The subject must return this request to the NPDB along with appropriate materials that support the subject's position. The Secretary will only review the accuracy of the reported information, and will not consider the merits or appropriateness of the action or the due process that the subject received.
(2) After the review, if the Secretary:
(i) Concludes that the information is accurate and reportable to the NPDB, the Secretary will inform the subject and the NPDB of the determination. The Secretary will include a brief statement (Secretarial Statement) in the report that describes the basis for the decision. The report will be removed from “disputed status.” The NPDB will distribute the corrected report and statement(s) to previous queriers (where identifiable), the reporting entity and the subject of the report.
(ii) Concludes that the information contained in the report is inaccurate, the Secretary will inform the subject of the determination and direct the NPDB or the reporting entity to revise the report. The Secretary will include a brief statement (Secretarial Statement) in the report describing the findings. The NPDB will distribute the corrected report and statement(s) to previous queriers (where identifiable), the reporting entity and the subject of the report.
(iii) Determines that the disputed issues are outside the scope of the Department's review, the Secretary will inform the subject and the NPDB of the determination. The Secretary will include a brief statement (Secretarial Statement) in the report describing the findings. The report will be removed from “disputed status.” The NPDB will distribute the report and the statement(s) to previous queriers (where identifiable), the reporting entity and the subject of the report.
(iv) Determines that the adverse action was not reportable and therefore should be removed from the NPDB, the Secretary will inform the subject and direct the NPDB to void the report. The NPDB will distribute a notice to previous queriers (where identifiable), the reporting entity and the subject of the report that the report has been voided.
Immunity.Individuals, entities or their authorized agents, and the NPDB shall not be held liable in any civil action filed by the subject of a report unless the individual, entity, or authorized agent submitting the report has actual knowledge of the falsity of the information contained in the report.
PART 61—[REMOVED]
End Part Start Amendment Part2. Under the authority of 42 U.S.C. 1320a-7e, remove part 61.
End Amendment Part End Supplemental Information[FR Doc. 2013-07521 Filed 4-4-13; 8:45 am]
BILLING CODE 4165-15-P
Document Information
- Comments Received:
- 0 Comments
- Effective Date:
- 5/6/2013
- Published:
- 04/05/2013
- Department:
- Health and Human Services Department
- Entry Type:
- Rule
- Action:
- Final rule.
- Document Number:
- 2013-07521
- Dates:
- The effective date of this rule is May 6, 2013.
- Pages:
- 20473-20495 (23 pages)
- RINs:
- 0906-AA87: Elimination of Duplication Between the Healthcare Integrity and Protection Data Bank and the National Practitioner Data Bank
- RIN Links:
- https://www.federalregister.gov/regulations/0906-AA87/elimination-of-duplication-between-the-healthcare-integrity-and-protection-data-bank-and-the-nationa
- Topics:
- Claims, Confidential business information, Fraud, Health care, Health maintenance organizations (HMO), Health professions, Hospitals, Insurance companies, Penalties, Reporting and recordkeeping requirements
- PDF File:
- 2013-07521.pdf
- Supporting Documents:
- » Patient Protection and Affordable Care Act: Benefit and Payment Parameters for 2022; Updates to State Innovation Waiver Implementing Regulations
- » Guidance: Good Guidance Practices; Correction
- » National Vaccine Injury Compensation Program: Revisions to the Vaccine Injury Table
- » Amendments to the HHS-Operated Risk Adjustment Data Validation Under the Patient Protection and Affordable Care Act's HHS-Operated Risk Adjustment Program
- » Transparency in Coverage
- » UA: Reg Flex Agenda
- » Medicare and Medicaid Programs: CY 2020 Hospital Outpatient PPS Policy Changes and Payment Rates and Ambulatory Surgical Center Payment System Policy Changes and Payment Rates; Price Transparency Requirements for Hospitals to Make Standard Charges Public
- » Administrative Simplification: Rescinding the Adoption of the Standard Unique Health Plan Identifier and Other Entity Identifier
- » Protecting Statutory Conscience Rights in Health Care; Delegations of Authority
- » Patient Protection and Affordable Care Act: Increasing Consumer Choice through the Sale of Individual Health Insurance Coverage Across State Lines Through Health Care Choice Compacts
- CFR: (22)
- 45 CFR 60.1
- 45 CFR 60.2
- 45 CFR 60.3
- 45 CFR 60.4
- 45 CFR 60.5
- More ...