Recently, the public use file for the National Practitioner Data Bank (NPDB) was removed from the web site of the Health Resources Services Administration. (HRSA). Senator Charles Grassley (R-Iowa) has asked HRSA to explain.
The federal government maintains two data bases that track information about health care practitioners. The Healthcare Integrity Protection Data Bank (HIPDB) contains information about civil judgments, criminal convictions, exclusions from participation in government-funded healthcare programs and adverse licensing actions.Its primary purpose is fighting fraud and abuse. The NPDB tracks malpractice payments, peer review and disciplinary actions and other data concerning the competence of doctors, nurses, dentists and other practitioners. State and federal government agencies must report adverse actions to the HIPDB. Insurance companies and other payors must report payments over an amount set by the Secretary of HHS to the NPDB. Licensing agencies must report to both. HHS is implementing a transition to eliminate duplication of effort and reporting requirements as directed by section 6403 of the Patient Protection and Affordable Care Act (P.L. 111-148) between the two data banks.
So, what’s the problem? An enterprising reporter for the Kansas City Star wrote a story about the failure of state licensing boards in Kansas and Missouri to take action against 21 physicians who had been sued ten times or more for malpractice. He got his information by comparing thousands of anonymous records in the data bank to information he had found in publicly available court records.The story detailed the history of a particular surgeon who had been sued for malpractice 16 times since 1983. The state licensing board had access to the doctor’s history of payments for malpractice settlements going back to the 1990’s, but his public licensing record was spotless.
The reporter contacted the surgeon before the story ran. The surgeon’s lawyer wrote HHS to complain that data about him had been disclosed improperly. On August 26th, the HRSA director then wrote to the reporter, advising him that civil penalties could be imposed for unauthorized disclosure of confidential information from the data bank.
The agency removed the public use file September 1st. It does not appear that any notice of the change in the availability of the record system has been published in the Federal Register.
Newspapers and associations of journalists objected, sending letters to HRSA Administrator Mary Wakefield and HHS Secretary Kathleen Sebelius. They provided examples of situations where investigative reporting, combined with the use of the de-identified information in the data bank, helped to spur the licensing agencies or committees deciding on admission privileges to act against dangerous doctors.
Administrator Wakefield responded that the removal was necessary because the agency had found that the “data could be manipulated” to identify individual practitioners. The agency was working on restoring a public use file to the site. In the meantime, however, researchers and journalists may submit requests for information as instructed on the NPDB web site. The instructions state that “a researcher must provide a proposal (including table shells) for their [sic] need of data” for review and approval by the agency, and the agency will release only the variables necessary for the research.
Robert Orshel, Ph.D., the original designer of the public use file, issued a statement opposing HRSA’ s removal of the public data base, calling it “contrary to law”. Orshel said that when he designed the file, both he and HRSA generally distinguished between public files that do not allow a user to identify an individual from files that do not allow users to recognize that the data pertains to individuals that they have already identified elsewhere.
Senator Grassley strongly opposed the removal of the file from the agency’s web site. The public use file is “the backbone in providing transparency for bad acting healthcare practitioners,” he said. Grassley added that the Healthcare Quality Improvement Act of 1986 (HCQIA, Title IV of P.L. 99-660) “clearly contemplates” disclosure of de-identified information. Senator Grassley asked the Secretary to provide documents and answer questions about:
- the contact between the surgeon and the agency
- all breaches of the confidentiality of the data bank in the last two years
- who made the decision to remove the public use file from the site
- how the agency plans to “further de-identify” the data in keeping with the Congressional intent that it be public
- the timeline for returning the data to the site
The director of HRSA’s data bank division, Cynthia Grubbs, held a conference call with journalists on October 13th to discuss the issue. It is reported that she asked those attending about offering access to the data in other forms, such as charts and graphs. She would not commit to returning the data from the prior public use file in any form.
How will the HRSA Administrator respond to Senator Grassley’s requests?