The Health Resources and Services Administration (“HRSA”) has issued a final rule (“HRSA Rule”) that will eliminate duplicative federal reporting requirements of provider sanctions and other adverse actions taken against health care practitioners, providers, and suppliers.  Previously, state licensing and certification authorities, government agencies, and health care entities reported overlapping data elements regarding sanctions and other adverse actions to both the Healthcare Integrity and Protection Data Bank (HIPDB) and the National Practitioner Data Bank (NPDB).  The new HRSA Rule implements the mandate in Section 6403 of the Patient Protection and Affordable Care Act to transfer all data in the HIPDB into the NPDB and to phase-out the HIPDB.

As part of the transition to a single database, the HRSA Rule reconciles gaps and duplication between the reporting requirements of the two current databases.  If certain data had to be reported to one of the current databases, it will have to be reported to the NPDB under the new HRSA Rule.  For example, the definition of “health care practitioner” incorporates the HIPDB’s inclusion of physicians and dentists for purposes of the new database requirements, while the NPDB’s previous definitions specifically excluded these providers.  Additionally, the HIPDB’s broader reporting requirements related to criminal convictions and civil judgments are now required as part of reporting to the new NPDB.  The HRSA Rule does not, however, add any new data elements to existing reporting requirements.

Ellyn Sternfield, Of Counsel in the Mintz Levin Health Law Section and a member of the Health Care Enforcement Defense Practice, foresees issues as reporting entities work through the new rules because “state laws, procedures, and processes are often unique and don’t fit into the neat categories set out by federal authorities.”  Drawing upon her past experience as director of a state Medicaid Fraud Control Unit subject to these reporting requirements, Sternfield notes that “there was a steep learning curve for HIPDB reporting, especially for state law enforcement and licensing boards,” and she predicts that “it will therefore be some time before we know how, if at all, NPDB reporting will impact the health care enforcement landscape.”

One concern is the definition of “a negative action or finding” required to be reported to the new NPDB by federal or state licensing or certification authorities, peer review organizations, or private accreditation entities.  HRSA noted that it only received two comments to the definition in the proposed rule and believes additional guidance may be necessary.  In the meantime, HRSA warned that “each state must be prepared to justify their decisions, supported by state law, to report or decline to report these actions by referencing specific state statutes.”

The merged reporting requirements for the new NPDB database are summarized below:

New NPDB Data Reporting Requirements  

Reportable Data Elements  

  • Health care-related state criminal convictions (practitioners, providers, suppliers)
  • Health care-related civil judgments in Federal or state court (practitioners, providers, suppliers)
  • Licensure actions (revocations, suspensions, reprimands, censures, probations, surrenders, and “any negative action or finding” by a state licensing or certification)
  • Medicare/Medicaid exclusions
  • Adverse clinical privileges actions
  • Adverse professional society membership actions
  • Drug Enforcement Administration certification actions
  • Medical malpractice payments made for the benefit of any health care practitioner
  • Other adjudicated actions or decisions

Reporting Entities

  • Federal and State government agencies (including the Office of Inspector General and Drug Enforcement Administration)
  • State licensing and certification authorities (including medical and dental boards)
  • Health plans
  • Medical malpractice payers
  • Professional Societies with formal peer review,
  • Other health care entities such as health maintenance organizations.
  • Private accreditation entities
  • Peer review organizations

Entities Able to Access the NPDB  

  • Federal and State government agencies
  • Health care plans
  • Hospitals
  • Other health care entities that have formal peer review processes and provide and provide health care services
  • State medical or dental boards and other health care practitioner state boards
  • State agencies administering or supervising government health care program administration
  • State Medicaid Fraud Control Units (MFCUs)
  • Certain law enforcement agencies, utilization and quality control Quality Improvement Organizations (QIOs)
  • Individual practitioners, providers, and suppliers (self-queries)