[Federal Register Volume 77, Number 31 (Wednesday, February 15, 2012)]
[Proposed Rules]
[Pages 9137-9161]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-3014]



[[Page 9137]]

Vol. 77

Wednesday,

No. 31

February 15, 2012

Part V





 Department of Health and Human Services





-----------------------------------------------------------------------





45 CFR Parts 60 and 61





National Practitioner Data Bank; Proposed Rule

Federal Register / Vol. 77, No. 31 / Wednesday, February 15, 2012 / 
Proposed Rules

[[Page 9138]]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

45 CFR Parts 60 and 61

RIN 0906-AA87


National Practitioner Data Bank

AGENCY: Health Resources and Services Administration (HRSA), HHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: This proposed rule revises existing regulations under sections 
401-432 of the Health Care Quality Improvement Act of 1986 and section 
1921 of the Social Security Act, governing the National Practitioner 
Data Bank, to incorporate statutory requirements under section 6403 of 
the Patient Protection and Affordable Care Act of 2010 (Affordable Care 
Act), Public Law 111-148. The Department of Health and Human Services 
(HHS) also is removing Title 45 of the Code of Federal Regulations 
(CFR) part 61, which implemented the Healthcare Integrity and 
Protection Data Bank.
    Section 6403 of the Affordable Care Act, the statutory authority 
for this regulatory action, was designed to eliminate duplicative data 
reporting and access requirements between the Healthcare Integrity and 
Protection Data Bank (established under section 1128E of the Social 
Security Act) and the National Practitioner Data Bank. Section 6403 of 
the Affordable Care Act requires the Secretary to establish a 
transition period to transfer all data in the Healthcare Integrity and 
Protection Data Bank to the National Practitioner Data Bank, and, once 
completed, to cease operations of the Healthcare Integrity and 
Protection Data Bank. Information previously collected and disclosed 
through the Healthcare Integrity and Protection Data Bank will then be 
collected and disclosed through the National Practitioner Data Bank. 
This regulatory action consolidates the collection and disclosure of 
information from both data banks into one part of the CFR.

DATES: We invite comments on this proposed rule. To be considered, 
submit comments on or before April 16, 2012.

Addresses and Mode of Transmission for Comments: You may submit 
comments in one of three ways, as listed below. The first is the 
preferred method. To avoid duplication, please submit your comments in 
only one of these ways.
    1. Federal eRulemaking Portal. You may submit comments 
electronically to http://www.regulations.gov. Click on the link 
``Submit a comment'' and enter the file code `` HRSA-0906-
AA87'' in the ID field. Submit your actual comments as an attachment to 
your message or cover letter. (Attachments should be in Microsoft Word 
or WordPerfect; however, we prefer Microsoft Word.)
    2. By regular, express or overnight mail. You may mail written 
comments to the following address only: Health Resources and Services 
Administration, Department of Health and Human Services, Attention: 
HRSA Regulations Officer, Parklawn Building Rm. 14-101, 5600 Fishers 
Lane, Rockville, MD 20857. Please allow sufficient time for mailed 
comments to be received before the close of the comment period.
    3. Delivery by hand (in person or by courier). If you prefer, you 
may deliver your written comments before the close of the comment 
period to the same address: Parklawn Building Room 14-101, 5600 Fishers 
Lane, Rockville, MD 20857. Please call (301) 443-1785 in advance to 
schedule your arrival with one of our HRSA Regulations Office staff 
members.
    Because of staffing and resource limitations, and to ensure that no 
comments are misplaced, we cannot accept comments by facsimile (FAX) 
transmission.
    In commenting, please refer to file code  HRSA-0906-AA87. 
Comments received on a timely basis will be available for public 
inspection as they are received in Room 14-101 of the Health Resources 
and Services Administration, 5600 Fishers Lane, Rockville, MD., on 
Monday through Friday of each week from 8:30 a.m. to 5:00 p.m. (phone: 
301-443-1785).
    We will consider all comments we receive by the date and time 
specified in the Dates section of this preamble, and will respond to 
the comments in the preamble of the final rule.

FOR FURTHER INFORMATION CONTACT: Cynthia Grubbs, Director, Division of 
Practitioner Data Banks, Bureau of Health Professions, Health Resources 
and Services Administration, Parklawn Building, 5600 Fishers Lane, Room 
8-103, Rockville, MD 20857; telephone number: (301) 443-2300.

SUPPLEMENTARY INFORMATION:

I. Background

A. Legal Authorities Governing the Data Banks

    The paragraphs below provide a summary of the legal authorities 
governing the National Practitioner Data Bank and the Healthcare 
Integrity and Protection Data Bank.
(1.) The Health Care Quality Improvement Act of 1986 (42 U.S.C. 11101 
et seq.)
    The National Practitioner Data Bank (NPDB) was established by the 
Health Care Quality Improvement Act of 1986 (HCQIA), as amended (42 
U.S.C. 11101 et seq.). The HCQIA authorizes the NPDB to collect reports 
of adverse licensure actions against physicians and dentists (including 
revocations, suspensions, reprimands, censures, probations, and 
surrenders); adverse clinical privileges actions against physicians and 
dentists; adverse professional society membership actions against 
physicians and dentists; Drug Enforcement Administration (DEA) 
certification actions; Medicare/Medicaid exclusions; and medical 
malpractice payments made for the benefit of any health care 
practitioner. Organizations that have access to this data system 
include hospitals, other health care entities that have formal peer 
review processes and provide health care services, State medical or 
dental boards and other health care practitioner State boards. 
Individual practitioners may self-query. Information under the HCQIA is 
reported by medical malpractice payers, State medical and dental 
boards, professional societies with formal peer review, and hospitals 
and other health care entities (such as health maintenance 
organizations).
(2.) Section 1921 of the Social Security Act (42 U.S.C. 1396r-2) (Prior 
to the Passage of the Affordable Care Act)
    Section 1921 of the Social Security Act (herein referred to as 
section 1921), as amended by section 5(b) of the Medicare and Medicaid 
Patient and Program Protection Act of 1987, Public Law 100-93, and as 
amended by the Omnibus Budget Reconciliation Act of 1990, Public Law 
101-508, expanded the scope of the NPDB. Section 1921 requires each 
State to adopt a system for reporting to the Secretary certain adverse 
licensure actions taken against health care practitioners and entities 
by any authority of the State responsible for the licensing of such 
practitioners or entities. It also requires each State to report any 
negative action or finding that a State licensing authority, a peer 
review organization, or a private accreditation entity had taken 
against a health care practitioner or health care entity.
    Groups with access to this information include all organizations 
eligible to query the NPDB under the HCQIA (hospitals, other health 
care entities that have formal peer review and provide health care 
services, State

[[Page 9139]]

medical or dental boards, and other health care practitioner State 
boards), other State licensing authorities, agencies administering 
Federal health care programs (including private entities administering 
such programs under contract), State agencies administering or 
supervising the administration of State health care programs, State 
Medicaid fraud control units, certain law enforcement agencies, and 
utilization and quality control Quality Improvement Organizations 
(QIOs). Individual health care practitioners and entities may self-
query. Information under section 1921 is reported by State licensing 
and certification authorities, peer review organizations, and private 
accreditation entities.
    Final regulations implementing section 1921 were issued on January 
28, 2010 (75 FR 4656). The NPDB began collecting and disclosing section 
1921 information on March 1, 2010.
(3.) Section 1128E of the Social Security Act (42 U.S.C. 1320a-7e) 
(Prior to the Passage of the Affordable Care Act)
    Section 1128E of the Social Security Act (herein referred to as 
section 1128E), as added by section 221(a) of the Health Insurance 
Portability and Accountability Act of 1996, Public Law 104-191, 
directed the Secretary to establish and maintain a national health care 
fraud and abuse data collection program for the reporting and 
disclosing of certain final adverse actions taken against health care 
practitioners, providers, or suppliers. This data bank is known as the 
Healthcare Integrity and Protection Data Bank (HIPDB). Section 1128E 
required Federal and State government agencies and health plans to 
report to the HIPDB the following final adverse actions: Licensing and 
certification actions; criminal convictions and civil judgments related 
to the delivery of health care services; exclusions from Federal or 
State health care programs; and other adjudicated actions or decisions. 
Federal and State government agencies and health plans have access to 
this information. Individual practitioners, providers, and suppliers 
may self-query the HIPDB.
    The HIPDB began collecting reports in November 1999. Requirements 
of both HCQIA and section 1921 overlap with the requirements under 
section 1128E, although each law has unique characteristics, including 
differences in the types of reportable actions and the types of 
agencies, entities, and officials with access to information. For 
example, all three reporting schemes require the reporting of State 
licensure actions. The HCQIA, however, only requires the reporting of 
licensure actions taken against physicians and dentists that are based 
on professional competence or conduct. In contrast, sections 1921 and 
1128E do not have a requirement that reportable adverse licensure 
actions be based on professional competence or conduct and also differ 
in the types of subjects reported. In addition, sections 1921 and 1128E 
authorize access to many of the same types of agencies, organizations, 
and officials. For example, both statutes authorize access by law 
enforcement agencies, agencies that administer or pay for health care 
services or programs, and State licensing authorities. Private-sector 
hospitals and health care service providers are only able to access 
information reported under the HCQIA and section 1921, but not under 
section 1128E.
(4.) Section 6403 of the Patient Protection and Affordable Care Act of 
2010
    Section 6403 of the Patient Protection and Affordable Care Act of 
2010 (hereinafter referred to as section 6403), Public Law 111-148, 
amends sections 1921 and 1128E to eliminate duplication between the 
HIPDB and the NPDB, and requires the Secretary to establish a 
transition period for transferring data collected in the HIPDB to the 
NPDB and to cease HIPDB operations. Information previously collected 
and disclosed through the HIPDB will then be collected and disclosed 
through the NPDB. No new data elements have been added as a result of 
section 6403. All actions currently reported in the NPDB and HIPDB will 
be reported to the NPDB.
    All security standards that are currently in place to protect the 
confidentiality of information in the Data Banks will be retained. HRSA 
follows the National Institute of Standards and Technology (NIST) 
security guidelines. More specifically, the Data Bank has extensive 
operational, management, and technical controls that ensure the 
security of the system and protect the data in the system. The Data 
Bank contains information classified under the Privacy Act that is 
considered personally identifiable information (PII). On an annual 
basis, the Data Bank conducts a detailed security review process that 
tests the effectiveness of the security controls to ensure the PII in 
the system remains safe. Finally, every three years, the Data Bank is 
Certified and Accredited (C&A) as a requirement to have an Authority to 
Operate (ATO), in order to function as a Federal system.
    The specific amendments section 6403 makes to sections 1921 and 
1128E are described in greater detail in the paragraphs below.
    Subsection (a) of section 6403 amends section 1128E to require 
reporting to the NPDB instead of the HIPDB. Subsection (a) also 
eliminates requirements in section 1128E related to reporting by State 
agencies; conforms the requirements for reporting Federal licensing and 
certification actions to those that apply to State agencies under 
section 1921; provides that the information reported pursuant to 
section 1128E will be available to the agencies, entities, and 
officials authorized to access information reported pursuant to section 
1921; and authorizes the Secretary to establish reasonable fees for the 
disclosure of the information, with no exception from the fee for 
Federal government agencies. Finally, subsection (a) requires the 
Secretary, in implementing the amendments to section 1128E, to provide 
for the maximum appropriate coordination between part B of the HCQIA 
and section 1921.
    Subsection (b) of section 6403 adds to section 1921 the State 
agency reporting requirements that were eliminated from section 1128E 
by subsection (a). These State actions, taken against health care 
practitioners, providers, and suppliers, include State licensing and 
certification actions, State health care-related criminal convictions 
and civil judgments, exclusions from State health care programs, and 
other adjudicated actions or decisions. Subsection (b) also conforms 
the requirements for reporting State licensing and certification 
actions to those that apply to Federal agencies under section 1128E and 
makes amendments to expand the data access provisions of section 
1921(b) so that entities that were authorized to access final adverse 
action information reported to the HIPDB by State agencies under 
section 1128E will retain access to that information when it is 
reported to the NPDB under section 1921. Subsection (b) also adds new 
provisions under section 1921 that are modeled on similar provisions in 
section 1128E. These new provisions require the Secretary to disclose 
reported information to a subject of a report and establish other 
requirements designed to ensure that the information reported pursuant 
to section 1921 is accurate; authorize the Secretary to establish or 
approve reasonable fees for the disclosure of information reported 
pursuant to section 1921; and provide protection against liability in a 
civil action for entities reporting information as required by section 
1921 (so long as such entities have no knowledge of the falsity of the 
information). Subsection

[[Page 9140]]

(b) also provides definitions for the following terms: (1) ``State 
licensing or certification agency;'' (2) ``State law or fraud 
enforcement agency;'' and (3) ``final adverse action.'' Finally, 
subsection (b) requires the Secretary, in implementing the amendments 
to section 1921, to provide for the maximum appropriate coordination 
with HCQIA and section 1128E.
    Subsection (c) of section 6403 amends section 1128C of the Social 
Security Act regarding the HHS Office of Inspector General's 
responsibilities with respect to section 1128E by deleting the HHS 
Office of Inspector General's responsibility to provide for the 
reporting and disclosure of certain final adverse actions against 
health care providers, suppliers, or practitioners pursuant to the data 
collection system established under section 1128E. Subsection (d) 
establishes requirements for a transition process; authorizes the 
Department of Veterans Affairs to access, free of charge for one year, 
information that was formerly reported only to the HIPDB; describes the 
availability of additional funds for the transition process, if 
necessary; and includes the effective date for the section.
    Effectively, in addition to transferring HIPDB data and operations 
to the NPDB, section 6403 transfers all section 1128E reporting 
requirements by State agencies to section 1921, thereby eliminating 
duplication in certain State agency reporting requirements under both 
statutes, while leaving Federal agency and health plan reporting 
requirements under the authority of section 1128E. Section 6403 also 
creates a common list of queriers for section 1921 and section 1128E 
data. There are exceptions to this common querier list. Hospitals and 
other health care entities, professional societies, and QIOs have 
access to section 1128E data as well as licensing and certification 
actions under section 1921, but have no additional access to data as a 
result of section 6403. By maintaining many of the same reporting 
requirements and by maintaining different levels of access depending on 
who is requesting information in section 6403, Congress further 
indicated its intent that, despite the transition of HIPDB operations 
to the NPDB, original reporting and querying requirements remain the 
same to the greatest extent possible, while ensuring the maximum 
coordination among the three statutes. Section 6403 does not affect 
reporting requirements or query access under the HCQIA, so existing 
requirements under the HCQIA for hospitals, other health care entities, 
professional societies, or medical malpractice payers will not change.
    The reporting and querying requirements of sections 1921 and 1128E, 
as amended by section 6403, are described in greater detail below.

B. Section 1921 as Amended by Section 6403

    As amended by section 6403, section 1921 requires each State to 
have in effect a system of reporting licensure and certification 
actions taken against a health care practitioner or entity by a State 
licensing or certification agency. Section 6403 defines a State 
licensing or certification agency to include State licensing 
authorities, peer review organizations, and private accreditation 
entities. Licensing and certification actions include certain adverse 
actions taken by a State licensing authority as well as any negative 
action or finding that a State licensing authority, a peer review 
organization, or a private accreditation entity has concluded against a 
health care practitioner or entity. Each State also must have in effect 
a system of reporting information with respect to any final adverse 
action (not including settlements in which no findings of liability 
have been made) taken against a health care practitioner, provider, or 
supplier by a State law or fraud enforcement agency. These final 
adverse actions include criminal convictions or civil judgments in 
State court related to the delivery of health care services, exclusions 
from participation in a State health care program, and any other 
adjudicated action or decision. In addition, final adverse actions 
include any licensure or certification action taken against a supplier 
by a State licensing or certification agency. Section 1921 information 
is now available to agencies administering Federal health care 
programs, including private entities administering such programs under 
contract; State licensing or certification agencies, and Federal 
agencies responsible for the licensing and certification of health care 
practitioners, providers, and suppliers; State agencies administering 
or supervising the administration of State health care programs; health 
plans; State law or fraud enforcement agencies; and the U.S. Attorney 
General and other law enforcement officials as the Secretary deems 
appropriate. In addition, QIOs, as well as hospitals, professional 
societies, and other health care entities have access to ``licensure 
and certification actions'' reported under section 1921. These entities 
do not have access to ``final adverse actions'' added to section 1921 
by section 6403. Potential subjects of section 1921 reports, including 
health care practitioners, health care entities, providers, and 
suppliers, may self-query.

C. Section 1128E, as Amended by Section 6403

    Section 6403 amends section 1128E to require the Secretary to 
maintain a national health care fraud and abuse data collection program 
under this section for the reporting of certain final adverse actions 
against health care practitioners, providers, and suppliers. The 
Secretary shall furnish the information collected under section 1128E 
to the NPDB. Federal government agencies and health plans are required 
to report to the NPDB the following final adverse actions: licensing 
and certification actions; criminal convictions and civil judgments in 
Federal or State court related to the delivery of health care services; 
exclusions from Federal health care programs; and other adjudicated 
actions or decisions.
    The information collected under section 1128E shall be available 
from the National Practitioner Data Bank to all agencies, authorities, 
and officials which are authorized under the amended section 1921 
access provisions. However, under the section 1921 access provisions, 
hospitals, other health care entities, professional societies, and QIOs 
are only authorized to receive certain section 1921 information. 
Individual practitioners, providers, and suppliers may self-query the 
NPDB to receive section 1128E information.
    The table below further illustrates the impact that section 6403 
has on current data bank requirements, presenting the requirements for 
the HCQIA, section 1921 and 1128E before the passage of section 6403, 
and the proposed requirements after passage of section 6403.
    The table is only a summary of the statutory reporting and querying 
requirements before and after passage of section 6403. All elements in 
the table, including definitions of terms used, are detailed in various 
sections of this proposed rule.

[[Page 9141]]



 Table 1--Data Banks Statutory Requirements Before and After Passage of
                              Section 6403*
------------------------------------------------------------------------
   Statutory requirements before       Reporting/querying requirements
      passage of Section 6403           after passage of Section 6403
------------------------------------------------------------------------
            WHO REPORTS?                         WHO REPORTS?
 
HCQIA (NPDB)                         HCQIA (NPDB)
[ssbox]Medical malpractice payers    [ssbox]Medical malpractice payers
[ssbox]Boards of Medical/Dental      [ssbox]Boards of Medical/Dental
 Examiners                            Examiners
[ssbox]Hospitals and other           [ssbox]Hospitals and other health
 healthcare entities                  care entities
[ssbox]Professional societies with   [ssbox]Professional societies with
 formal peer review                   formal peer review
[ssbox]Drug Enforcement              [ssbox]Drug Enforcement
 Administration                       Administration
[ssbox]Health and Human Services--   [ssbox]Health and Human Services-
 Office of Inspector General          Office of Inspector General
                                     ...................................
SECTION 1921 (NPDB)                  SECTION 1921 (NPDB)
[ssbox]Peer review organizations     [ssbox]Peer review organizations
[ssbox]Private accreditation         [ssbox]Private accreditation
 organizations                        organizations
[ssbox]State authorities that        [ssbox]State authorities that
 license practitioners and entities   license or certify practitioners,
                                      entities, providers, suppliers
                                     [ssbox]State law or fraud
                                      enforcement agencies
                                     ...................................
SECTION 1128E (HIPDB)                SECTION 1128E (NPDB)
[ssbox]Federal and State government  [ssbox]Federal government agencies
 agencies (including State law or    [ssbox]Health plans
 fraud enforcement agencies)
[ssbox]Health plans
------------------------------------------------------------------------
   WHAT INFORMATION IS REPORTED?        WHAT INFORMATION IS REPORTED?
 
HCQIA (NPDB)                         HCQIA (NPDB)
[ssbox]Medical malpractice payments  [ssbox]Medical malpractice payments
[ssbox]Adverse licensure actions     [ssbox]Adverse licensure actions
 (physicians/dentists):               (physicians/dentists):
--revocation, suspension,            --revocation, suspension,
 reprimand, probation, surrender,     reprimand, probation, surrender,
 censure                              censure
[ssbox]Adverse clinical privileges   [ssbox]Adverse clinical privileges
 actions (primarily physicians/       actions (primarily physicians/
 dentists)                            dentists)
[ssbox]Adverse professional society  [ssbox]Adverse professional society
 membership (primarily physicians/    membership (primarily physicians/
 dentists)                            dentists)
[ssbox]DEA certification actions     [ssbox]DEA certification actions
[ssbox]Medicare/Medicaid exclusions  [ssbox]Medicare/Medicaid exclusions
 
SECTION 1921 (NPDB)                  SECTION 1921 (NPDB)
[ssbox]Licensing actions             [ssbox]Licensing or certification
 (practitioners and entities):        actions (practitioners, entities,
--revocation, reprimand, censure,     providers, and suppliers):
 suspension, probation               --revocation, reprimand, censure,
--any dismissal or closure of the     suspension, probation
 proceedings by reason of            --any dismissal or closure of the
 surrendering the license or          proceedings by reason of
 leaving the State or jurisdiction    surrendering the license or
--any other loss of the license       leaving the State or jurisdiction
--any negative action or finding by  --any other loss of, or loss of the
 a State licensing authority, peer    right to apply for, or renew a
 review organization, or private      license
 accreditation entity                --any negative action or finding by
                                      a State licensing or certification
                                      authority, peer review
                                      organization, or private
                                      accreditation entity
                                     [ssbox]Health care-related civil
                                      judgments in State court
                                      (practitioners, providers,
                                      suppliers)
                                     [ssbox]Health care-related State
                                      criminal convictions
                                      (practitioners, providers,
                                      suppliers)
                                     [ssbox]Exclusions from State health
                                      care programs (practitioners,
                                      providers, suppliers)
                                     [ssbox]Other adjudicated actions or
                                      decisions (practitioners,
                                      providers, suppliers)
                                     ...................................
SECTION 1128E (HIPDB)                SECTION 1128E (NPDB)
[ssbox]Licensing and certification   [ssbox]Federal licensing/
 actions (practitioners, providers,   certification actions
 and suppliers):                      (practitioners, providers, and
--revocation, reprimand,              suppliers):
 suspension, censure, probation;     --revocation, reprimand, censure,
--any other loss of license, or       suspension, probation
 right to apply for, or renew, a     --any dismissal or closure of the
 license, whether by voluntary        proceedings by reason of
 surrender, non-renewability, or      surrendering the license or
 otherwise                            leaving the State or jurisdiction
--any other negative action or       --any other loss of, or right to
 finding that is publicly available   apply for, or renew, a license,
 information                          whether by voluntary surrender,
[ssbox]Health care-related civil      non-renewability, or otherwise
 judgments in Federal or State       --any negative action or finding
 court (practitioners, providers,     that is publicly available
 suppliers)                           information
[ssbox]Health care-related Federal   [ssbox]Health care-related civil
 or State criminal convictions        judgments in Federal or State
 (practitioners, providers,           court (practitioners, providers,
 suppliers)                           suppliers)
[ssbox]Exclusions from Federal or    [ssbox]Health care-related Federal
 State health care programs           or State criminal convictions
 (practitioners, providers,           (practitioners, providers,
 suppliers)                           suppliers)
[ssbox]Other adjudicated actions or  [ssbox]Exclusions from Federal
 decisions (practitioners,            health care programs
 providers, suppliers)                (practitioners, providers,
                                      suppliers)
                                     [ssbox]Other adjudicated actions or
                                      decisions (practitioners,
                                      providers, suppliers)
------------------------------------------------------------------------

[[Page 9142]]

 
           WHO CAN QUERY?                       WHO CAN QUERY?
 
HCQIA (NPDB)                         HCQIA (NPDB)
[ssbox]Hospitals                     [ssbox]Hospitals
[ssbox]Other health care entities    [ssbox]Other health care entities
 with formal peer review              with formal peer review
[ssbox]Professional societies with   [ssbox]Professional societies with
 formal peer review                   formal peer review
[ssbox]Boards of Medical/Dental      [ssbox]Boards of Medical/Dental
 Examiners                            Examiners
[ssbox]Other health care             [ssbox]Other health care
 practitioner State licensing         practitioner State licensing
 boards                               boards
[ssbox]Plaintiff's attorney/pro se   [ssbox]Plaintiff's attorney/pro se
 plaintiffs (limited circumstances)   plaintiffs (limited circumstances)
[ssbox]Health care practitioners     [ssbox]Health care practitioners
 (self-query)                         (self-query)
[ssbox]Researchers (statistical      [ssbox]Researchers (statistical
 data only)                           data only)
 
SECTION 1921 (NPDB)                  SECTION 1921 and SECTION 1128E
                                      (NPDB)
[ssbox]Hospitals and other health    [ssbox]Hospitals and other health
 care entities (HCQIA)                care entities (HCQIA)**
[ssbox]Professional societies with   [ssbox]Professional societies with
 formal peer review                   formal peer review**
[ssbox]Quality Improvement           [ssbox]Quality Improvement
 Organizations                        Organizations**
[ssbox]State licensing agencies      [ssbox]State licensing or
 that license practitioners and       certification agencies that
 entities                             license or certify practitioners,
[ssbox]Agencies administering         entities, providers, or suppliers
 Federal health care programs, or    [ssbox]Agencies administering
 their contractors                    (including those providing payment
[ssbox]State agencies administering   for services) Federal health care
 State health care programs           programs and their contractors
[ssbox]State Medicaid fraud control  [ssbox]State agencies administering
 units                                State health care programs
[ssbox]U.S. Comptroller General      [ssbox]Federal agencies that
[ssbox]U.S. Attorney General and      license or certify practitioners,
 other law enforcement                providers, suppliers
[ssbox]Health care practitioners/    [ssbox]Health plans
 entities (self-query)               [ssbox]State law or fraud
[ssbox]Researchers (statistical       enforcement agencies (including
 data only)                           State Medicaid fraud control
                                      units)
SECTION 1128E (HIPDB)                [ssbox]U.S. Comptroller General
[ssbox]Federal and State government  [ssbox]U.S. Attorney General and
 agencies                             other Federal law enforcement
[ssbox]Health plans                  [ssbox]Health care practitioners,
[ssbox]Health care practitioners/     entities, providers, suppliers
 providers/suppliers (self-query)     (self-query)
[ssbox]Researchers (statistical      [ssbox]Researchers (statistical
 data only)                           data only).
------------------------------------------------------------------------
* For NPDB requirements, the term ``practitioners'' is used throughout
  this table to mean ``practitioners, physicians, dentists.''
** Under Section 1921, these entities only have access to reported
  licensing or certification actions, which is consistent with these
  entities' access prior to passage of the Affordable Care Act.

D. Maximum Coordination When Implementing Section 6403

    Sections 6403(a)(3) and 6403(b)(4) require the Secretary to provide 
for the maximum appropriate coordination among HCQIA, section 1921, and 
section 1128E when implementing the provisions of section 6403. We have 
made significant efforts to develop this proposed rule in a manner that 
minimizes the burden on reporters. Reporters previously responsible for 
reporting adverse actions to both the NPDB and HIPDB only needed to 
submit one report per action, provided that reporting was done through 
the Department's web-based system that sorted the appropriate actions 
into the HIPDB, the NPDB, or both. Similarly, under the revised 
regulations, reporters will only need to submit one report per action.
    Congress's mandate that the Secretary provide for the maximum 
appropriate coordination among the statutes makes it necessary, in 
certain cases, to make slight modifications when combining sometimes 
overlapping statutory requirements. These instances are described in 
the paragraphs below, and in the discussion of the proposed regulatory 
definitions.

E. Terms Used To Describe Subjects of Reports Under Section 1921 and 
1128E

    We clarified statutory language used to describe report subjects in 
several ways. First, we used the term ``health care practitioner, 
physician, and dentist'' throughout these regulations to refer to 
``health care practitioner'' report subjects for sections 1921 and 
1128E. We are clarifying that the ``health care practitioner'' report 
subjects under both sections 1921 and 1128E include health care 
practitioners, physicians, and dentists to help ensure consistency in 
the merged data, as the NPDB definition of ``health care practitioner'' 
excludes physicians and dentists whereas the HIPDB definition includes 
physicians and dentists. The definitions for physician and dentist are 
provided for separately and therefore they are included as report 
subjects.
    Second, we clarified statutory language with respect to report 
subjects by consistently using the term ``entity, provider, and 
supplier'' in referring to section 1921 entity report subjects. Both 
original and amended section 1921 reporting requirements include 
certain adverse actions taken against a ``health care practitioner or 
entity,'' and NPDB regulations use the HCQIA definition of ``health 
care entity'' to define the range of these report subjects. It is clear 
from the context of section 6403 that the use of the term ``entity'' 
also includes ``supplier'' subjects. Specifically, section 6403(b), 
which added the disclosure and correction provision in section 1921(d), 
refers only to ``health care practitioner'' and ``entity'' report 
subjects. It is not reasonable to conclude that Congress intended to 
prevent providers and suppliers from having access to their own reports 
or being able to dispute a report, while giving that ability to health 
care practitioners and entities. Although the provision only uses the 
terms practitioner and entity it must be read broadly to keep the 
Congressional intent of not making significant changes to current 
reporting and querying requirements. Therefore, we apply this provision 
to all section 1921 report subjects, including health care 
practitioners, physicians, dentists, entities, providers, and 
suppliers.
    Finally, the proposed rule sometimes refers to ``practitioner, 
physician, dentist, provider, and supplier'' as one grouping. The 
manner in which the regulation defines supplier may be read to include 
physicians and dentists. In the proposed rule, where physicians

[[Page 9143]]

and dentists are specified, but other suppliers are not, it is intended 
that other suppliers are not included in those instances. Where 
suppliers are mentioned along with physicians and dentists, the intent 
is not to imply that suppliers do not include physicians and dentists, 
but that all terms were included for the sake of clarity.

F. Sanction Authority

    HIPDB regulations include sanctions against Federal and State 
agencies and health plans for failure to report as required. For 
Federal and State government agencies, the Secretary provides for 
publication of a public report that identifies those agencies that have 
failed to report information as required. Health plans that fail to 
report information as required under section 1128E are subject to a 
civil money penalty of up to $25,000 for each action not reported. 
While section 6403 transfers State agency reporting requirements from 
section 1128E to section 1921, we plan to maintain existing sanction 
authority (publication of a public report) for those State agencies 
that are required to report licensure and certification actions, 
exclusions from State health care programs, criminal convictions and 
civil judgments in a State court, and other adjudicated actions or 
decisions. Further, we plan to maintain existing sanction authority, as 
stated above, and which currently exists in section 1128E, for those 
Federal agencies that fail to report. These sanctions are currently 
part of the agency's compliance plan, and we are attempting to maintain 
consistency between current and future Data Bank operational policy.

G. Authorization Dates for Collecting Reports

    The authorization dates for collecting adverse actions under 
section 1921 and section 1128E are based on the original legislation 
for the requirements and are unchanged by the passage of section 6403. 
Amendments made by section 6403 represent a reorganization of existing 
statutory requirements and not an imposition of new actions. Therefore, 
the passage section 6403 does not affect reporters' obligations to 
report action back to the dates currently in use for the system. 
Actions taken by State agencies transferred from section 1128E to 
section 1921 will retain their original authorization dates.

H. Limitations on the Scope of Public Comment

    The current regulations governing the NPDB which are not expanded 
or modified by section 6403 are not subject to review or comment under 
this Notice of Proposed Rulemaking, e.g., reporting requirements for 
medical malpractice payers, and eligible entities that may query the 
NPDB under the authority of the HCQIA.

II. Provisions of the Proposed Rule

    We describe the proposed amendments below according to the sections 
of the regulations which they affect.

Sec. 60.1 The National Practitioner Data Bank

    The proposed rule amends this section by incorporating the 
statutory provisions for section 1128E of the Social Security Act.

Sec. 60.2 Applicability of These regulations

    The proposed rule amends this section by revising the reporting 
requirements to include those organizations and agencies required to 
report under section 1921 and section 1128E (both as amended by section 
6403).

Sec. 60.3 Definitions

    The proposed rule adds existing definitions from the HIPDB 
regulations as well as new statutory definitions to this section. 
Because this proposed rule combines requirements already specified in 
current NPDB and HIPDB regulations, it was necessary to modify the 
regulatory definitions for certain terms or combine similar regulatory 
definitions for the same term. In one instance, for the term ``Act,'' a 
definition is deleted in its entirety. We believe this approach is 
consistent with the mandate that the Secretary provide for the maximum 
appropriate coordination among the HCQIA, section 1921, and section 
1128E. This proposed rule also clarifies new statutory definitions. 
These clarifications merely provide additional examples of the scope of 
the definitions.
    As a result, we propose to add the following new terms to this 
section, which are in the current HIPDB regulations:
    Civil judgment means a court-ordered action rendered in a Federal 
or State court proceeding, other than a criminal proceeding. This 
reporting requirement does not include consent judgments that have been 
agreed upon and entered to provide security for civil settlements in 
which there was no finding or admission of liability.
    The term ``civil judgment'' is currently defined in the HIPDB 
regulations, and we have not modified this existing definition.
    Criminal conviction means a conviction as described in section 
1128(i) of the Social Security Act.
    The term ``criminal conviction'' is currently defined in the HIPDB 
regulations, and we have not modified this existing definition.
    Exclusion means a temporary or permanent debarment of an individual 
or entity from participation in any Federal or State health-related 
program, in accordance with which items or services furnished by such 
person or entity will not be reimbursed under any Federal or State 
health-related program.
    The term ``exclusion'' is currently defined in the HIPDB 
regulations, and we have not modified this existing definition.
    Federal government agency includes, but is not limited to:
    (a) The U.S. Department of Justice;
    (b) The U.S. Department of Health and Human Services;
    (c) Federal law enforcement agencies, including law enforcement 
investigators;
    (d) Any other Federal agency that either administers or provides 
payment for the delivery of health care services, including, but not 
limited to the U.S. Department of Defense and the U.S. Department of 
Veterans Affairs; and
    (e) Federal agencies responsible for the licensing and 
certification of health care practitioners, physicians, dentists, 
providers, and suppliers.
    The definition of the term ``government agency'' is set forth in 
section 1128E(g)(3) of the Social Security Act to describe the range of 
Federal government agencies that are required to report under section 
1128E (as revised by section 6403). These proposed rules refer to the 
section 1128E term, ``government agencies,'' as ``Federal government 
agencies'' to provide clarification between the Federal agencies 
required to report under section 1128E and certain State agencies 
(which are defined separately) that must report under section 1921. 
These proposed rules specify that the definition includes, but is not 
limited to, those agencies listed.
    Health care provider means, for the purposes of this part, a 
provider of services as defined in section 1861(u) of the Social 
Security Act; any health care organization (including a health 
maintenance organization, preferred provider organization, or group 
medical practice) that provides health care services and follows a 
formal peer review process for the purpose of furthering quality health 
care, and any other health care organization that, directly or through 
contracts, provides health care services.

[[Page 9144]]

    The term ``health care provider'' is currently defined in HIPDB 
regulations. We slightly modified this definition by replacing the 
phrase ``means a provider'' with ``means, for purposes of this part, a 
provider'' to avoid any confusion with the manner that Medicare defines 
such term.
    Health care supplier means, for the purposes of this part, a 
provider of medical and other health care services as described in 
section 1861(s) of the Social Security Act; or any individual or 
entity, other than a provider, who furnishes, whether directly or 
indirectly, or provides access to, health care services, supplies, 
items, or ancillary services (including, but not limited to, durable 
medical equipment suppliers, manufacturers of health care items, 
pharmaceutical suppliers and manufacturers, health record services such 
as medical, dental, and patient records, health data suppliers, and 
billing and transportation service suppliers). The term also includes 
any individual or entity under contract to provide such supplies, 
items, or ancillary services; health plans as defined in this section 
(including employers that are self-insured); and health insurance 
producers (including, but not limited to agents, brokers, solicitors, 
consultants, and reinsurance intermediaries).
    The term ``health care supplier'' is currently defined in HIPDB 
regulations. We slightly modified this definition by replacing the 
phrase ``means a provider'' with ``means, for purposes of this part, a 
provider'' to avoid any confusion with the manner that Medicare defines 
such term.
    Health plan means, for the purposes of this part, a plan, program, 
or organization that provides health benefits, whether directly, 
through insurance, reimbursement, or otherwise, and includes but is not 
limited to:
    (a) A policy of health insurance;
    (b) A contract of a service benefit organization;
    (c) A membership agreement with a health maintenance organization 
or other prepaid health plan;
    (d) A plan, program, agreement, or other mechanism established, 
maintained, or made available by a self-insured employer or group of 
self-insured employers, a health care practitioner, physician, dentist, 
provider, or supplier group, third-party administrator, integrated 
health care delivery system, employee welfare association, public 
service group, or organization or professional association;
    (e) An insurance company, insurance service, or insurance 
organization that is licensed to engage in the business of selling 
health care insurance in a State and which is subject to State law 
which regulates health insurance; and
    (f) An organization that provides benefit plans whose coverage is 
limited to outpatient prescription drugs.
    The term ``health plan'' is currently defined in the HIPDB 
regulations. We slightly modified this definition by replacing the 
phrase ``practitioner, provider, or supplier'' with the phrase ``health 
care practitioner, physician, dentist, provider, or supplier.'' We 
slightly modified this definition by replacing the phrase ``means a 
plan'' with ``means, for purposes of this part, a plan'' to avoid any 
confusion with the HIPAA definition. Additionally, we broadened the 
definition to respond to an expressed need to include stand-alone 
prescription drug plans, like those offered under the Medicare Part D 
program.
    Other adjudicated actions or decisions means formal or official 
final actions taken against a health care practitioner, physician, 
dentist, provider, or supplier by a Federal governmental agency, a 
State law or fraud enforcement agency, or a health plan; which include 
the availability of a due process mechanism, and are based on acts or 
omissions that affect or could affect the payment, provision or 
delivery of a health care item or service. For example, a formal or 
official final action taken by a Federal governmental agency, a State 
law or fraud enforcement agency, or a health plan may include, but is 
not limited to, personnel-related actions such as suspensions without 
pay, reductions in pay, reductions in grade for cause, terminations, or 
other comparable actions. A hallmark of any valid adjudicated action or 
decision is the availability of a due process mechanism. The fact that 
the subject elects not to use the due process mechanism provided by the 
authority bringing the action is immaterial, as long as such a process 
is available to the subject before the adjudicated action or decision 
is made final. In general, if an adjudicated action or decision follows 
an agency's established administrative procedures (which ensure that 
due process is available to the subject of the final adverse action), 
it would qualify as a reportable action under this definition. This 
definition specifically excludes clinical privileging actions taken by 
Federal government agencies or State law and fraud enforcement agencies 
and similar paneling decisions made by health plans. This definition 
does not include overpayment determinations made by Federal or State 
government programs, their contractors or health plans; and it does not 
include denial of claims determinations made by Federal government 
agencies, State law or fraud enforcement agencies, or health plans. For 
health plans that are not government entities, an action taken 
following adequate notice and the opportunity for a hearing that meets 
the standards of due process set out in section 412(b) of the HCQIA (42 
U.S.C. 11112(b)) also would qualify as a reportable action under this 
definition.
    The term ``other adjudicated actions or decisions'' is currently 
defined in HIPDB regulations. To reflect a change in terminology made 
by section 6403, we modified this definition by replacing the term, 
``State government agency'' with ``State law or fraud enforcement 
agency'' when referring to those State agencies that take ``other 
adjudicated actions or decisions.''
    State law or fraud enforcement agency includes, but is not limited 
to:
    (a) A State law enforcement agency;
    (b) A State Medicaid fraud control unit (as defined in section 
1903(q) of the Social Security Act); and
    (c) A State agency administering (including those providing payment 
for services) or supervising the administration of a State health care 
program (as defined in section 1128(h) of the Social Security Act).
    Section 6403(b)(3) added the term ``State law or fraud enforcement 
agency'' in section 1921(g)(2) of the Social Security Act to describe 
those State agencies (in addition to State licensing or certification 
agencies) that were formerly required to report final adverse actions 
under section 1128E and that are now required to report those actions 
under section 1921. We added ``a State agency administering (including 
those providing payment for services) a State health care program'' as 
an example of an agency that would report exclusions from State health 
care programs. These State agencies also would take certain other 
adjudicated actions or decisions defined in the regulations, such as 
``personnel-related actions,'' when providing health care services 
through State-owned hospitals and other facilities. Because these 
agencies have a role in investigating and preventing health care fraud 
and abuse, they were included in the definition.
    State licensing or certification agency includes, but is not 
limited to, any authority of a State (or of a political subdivision 
thereof) responsible for the licensing or certification of health care 
practitioners, physicians, dentists, (or any peer review organization, 
or private accreditation entity reviewing the services provided by 
health care practitioners, physicians, or dentists), health care 
entities, providers, or

[[Page 9145]]

suppliers. Examples of such State agencies include Departments of 
Professional Regulation, Health, Social Services (including State 
Survey and Certification and Medicaid Single State agencies), Commerce, 
and Insurance.
    Section 6403(b)(3) amended section 1921 by adding the term ``State 
licensing or certification agency.'' This term, which is defined in 
section 1921(g)(1) of the Social Security Act, is intended to combine 
two categories of current NPDB and HIPDB reporters: (1) State agencies 
responsible for licensing health care practitioners and entities (also 
referred to in NPDB regulations as ``State licensing and certification 
authorities''), peer review organizations, and private accreditation 
entities (all of which currently report to the NPDB under section 
1921); and (2) State agencies responsible for the licensing and 
certification of health care practitioners, providers, and suppliers 
(which report to the HIPDB under section 1128E). We also clarified the 
definition by providing examples from the HIPDB regulations of the 
scope of State agencies that license or certify health care 
practitioners, physicians, dentists, health care entities, providers, 
and suppliers.
    In addition to the new terms we propose to add in this section, we 
also propose to slightly amend the definitions of the following 
existing terms. These amendments are necessary to ensure the maximum 
appropriate coordination among requirements for the HCQIA, and sections 
1921 and 1128E of the Social Security Act.
    Board of Medical Examiners, or Board means a body or subdivision of 
such body which is designated by a State for the purpose of licensing, 
monitoring, and disciplining physicians or dentists. This term includes 
a Board of Osteopathic Examiners or its subdivision, a Board of 
Dentistry or its subdivision, or an equivalent body as determined by 
the State. Where the Secretary, pursuant to section 423(c)(2), of the 
HCQIA (42 U.S.C. 11112(c)) has designated an alternate entity to carry 
out the reporting activities of Sec.  60.12 due to a Board's failure to 
comply with Sec.  60.8, the term Board of Medical Examiners or 
``Board'' refers to this alternate entity.
    For this definition, we deleted the reference to ``the Act'' and 
inserted the complete statutory reference for the HCQIA. This change 
was necessary to avoid confusion among the different statutes governing 
NPDB operations.
    Health care entity means, for purposes of this part:
    (a) A hospital;
    (b) An entity that provides health care services, and engages in 
professional review activity through a formal peer review process for 
the purpose of furthering quality health care, or a committee of that 
entity; or
    (c) A professional society or a committee or agent thereof, 
including those at the national, State, or local level, of physicians, 
dentists, or other health care practitioners that engages in 
professional review activity through a formal peer review process, for 
the purpose of furthering quality health care.
    For purposes of paragraph (b) of this definition, an entity 
includes: a health maintenance organization which is licensed by a 
State or determined to be qualified as such by the Department of Health 
and Human Services; and any group or prepaid medical or dental practice 
which meets the criteria of paragraph (b).
    To avoid any confusion with the manner that Medicare defines such 
terms, we replaced the phrase ``health care entity means'' with 
``health care entity means, for the purposes of this part.''
    Health care practitioner, licensed health care practitioner, 
licensed practitioner, or practitioner means an individual other than a 
physician or dentist, who is licensed or otherwise authorized by a 
State to provide health care services (or any individual who, without 
authority, holds himself or herself out to be so licensed or 
authorized).
    The current NPDB and HIPDB definitions for the term ``health care 
practitioner'' have slight differences, although both Data Banks 
ultimately collect information on the same range of practitioners. 
First, the NPDB definition excludes physicians and dentists because the 
HCQIA provides separate definitions for physicians and dentists. 
Conversely, the HIPDB definition for ``health care practitioner'' 
includes physicians and dentists. Second, the HIPDB definition includes 
individuals who, without authority, hold themselves out to be licensed 
or authorized. While this language regarding individuals who hold 
themselves out to be licensed or authorized is not explicitly stated in 
the original NPDB definition of ``health care practitioner,'' it is 
included in the NPDB definitions for ``physician'' and ``dentist,'' and 
has been part of NPDB ``health care practitioner'' definition in 
reporting guidance since the NPDB began operations. A final difference 
in the two regulatory definitions is that the HIPDB definition also 
refers to the terms ``licensed health care practitioner,'' ``licensed 
practitioner,'' and ``practitioner.''
    To reconcile these differences in definitional language, while 
still maintaining the statutory requirements, we made two changes to 
the NPDB definition. First, we expanded the original NPDB term of 
``health care practitioner'' to include the additional terms used in 
the HIPDB definition (i.e., ``licensed health care practitioner, 
licensed practitioner, or practitioner''). Second, we included in the 
definition individuals who, without authority, hold themselves out to 
be licensed or authorized. Although this proposed definition excludes 
physicians and dentists (and the original HIPDB definition does not), 
we refer to ``health care practitioners, physicians, and dentists'' 
throughout these proposed rules to ensure that the statutory 
requirements are fulfilled.
    Hospital means, for purposes of this part, an entity described in 
paragraphs (1) and (7) of section 1861(e) of the Social Security Act.
    To avoid any confusion with the manner that Medicare defines such 
terms, we replaced the phrase ``means an entity'' with ``means, for 
purposes of this part, an entity.''
    Negative action or finding by a Federal or State licensing or 
certification authority, peer review organization, or private 
accreditation entity means:
    (a) A final determination of denial or termination of an 
accreditation status from a private accreditation entity that indicates 
a risk to the safety of a patient(s) or quality of health care 
services;
    (b) Any recommendation by a peer review organization to sanction a 
health care practitioner, physician, or dentist; or
    (c) Any negative action or finding that under the State's law is 
publicly available information and is rendered by a Federal or State 
licensing or certification authority, including but not limited to, 
limitations on the scope of practice, liquidations, injunctions, and 
forfeitures. This definition also includes final adverse actions 
rendered by a Federal or State licensing or certification authority, 
such as exclusions, revocations, or suspension of license or 
certification, that occur in conjunction with settlements in which no 
finding of liability has been made (although such a settlement itself 
is not reportable under the statute). This definition excludes 
administrative fines or citations and corrective action plans and other 
personnel actions, unless they are:

[[Page 9146]]

    (1) Connected to the delivery of health care services, or
    (2) Taken in conjunction with other adverse licensure or 
certification actions such as revocation, suspension, censure, 
reprimand, probation, or surrender.
    To date, we have allowed reporting entities to apply their own 
specific definition of negative action or finding. This provides States 
and other reporting entities the flexibility to interpret their own 
statutes and governing policies to meet the reporting requirements of 
the NPDB and HIPDB. We have also received comments from reporting 
entities that suggest a need for a more formal definition of negative 
finding. We welcome comments that address the definition of any 
negative action or finding, specifically comments that clarify the 
definition of negative finding.
    Both NPDB and the HIPDB regulations defined the term ``negative 
action or finding.'' The NPDB definition was limited to negative 
actions or findings by peer review organizations, private accreditation 
entities, and State authorities that license (including licensure and 
certification) health care practitioners and entities. The HIPDB 
definition included negative actions or findings by Federal or State 
agencies responsible for the licensing or certification of health care 
practitioners, providers, and suppliers. Our proposed definition 
incorporates language from the HIPDB definition to ensure that the NPDB 
will collect the full range of section 1921 and section 1128E reporting 
requirements for Federal and State licensing and certification 
authorities.
    In addition, we slightly modified language in the original HIPDB 
definition regarding the reporting of administrative fines or 
citations, and corrective action plans and other personnel actions, to 
make it consistent with existing section 1921 language. Under our 
proposed definition, administrative fines or citations, and corrective 
action plans and personnel actions, must be reported if they are either 
(1) related to the delivery of health care services or (2) taken with 
another reportable action. The ``or'' replaces the ``and'' in the 
original HIPDB definition. While this change may slightly expand the 
reporting requirements for certain Federal agencies, we believe it is 
fully consistent with Congress's efforts to otherwise harmonize Federal 
and State licensure and certification reporting requirements.
    Peer review organization means, for purposes of this part, an 
organization with the primary purpose of evaluating the quality of 
patient care practices or services ordered or performed by health care 
practitioners, physicians, or dentists measured against objective 
criteria which define acceptable and adequate practice through an 
evaluation by a sufficient number of health practitioners in such an 
area to ensure adequate peer review. The organization has due process 
mechanisms available to health care practitioners, physicians, and 
dentists. This definition excludes utilization and quality control peer 
review organizations described in Part B of Title XI of the Social 
Security Act (referred to as QIOs) and other organizations funded by 
the Centers for Medicare and Medicaid Services (CMS) to support the QIO 
program. We slightly modified this definition by changing ``means an 
organization'' to ``means, for the purposes of this part, an 
organization'' to avoid confusion with the definition of this term in 
Section 1152 of the Social Security Act.
    Physician means, for purposes of this part, a doctor of medicine or 
osteopathy legally authorized to practice medicine or surgery by a 
State (or who, without authority, holds himself or herself out to be so 
authorized). We slightly modified this definition by changing ``means a 
doctor'' to ``means, for the purposes of this part, a doctor'' to avoid 
confusion with the definition of this term used in Section 1861(r) of 
the Social Security Act.
    Private accreditation entity means an entity or organization that:
    (a) Evaluates and seeks to improve the quality of health care 
provided by a health care entity, provider, or supplier;
    (b) Measures a health care entity's, provider's, or supplier's 
performance based on a set of standards and assigns a level of 
accreditation;
    (c) Conducts ongoing assessments and periodic reviews of the 
quality of health care provided by a health care entity, provider, or 
supplier; and
    (d) Has due process mechanisms available to health care entities, 
providers, or suppliers.
    In the current NPDB regulations, private accreditation entities are 
limited to those that accredit health care entities. The definition 
excludes private accreditation entities that accredit health care 
practitioners. While the term ``entities,'' with respect to subjects of 
section 1921 reports, is now understood to include providers and 
suppliers (and the term ``suppliers'' includes individuals as well as 
organizations), it is still our understanding that accreditation 
organizations only accredit organizations and business entities, and 
not individuals. Therefore it is our expectation that, under the 
limited reporting requirements that apply to accreditation 
organizations, private accreditation entities would only report 
organizations and business entities. To the extent that an 
accreditation organization also accredits sole proprietorships and 
takes reportable actions against them, we anticipate that these sole 
proprietorships would be reported to the NPDB as organization, and not 
as individual, subjects.
    Voluntary surrender of license or certification means a surrender 
made after a notification of investigation or a formal official request 
by a Federal or State licensing or certification authority for a health 
care practitioner, physician, dentist, health care entity, provider, or 
supplier, to surrender the license or certification (including 
certification agreements or contracts for participation in Federal or 
State health care programs). The definition also includes those 
instances where a health care practitioner, physician, dentist, health 
care entity, provider, or supplier voluntarily surrenders a license or 
certification (including program participation agreements or contracts) 
in exchange for a decision by the licensing or certification authority 
to cease an investigation or similar proceeding, or in return for not 
conducting an investigation or proceeding, or in lieu of a disciplinary 
action.
    Both the NPDB and the HIPDB regulations included definitions for 
``voluntary surrender.'' The HIPDB regulations referred to this term as 
``voluntary surrender,'' while the NPDB regulations used the term 
``voluntary surrender of license.'' In these proposed rules, we refer 
to this term as ``voluntary surrender of license or certification'' for 
two reasons. First, the revised term clarifies the scope of voluntary 
surrenders to be reported under sections 1921 and 1128E (i.e., Federal 
and State licensing and certification actions). Second, the change will 
prevent confusion among organizations that report surrenders of 
clinical privileges under the HCQIA.
    The NPDB and HIPDB regulatory definitions for voluntary surrender 
were nearly identical with respect to voluntary surrenders of State 
licensure. However, the HIPDB definition also contained language with 
respect to surrender of Federal licensure, as well as Federal and State 
certification (including certification agreements or contracts for 
participation in Federal or State health care programs). This 
additional HIPDB language was included in the NPDB definition to ensure 
that original HIPDB reporting requirements remained unchanged.

[[Page 9147]]

    In addition to the definitions we have added or clarified, we also 
propose to eliminate the term ``Act'' from section 60.3. We chose this 
approach to avoid confusion when referencing the different statutes 
governing NPDB operations. NPDB regulations currently define ``Act'' as 
the Health Care Quality Improvement Act of 1986, title IV of Public Law 
99-660, as amended. HIPDB regulations define ``Act'' as the Social 
Security Act. We instead reference each of these statutes (as well as 
other governing statutes) by name where they appear in the regulations.
    We also propose to use the NPDB definition for the term, ``State,'' 
as it relates to all requirements under the HCQIA and sections 1921 and 
1128E. Both NPDB and HIPDB regulations include a definition for 
``State,'' however, they differ in that the NPDB definition includes 
two additional territories (American Samoa and the Northern Mariana 
Islands) that are not part of the HIPDB definition. While this change 
to the original HIPDB regulatory definition may slightly modify 
requirements for certain organizations, this should not be overly 
burdensome as these territories have reported few, if any, actions in 
the past. We believe the simplicity of this change outweighs the very 
slight potential increase in burden based on the addition of these two 
territories. Furthermore, the NPDB definition of ``State'' is included 
in statute, while the HIPDB definition is not. Therefore, the Secretary 
has greater flexibility to conform the definition to that of the NPDB.

Sec. 60.4 How Information Must Be Reported

    We propose to amend this section by changing the reference to 
``Sec.  60.11'' to read ``Sec.  60.12'' and including references to the 
newly added Sec. Sec.  60.10, 60.11, 60.13, 60.14, 60.15, and 60.16. We 
also remove the reference to reporting to the Board of Medical 
Examiners.

Sec. 60.5 When Information Must Be Reported

    We propose to amend this section of the existing NPDB regulations 
by:
    a. Revising the introductory text of this section to include 
references to the newly added Sec. Sec.  60.10, 60.13, 60.14, 60.15, 
and 60.16 and redesignated Sec. Sec.  60.11 and 60.12;
    b. Adding the August 21, 1996 legacy reporting date for section 
1128E actions; and
    c. Removing paragraphs (a)-(d) and replacing them with a list of 
reportable actions. This list reflects the combination of reporting 
categories from the NPDB and the HIPDB regulations.
    The proposed rule brings the HIPDB reporting time frame in line 
with the NPDB and eliminates references from the current HIPDB 
regulation to reporting by the close of an entity's next monthly 
reporting cycle. The proposed rule also eliminates from the current 
NPDB regulation the requirement for reporting within a 15-day window 
for those entities that have a dual obligation to report to a State 
authority. Thus all reports must be made within 30-calendar days from 
the date the final adverse action was taken. This rule also clarifies 
the State reporting obligations for persons or entities responsible for 
submitting malpractice payments (Sec.  60.7), negative actions or 
findings (Sec.  60.11), and adverse actions (Sec.  60.12). Reports for 
these three categories are submitted directly to the NPDB and a copy of 
the report must be mailed to the appropriate State licensing or 
certification agency. This has been the operational practice of the 
NPDB since 1990 and fulfills the statutory State reporting obligation 
for these reporters.

Sec. 60.6 Reporting Errors, Omissions, Revisions or Whether an Action 
Is on Appeal

    We propose to amend this section by:
    a. Revising the title to include reporting of whether an action is 
on appeal. This information currently must be reported for final 
adverse actions specified in HIPDB regulations;
    b. Revising the first and last sentences in paragraph (b) to 
include the requirement to report revisions to actions for all 
licensure and certification actions, criminal convictions, civil 
judgments, exclusions, and other adjudicated actions or decisions. The 
HIPDB regulations require reporting of revisions to these actions;
    c. Revising the third sentence of paragraph (b) to include the 
requirement to report when an action is on appeal for licensure and 
certification actions, criminal convictions, civil judgments, 
exclusions, and other adjudicated actions; and
    d. Adding a new sentence at the end of paragraph (a) and new 
paragraphs (c) and (d) to clarify current data bank policy regarding 
notifying subjects of a report and the steps subjects may take to 
ensure the information reported is accurate. These clarifications 
generally are included in HIPDB regulations, but the same policy has 
applied to the NPDB as well.

Sec. 60.7 Reporting Medical Malpractice Payments

    (We propose no changes to this section.)

Sec. 60.8 Reporting Licensure Actions Taken by Boards of Medical 
Examiners

    We propose to amend this section by revising the reference to 
``Sec.  60.11'' in the last sentence of paragraph (c) to read ``Sec.  
60.12.'' This change reflects the fact that Sec.  60.11 was 
redesignated as Sec.  60.12 in these proposed rules. We are also adding 
``Individual Tax Identification Number (ITIN)'' to Sec.  60.8(b)(4) 
after the word Social Security Number.

Sec. 60.9 Reporting Licensure and Certification Actions Taken by States

    We propose to amend Sec.  60.9 to reflect the changes made by 
section 6403 to the section 1921 licensure action reporting 
requirements by State agencies. The title of this section was revised 
to include licensure and certification actions, as required under 
section 6403(b)(1)(A)(i). The term ``certification'' has two distinct 
meanings in the current NPDB and HIPDB regulations. First, in both sets 
of regulations, ``certification'' is related to licensure. Licensure 
includes certification and other forms of authorization to provide 
health care services, and, based on their individual laws and 
requirements, States may ``license,'' ``certify,'' or ``register'' 
certain types of health care practitioners, health care entities, 
providers, or suppliers. For example, States may certify nurse's aides. 
Second, in section 1128E and the HIPDB regulations, the term 
``certification'' is also used to refer to certification of a health 
care practitioner, provider, or supplier to participate in a Federal or 
State health care program. In this context, certification includes 
certification agreements and contracts for participation in a 
government health care program. State certification actions such as 
termination of a hospital's Medicaid participating provider agreement 
or contract are now being reported to the NPDB under this part.
    We also propose to modify paragraphs (a) and (b) to reflect the 
range of subjects reported under this section to include health care 
practitioners, physicians, dentists, health care entities, providers, 
and suppliers. In addition, we propose to amend paragraphs (a)(1) 
through (a)(4) to reflect changes to those reporting requirements made 
by section 6403(b)(1)(A), which intended to harmonize State licensure 
and certification action reporting requirements with Federal licensure 
and certification action reporting

[[Page 9148]]

requirements under section 1128E. To reflect the fact that section 6403 
transfers State licensure and certification action reporting 
requirements from section 1128E to section 1921, we propose the 
following changes to ensure that the original reporting requirements 
from the HIPDB regulations remain unchanged. First, we amended language 
in paragraphs (a)(1) through (4) to clarify the range of reportable 
licensure and certification actions with respect to a license, 
certification agreement, or contract for participation in State health 
care programs. Second, in paragraph (c)(4)(ii), which was previously a 
reserved field, we added a data element for the date of any appeal. 
Third, we added paragraph (e) to incorporate the sanctions for failure 
to report that were included in the HIPDB regulations for State 
licensure and certification actions. Finally, we are also adding 
``Individual Tax Identification Number (ITIN)'' to Sec.  60.9(b)(1)(ii) 
after the word Social Security Number.

Sec. 60.10 Reporting Licensure and Certification Actions Taken by 
Federal Agencies

    We propose to redesignate Sec.  60.10 as Sec.  60.11, and add a new 
Sec.  60.10 to implement the reporting requirements for Federal 
licensure and certification agencies. These agencies must report to the 
NPDB the following final adverse actions that are taken against a 
health care practitioner, physician, dentist, provider, or supplier 
(regardless of whether the final adverse action is the subject of a 
pending appeal):
    (a) Formal or official actions, such as revocation or suspension of 
a license or certification agreement or contract for participation in 
Federal health care programs (and the length of any such suspension), 
reprimand, censure, or probation;
    (b) Any dismissal or closure of the proceedings by reason of the 
health care practitioner, physician, dentist, provider, or supplier 
surrendering their license or certification agreement or contract for 
participation in Federal health care programs, or leaving the State or 
jurisdiction;
    (c) Any other loss of the license or loss of the certification 
agreement or contract for participation in a Federal health care 
program, or the right to apply for, or renew, a license or 
certification agreement or contract of the health care practitioner, 
physician, dentist, provider, or supplier, whether by operation of law, 
voluntary surrender, nonrenewal (excluding nonrenewals due to 
nonpayment of fees, retirement, or change to inactive status), or 
otherwise; and
    (d) Any other negative action or finding by such Federal agency 
that is publicly available information.
    Further, we are substituting the acronym ``ITIN'' in place of the 
word ``Individual Tax Identification Number'' in Sec.  60.10(b)(1)(ii).

Sec. 60.11 Reporting Negative Actions or Findings Taken by Peer Review 
Organizations or Private Accreditation Entities [Redesignated]

    We propose to redesignate Sec.  60.11 as Sec.  60.12 and add 
redesignated Sec.  60.10 as Sec.  60.11. In accordance with the changes 
to the scope of ``entity'' report subjects required by section 6403, we 
propose to amend paragraph (a) of this section to include the reporting 
of health care practitioners, physicians, dentists, health care 
entities, providers, and suppliers. While peer review organizations 
will continue to report negative actions or findings taken against 
health care practitioners, physicians, or dentists, private 
accreditation entities are required to report actions taken against 
health care entities, providers, or suppliers. Paragraph (a) is revised 
to reflect that the reporting entity, (i.e., peer review organization 
or private accreditation entity) not the State, must submit reports 
directly to the NPDB and then provide a copy of the report to the 
appropriate State licensing or certification authority by mail. The 
remaining paragraphs (b)--(d) are accordingly modified to reflect this 
reporting scheme.

Sec. 60.12 Reporting Adverse Actions Taken Against Clinical Privileges. 
[Redesignated]

    We propose to redesignate Sec.  60.12 as Sec.  60.17 and add 
redesignated Sec.  60.11 as Sec.  60.12. As done with Sec.  60.11, the 
reporting scheme under paragraph (a) is revised to reflect that health 
care entities send reports directly to the NPDB and provide a copy of 
the report to the State Board of Medical Examiners.
    Further, we propose to slightly modify the heading of Sec.  
60.12(a) to read ``Reporting by Health Care Entities to the NPDB.''

Sec. 60.13 Reporting Federal or State Criminal Convictions Related to 
the Delivery of a Health Care Item or Service

    We propose to redesignate Sec.  60.13 as Sec.  60.18, and add a new 
Sec.  60.13 to implement the requirements of section 6403. Under this 
provision, Federal and State prosecutors are required to report 
criminal convictions against health care practitioners, physicians, 
dentists, providers, or suppliers related to the delivery of a health 
care item or service (regardless of whether the conviction is the 
subject of a pending appeal).

Sec. 60.14 Reporting Civil Judgments Related to the Delivery of a 
Health Care Item or Service

    We propose to redesignate Sec.  60.14 as Sec.  60.19, and add a new 
Sec.  60.14 to implement the requirements of section 6403. Under this 
provision Federal and State attorneys and health plans must report 
civil judgments against health care practitioners, physicians, 
dentists, providers, or suppliers related to the delivery of a health 
care item or service (regardless of whether the civil judgment is the 
subject of a pending appeal).

Sec. 60.15 Reporting Exclusions From Participation in Federal or State 
Health Care Programs

    We propose to redesignate Sec.  60.15 as Sec.  60.20, and add a new 
Sec.  60.15 to implement the requirements of section 6403. Under this 
provision, Federal government agencies and State law and fraud 
enforcement agencies must report health care practitioners, physicians, 
dentists, providers, and suppliers excluded from participating in 
Federal or State health care programs, including exclusions resulting 
from a settlement that is not reported because no findings or 
admissions of liability have been made (regardless of whether the 
exclusion is the subject of a pending appeal).

Sec. 60.16 Reporting Other Adjudicated Actions or Decisions

    We propose to redesignate Sec.  60.16 as Sec.  60.21, and add a new 
Sec.  60.16 to implement the requirements of section 6403. Under this 
provision, Federal government agencies, State law and fraud enforcement 
agencies, and health plans must report other adjudicated actions or 
decisions as defined in Sec.  60.3 related to the delivery, payment or 
provision of a health care item or service against health care 
practitioners, physicians, dentists, providers, and suppliers 
(regardless of whether the other adjudicated action or decision is 
subject to a pending appeal).

Sec. 60.17 Information Which Hospitals Must Request From the National 
Practitioner Data Bank [Redesignated]

    As previously noted, we propose redesignating Sec.  60.12 as Sec.  
60.17.

[[Page 9149]]

Sec. 60.18 Requesting Information From the National Practitioner Data 
Bank [Redesignated]

    We propose to redesignate Sec.  60.13 as Sec.  60.18. We propose to 
amend Sec.  60.18, paragraph (a) of the existing NPDB regulations to 
clarify to whom information under the HCQIA as well as the amended 
sections 1921 and 1128E components of the NPDB would be made available 
by:
    a. Redesignating Sec.  60.13 as Sec.  60.18 to implement the 
requirements of section 6403;
    b. Revising the reference to ``Sec.  60.11'' in paragraph (a)(1) to 
read ``Sec.  60.12;''
    c. Revising the reference to ``Sec.  60.12'' in paragraph (a)(1)(v) 
to read ``Sec.  60.17;''
    d. Adding the references to include Sec. Sec.  60.10, 60.11, 60.13, 
60.14, 60.15, and 60.16 in paragraph (a)(2);
    e. Revising paragraph (a)(2)(i) to include the following language 
in parentheses after the word administering: ``including those 
providing payment for services;''
    f. Replacing the text in paragraphs (a)(2), (ii), (iv), (v), (vi), 
and (vii) to reflect the revised list of entities which may receive 
information reported under Sec. Sec.  60.9, 60.10, 60.11, 60.13, 60.14, 
60.15 and 60.16; and
    g. Inserting paragraph (a)(2)(viii).
    Based on section 6403 amendments, State licensing or certification 
agencies and Federal agencies responsible for the licensing and 
certification of health care practitioners, physicians, dentists, 
providers and suppliers are authorized to query the NPDB under section 
1921 and 1128E. We understand the statutory language to limit query 
access to those State licensing and certification agencies that license 
or certify health care practitioners, physicians, dentists, entities, 
providers, or suppliers. These agencies would include only authorities 
of the State responsible for licensure or certification and would 
exclude peer review organizations and private accreditation entities. 
Such an interpretation of the statutory language is consistent with the 
goal of maintaining existing NPDB and HIPDB reporting and querying 
requirements to the greatest extent possible.
    Consistent with section 6403 language, hospitals and other health 
care entities, professional societies, and QIOs will have access to 
section 1921 information reported in Sec. Sec.  60.9 and 60.11, and 
section 1128E information reported in Sec. Sec.  60.10, 60.13, 60.14, 
60.15, and 60.16. Access to the section 1921 information for these 
groups was not affected by the passage of section 6403. Section 6403 
expands the access that these groups have with respect to Federal 
information under section 1128E.

Sec. 60.19 Fees Applicable to Requests for Information [Redesignated]

    We propose to amend redesignated Sec.  60.19(a) to reflect, based 
on section 6403 amendments, the full range of subjects that will be 
sent a copy of a report submitted about them.

Sec. 60.20 Confidentiality of National Practitioner Data Bank 
information [Redesignated]

    We propose to slightly amend redesignated Sec.  60.20 so that it 
reflects the limitations on disclosure provisions based on current NPDB 
and HIPDB regulatory language. These confidentiality requirements would 
apply to all information obtained from the NPDB.

Sec. 60.21 How To Dispute the Accuracy of National Practitioner Data 
Bank Information [Redesignated]

    The dispute process for the NPDB and the HIPDB is identical, 
however, HIPDB regulations currently provide a more detailed account of 
the process than do the NPDB regulations. Therefore, we are proposing 
to amend this section to include the HIPDB regulatory provisions for 
disputing the accuracy of data bank information.

Sec. 60.22 Immunity

    Section 6403 added a provision to section 1921 that provides 
reporters of NPDB information immunity from liability in a civil action 
filed by the subject of a report, unless the individual, entity, or 
authorized agent submitting the report has actual knowledge of the 
falsity of the information contained in the report. HIPDB regulations 
also contain a similar immunity provision. We propose to add this 
provision, which will apply to all individuals who, and entities and 
authorized agents that, report information to the NPDB.

III. Implementation Schedule

    Reporting requirements have been established through Title IV of 
the Health Care Quality Improvement Act of 1986, Section 1921 of the 
Social Security Act, as amended by the Omnibus Budget Reconciliation 
Act of 1990, and Section 1128E of the Social Security Act as added by 
Section 221(a) of the Health Insurance Portability and Accountability 
Act of 1996, and through their respective regulatory procedures. As a 
result, most reporters and queriers have submitted information to and 
received information from the NPDB and the HIPDB since 1996. A few 
reporters, accreditation organizations, and peer review organizations, 
have submitted information to the NPDB since 2010.
    As a result of Section 6403 of the Patient Protection and 
Affordable Care Act of 2010, the HIPDB will cease to function. Data 
contained in the HIPDB will be transferred to the NPDB, along with the 
reporting and querying functions. Therefore, we will announce through 
the issuance of notice(s) in the Federal Register when the merged 
system will be open for reporting and querying. Further, the 
announcement will identify when and how information will be available 
from the NPDB. A revised reporting form will be used to accommodate 
system integration functions when this form is approved by the Office 
of Management and Budget in accordance with the Paperwork Reduction Act 
of 1995.

IV. Regulatory Impact Statement

A. Regulatory Analysis

    This proposed rule is technical in nature. It involves transferring 
data reporting requirements under 45 CFR part 61 for the Healthcare 
Integrity and Protection Data Bank (HIPDB) to 45 CFR part 60 for the 
National Practitioner Data Bank (NPDB), another data bank receiving 
like reports. The result of this transfer does not increase the 
regulatory burden on affected entities; it alleviates duplication.
1. Executive Orders 12866 and 13563
    Executive Orders 13563 and 12866 direct agencies to assess all 
costs and benefits of available regulatory alternatives and, if 
regulation is necessary, to select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). Executive 
Order 13563 emphasizes the importance of quantifying both costs and 
benefits, of reducing costs, of harmonizing rules, and of promoting 
flexibility. This rule has been designated a ``significant regulatory 
action'' although not economically significant, under section 3(f) of 
Executive Order 12866. Accordingly, the rule has been reviewed by the 
Office of Management and Budget.
2. Regulatory Flexibility Act
    The Regulatory Flexibility Act (RFA) and the Small Business 
Regulatory Enforcement and Fairness Act of 1996, which amended the RFA, 
require HRSA to analyze options for regulatory relief of small 
businesses. For purposes of the

[[Page 9150]]

RFA, small entities include small businesses, nonprofit organizations, 
and government agencies. Further, in accordance with the RFA, if a rule 
has a significant economic effect on a substantial number of small 
entities, the Secretary must specifically consider the economic effect 
of the rule on small entities and analyze regulatory options that could 
lessen the impact of the rule. The purpose of the proposed rule is to 
eliminate duplication between the HIPDB and the NPDB. The NPDB will 
serve as the sole repository for all information previously captured in 
the HIPDB. This will not substantially alter reporting requirements. 
Therefore the Secretary certifies that these regulations will not have 
a significant impact on a substantial number of small entities.
3. Unfunded Mandates Reform Act
    Section 202 of the Unfunded Mandates Reform Act of 1995 (UMRA) 
(Pub. L. 104-4) requires agencies to assess anticipated costs and 
benefits for any rulemaking that may result in an annual expenditure of 
$136 million or more by State, local, or tribal governments, or the 
private sector. HRSA has determined that this rule does not impose any 
additional mandates on State, local, or tribal governments, or the 
private sector, that will result in an annual expenditure of $136 
million or more. A full analysis under the UMRA is not necessary.
4. Executive Order 13132--Federalism
    Executive Order 13132 establishes certain requirements that an 
agency must meet when it promulgates a proposed rule imposing 
substantial direct requirements or costs on State and local 
governments, preempts State law, or otherwise has Federalism 
implications. In reviewing this proposed rule under the threshold 
criteria of Executive Order 13132, the Secretary has determined that 
this rule will not significantly affect the rights, roles, and 
responsibilities of State or local governments because the actions that 
are already reported under HIPDB are merely shifting to the NPDB.

B. Paperwork Reduction Act

    This proposed rule does not add any new reporter categories, but 
information-collection requirements may be expanded for some reporters. 
For instance, the proposed rule interprets statutory references to 
``entity'' reporting subjects under the amended section 1921 to include 
``health care providers and suppliers.'' As a result, accreditation 
entities will now be required to report actions taken against providers 
and suppliers in addition to those subjects that meet the definition of 
a ``health care entity.'' However, these sorts of expansions are subtle 
and will not significantly alter the current requirements under the 
HIPDB and NPDB regulations. The NPDB and HIPDB regulations contain 
information collection requirements that have been approved by OMB 
under the Paperwork Reduction Act of 1995 (PRA) and assigned control 
numbers 0915-0126 and 0915-0239, respectively.
    The only impact of the merging of 45 CFR Part 61 with 45 CFR Part 
60 is to eliminate duplication and streamline internal operations. By 
combining two data banks into a single data bank, the need to capture 
like information in two data bases is eliminated.

    Dated: January 11, 2012.
Mary K. Wakefield,
Administrator, Health Resources and Services Administration.
    Approved: February 3, 2012.
Kathleen Sebelius,
Secretary.

List of Subjects

45 CFR Part 60

    Claims, Fraud, Health, Health maintenance organizations (HMOs), 
Health professions, Hospitals, Insurance companies, Malpractice, 
Reporting and recordkeeping requirements.

45 CFR Part 61

    Billing and transportation services, Durable medical equipment 
suppliers and manufacturers, Health care insurers, Health maintenance 
organizations (HMOs), Health professions, Home health care agencies, 
Hospitals, Pharmaceutical suppliers and manufacturers, Reporting and 
recordkeeping requirements, Skilled nursing facilities.

    For the reasons set forth in the preamble, HHS proposes to revise 
45 CFR parts 60 and 61 as follows:

PART 60--NATIONAL PRACTITIONER DATA BANK

    1. The authority citation for 45 CFR part 60 is revised to read as 
follows:

    Authority:  42 U.S.C. 11101-11152; 42 U.S.C. 1396r-2.

    2. The Table of Contents for part 60 is revised to read as follows:
Subpart A--General Provisions
Sec.
60.1 The National Practitioner Data Bank.
60.2 Applicability of these regulations.
60.3 Definitions.
Subpart B--Reporting of Information
Sec.
60.4 How information must be reported.
60.5 When information must be reported.
60.6 Reporting errors, omissions, and revisions.
60.7 Reporting medical malpractice payments.
60.8 Reporting licensure actions taken by boards of medical 
examiners.
60.9 Reporting licensure and certification actions taken by States.
60.10 Reporting licensure and certification actions taken by Federal 
agencies.
60.11 Reporting negative actions or findings taken by peer review 
organizations or private accreditation entities.
60.12 Reporting adverse actions taken against clinical privileges.
60.13 Reporting Federal or State criminal convictions related to the 
delivery of a health care item or service.
60.14 Reporting civil judgments related to the delivery of a health 
care item or service.
60.15 Reporting exclusions from participation in Federal or State 
health care programs.
60.16 Reporting other adjudicated actions or decisions.
Subpart C--Disclosure of Information by the National Practitioner Data 
Bank
Sec.
60.17 Information which hospitals must request from the National 
Practitioner Data Bank.
60.18 Requesting information from the National Practitioner Data 
Bank.
60.19 Fees applicable to requests for information.
60.20 Confidentiality of National Practitioner Data Bank 
information.
60.21 How to dispute the accuracy of National Practitioner Data Bank 
information.
60.22 Immunity.

    3. Revise part 60 to read as follows:

Subpart A--General Provisions


Sec.  60.1  The National Practitioner Data Bank

    The Health Care Quality Improvement Act of 1986 (HCQIA), as 
amended, title IV of Public Law 99-660 (42 U.S.C. 11101 et seq.) 
(hereinafter referred to as ``title IV''), authorizes the Secretary to 
establish (either directly or by contract) a National Practitioner Data 
Bank (NPDB) to collect and release certain information relating to the 
professional competence and conduct of physicians, dentists and other 
health care practitioners. Section 1921 of the Social Security Act 
(hereinafter referred to as ``section 1921''), as amended, (42 U.S.C. 
1396r-2) expanded the requirements under the NPDB and requires each 
State to adopt a system of reporting to the Secretary adverse licensure 
or certification actions taken against health care practitioners, 
physicians, dentists, health care entities, providers, and suppliers, 
as well as certain final adverse actions taken by State law and

[[Page 9151]]

fraud enforcement agencies against health care practitioners, 
physicians, dentists, providers, and suppliers. Section 1128E of the 
Social Security Act (hereinafter referred to as ``section 1128E''), as 
amended, (42 U.S.C. 1320a-7e) authorizes the Secretary to implement a 
national healthcare fraud and abuse data collection program for the 
reporting and disclosing of certain final adverse actions taken by 
Federal government agencies and health plans against health care 
practitioners, physicians, dentists, providers, and suppliers. 
Information from section 1921 and section 1128E is to be reported and 
distributed through the NPDB. The regulations in this part set forth 
the reporting and disclosure requirements for the NPDB, as well as 
procedures to dispute the accuracy of information contained in the 
NPDB.


Sec.  60.2  Applicability of these regulations.

    The regulations in this part establish reporting requirements 
applicable to hospitals, health care entities, Boards of Medical 
Examiners, professional societies of physicians, dentists, or other 
health care practitioners which take adverse licensure or professional 
review actions; State licensing or certification authorities, peer 
review organizations, and private accreditation entities that take 
licensure or certification actions or negative actions or findings 
against health care practitioners, physicians, dentists, health care 
entities, providers, or suppliers; entities (including insurance 
companies) making payments as a result of medical malpractice actions 
or claims; Federal government agencies, State law and fraud enforcement 
agencies and health plans that take final adverse actions against 
health care practitioners, physicians, dentists, providers, and 
suppliers. They also establish procedures to enable individuals or 
entities to obtain information from the NPDB or to dispute the accuracy 
of NPDB information.


Sec.  60.3  Definitions.

    Adversely affecting means reducing, restricting, suspending, 
revoking, or denying clinical privileges or membership in a health care 
entity.
    Affiliated or associated refers to health care entities with which 
a subject of a final adverse action has a business or professional 
relationship. This includes, but is not limited to, organizations, 
associations, corporations, or partnerships. This also includes a 
professional corporation or other business entity composed of a single 
individual.
    Board of Medical Examiners, or Board, means a body or subdivision 
of such body which is designated by a State for the purpose of 
licensing, monitoring, and disciplining physicians or dentists. This 
term includes a Board of Osteopathic Examiners or its subdivision, a 
Board of Dentistry or its subdivision, or an equivalent body as 
determined by the State. Where the Secretary, pursuant to section 
423(c)(2) of the HCQIA (42 U.S.C. 11112(c)), has designated an 
alternate entity to carry out the reporting activities of Sec.  60.12 
due to a Board's failure to comply with Sec.  60.8, the term Board of 
Medical Examiners or Board refers to this alternate entity.
    Civil judgment means a court-ordered action rendered in a Federal 
or State court proceeding, other than a criminal proceeding. This 
reporting requirement does not include Consent Judgments that have been 
agreed upon and entered to provide security for civil settlements in 
which there was no finding or admission of liability.
    Clinical privileges means the authorization by a health care entity 
to a physician, dentist or other health care practitioner for the 
provision of health care services, including privileges and membership 
on the medical staff.
    Criminal conviction means a conviction as described in section 
1128(i) of the Social Security Act.
    Dentist means a doctor of dental surgery, doctor of dental 
medicine, or the equivalent who is legally authorized to practice 
dentistry by a State (or who, without authority, holds himself or 
herself out to be so authorized).
    Exclusion means a temporary or permanent debarment of an individual 
or entity from participation in any Federal or State health-related 
program, in accordance with which items or services furnished by such 
person or entity will not be reimbursed under any Federal or State 
health-related program.
    Federal government agency includes, but is not limited to:
    (a) The U.S. Department of Justice;
    (b) The U.S. Department of Health and Human Services;
    (c) Federal law enforcement agencies, including law enforcement 
investigators;
    (d) Any other Federal agency that either administers or provides 
payment for the delivery of health care services, including, but not 
limited to the U.S. Department of Defense and the U.S. Department of 
Veterans Affairs; and
    (e) Federal agencies responsible for the licensing and 
certification of health care practitioners, physicians, dentists, 
providers, and suppliers.
    Formal peer review process means the conduct of professional review 
activities through formally adopted written procedures which provide 
for adequate notice and an opportunity for a hearing.
    Formal proceeding means a proceeding held before a State licensing 
or certification authority, peer review organization, or private 
accreditation entity that maintains defined rules, policies, or 
procedures for such a proceeding.
    Health care entity means, for purposes of this part:
    (a) A hospital;
    (b) An entity that provides health care services, and engages in 
professional review activity through a formal peer review process for 
the purpose of furthering quality health care, or a committee of that 
entity; or
    (c) A professional society or a committee or agent thereof, 
including those at the national, State, or local level, of physicians, 
dentists, or other health care practitioners that engages in 
professional review activity through a formal peer review process, for 
the purpose of furthering quality health care.
    For purposes of paragraph (b) of this definition, an entity 
includes: a health maintenance organization which is licensed by a 
State or determined to be qualified as such by the Department of Health 
and Human Services; and any group or prepaid medical or dental practice 
which meets the criteria of paragraph (b).
    Health care practitioner, licensed health care practitioner, 
licensed practitioner, or practitioner means an individual other than a 
physician or dentist, who is licensed or otherwise authorized by a 
State to provide health care services (or any individual who, without 
authority, holds himself or herself out to be so licensed or 
authorized).
    Health care provider means, for purposes of this part, a provider 
of services as defined in section 1861(u) of the Social Security Act; 
any organization (including a health maintenance organization, 
preferred provider organization or group medical practice) that 
provides health care services and follows a formal peer review process 
for the purpose of furthering quality health care, and any other 
organization that, directly or through contracts, provides health care 
services.
    Health care supplier means, for purposes of this part, a provider 
of medical and other health care services as described in section 
1861(s) of the Social Security Act; or any individual or entity, other 
than a provider, who

[[Page 9152]]

furnishes, whether directly or indirectly, or provides access to, 
health care services, supplies, items, or ancillary services 
(including, but not limited to, durable medical equipment suppliers, 
manufacturers of health care items, pharmaceutical suppliers and 
manufacturers, health record services [such as medical, dental, and 
patient records], health data suppliers, and billing and transportation 
service suppliers). The term also includes any individual or entity 
under contract to provide such supplies, items, or ancillary services; 
health plans as defined in this section (including employers that are 
self-insured); and health insurance producers (including but not 
limited to agents, brokers, solicitors, consultants, and reinsurance 
intermediaries).
    Health plan means, for purposes of this part, a plan, program or 
organization that provides health benefits, whether directly, through 
insurance, reimbursement or otherwise, and includes but is not limited 
to:
    (a) A policy of health insurance;
    (b) A contract of a service benefit organization;
    (c) A membership agreement with a health maintenance organization 
or other prepaid health plan;
    (d) A plan, program, agreement, or other mechanism established, 
maintained, or made available by a self-insured employer or group of 
self-insured employers, a health care practitioner, physician, dentist, 
provider, or supplier group, third-party administrator, integrated 
health care delivery system, employee welfare association, public 
service group or organization or professional association;
    (e) An insurance company, insurance service or insurance 
organization that is licensed to engage in the business of selling 
health care insurance in a State and which is subject to State law 
which regulates health insurance; and
    (f) An organization that provides benefit plans whose coverage is 
limited to outpatient prescription drugs.
    Hospital means, for purposes of this part, an entity described in 
paragraphs (1) and (7) of section 1861(e) of the Social Security Act.
    Medical malpractice action or claim means a written complaint or 
claim demanding payment based on a physician's, dentist's, or other 
health care practitioner's provision of or failure to provide health 
care services, and includes the filing of a cause of action based on 
the law of tort, brought in any State or Federal Court or other 
adjudicative body.
    Negative action or finding by a Federal or State licensing or 
certification authority, peer review organization, or private 
accreditation entity means:
    (a) A final determination of denial or termination of an 
accreditation status from a private accreditation entity that indicates 
a risk to the safety of a patient(s) or quality of health care 
services;
    (b) Any recommendation by a peer review organization to sanction a 
health care practitioner, physician, or dentist; or
    (c) Any negative action or finding that, under the State's law, is 
publicly available information and is rendered by a licensing or 
certification authority, including but not limited to, limitations on 
the scope of practice, liquidations, injunctions, and forfeitures. This 
definition also includes final adverse actions rendered by a Federal or 
State licensing or certification authority, such as exclusions, 
revocations, or suspension of license or certification, that occur in 
conjunction with settlements in which no finding of liability has been 
made (although such a settlement itself is not reportable under the 
statute). This definition excludes administrative fines or citations 
and corrective action plans and other personnel actions, unless they 
are:
    (1) Connected to the delivery of health care services, or
    (2) Taken in conjunction with other adverse licensure or 
certification actions such as revocation, suspension, censure, 
reprimand, probation, or surrender.
    Organization name means the subject's business or employer at the 
time the underlying acts occurred. If more than one business or 
employer is applicable, the one most closely related to the underlying 
acts should be reported as the ``organization name,'' with the others 
being reported as ``affiliated or associated health care entities.''
    Organization type means a description of the nature of that 
business or employer.
    Other adjudicated actions or decisions means formal or official 
final actions taken against a health care practitioner, physician, 
dentist, provider, or supplier by a Federal governmental agency, a 
State law or fraud enforcement agency, or a health plan; which include 
the availability of a due process mechanism, and are based on acts or 
omissions that affect or could affect the payment, provision, or 
delivery of a health care item or service. For example, a formal or 
official final action taken by a Federal governmental agency, a State 
law or fraud enforcement agency, or a health plan may include, but is 
not limited to, a personnel-related action such as suspensions without 
pay, reductions in pay, reductions in grade for cause, terminations, or 
other comparable actions. A hallmark of any valid adjudicated action or 
decision is the availability of a due process mechanism. The fact that 
the subject elects not to use the due process mechanism provided by the 
authority bringing the action is immaterial, as long as such a process 
is available to the subject before the adjudicated action or decision 
is made final. In general, if an ``adjudicated action or decision'' 
follows an agency's established administrative procedures (which ensure 
that due process is available to the subject of the final adverse 
action), it would qualify as a reportable action under this definition. 
This definition specifically excludes clinical privileging actions 
taken by Federal government agencies or State law and fraud enforcement 
agencies and similar paneling decisions made by health plans. This 
definition does not include overpayment determinations made by Federal 
or State government programs, their contractors or health plans; and it 
does not include denial of claims determinations made by Federal 
government agencies, State law or fraud enforcement agencies, or health 
plans. For health plans that are not Government entities, an action 
taken following adequate notice and the opportunity for a hearing that 
meets the standards of due process set out in section 412(b) of the 
HCQIA (42 U.S.C. 11112(b)) also would qualify as a reportable action 
under this definition.
    Peer review organization means, for purposes of this part, an 
organization with the primary purpose of evaluating the quality of 
patient care practices or services ordered or performed by health care 
practitioners, physicians, or dentists measured against objective 
criteria which define acceptable and adequate practice through an 
evaluation by a sufficient number of health practitioners in such an 
area to ensure adequate peer review. The organization has due process 
mechanisms available to health care practitioners, physicians, and 
dentists. This definition excludes utilization and quality control peer 
review organizations described in Part B of Title XI of the Social 
Security Act (referred to as QIOs) and other organizations funded by 
the Centers for Medicare and Medicaid Services (CMS) to support the QIO 
program.
    Physician means, for purposes of this part, a doctor of medicine or 
osteopathy legally authorized to practice medicine or surgery by a 
State (or who, without authority, holds himself or herself out to be so 
authorized).

[[Page 9153]]

    Private accreditation entity means an entity or organization that:
    (a) Evaluates and seeks to improve the quality of health care 
provided by a health care entity, provider, or supplier;
    (b) Measures a health care entity's, provider's, or supplier's 
performance based on a set of standards and assigns a level of 
accreditation;
    (c) Conducts ongoing assessments and periodic reviews of the 
quality of health care provided by a health care entity, provider, or 
supplier; and
    (d) Has due process mechanisms available to health care entities, 
providers, or suppliers.
    Professional review action means an action or recommendation of a 
health care entity:
    (a) Taken in the course of professional review activity;
    (b) Based on the professional competence or professional conduct of 
an individual physician, dentist, or other health care practitioner 
which affects or could affect adversely the health or welfare of a 
patient or patients; and
    (c) Which adversely affects or may adversely affect the clinical 
privileges or membership in a professional society of the physician, 
dentist, or other health care practitioner.
    (d) This term excludes actions which are primarily based on:
    (1) The physician's, dentist's, or other health care practitioner's 
association, or lack of association, with a professional society or 
association;
    (2) The physician's, dentist's, or other health care practitioner's 
fees or the physician's, dentist's, or other health care practitioner's 
advertising or engaging in other competitive acts intended to solicit 
or retain business;
    (3) The physician's, dentist's, or other health care practitioner's 
participation in prepaid group health plans, salaried employment, or 
any other manner of delivering health services whether on a fee-for-
service or other basis;
    (4) A physician's, dentist's, or other health care practitioner's 
association with, supervision of, delegation of authority to, support 
for, training of, or participation in a private group practice with, a 
member or members of a particular class of health care practitioner or 
professional; or
    (5) Any other matter that does not relate to the competence or 
professional conduct of a physician, dentist, or other health care 
practitioner.
    Professional review activity means an activity of a health care 
entity with respect to an individual physician, dentist, or other 
health care practitioner:
    (a) To determine whether the physician, dentist, or other health 
care practitioner may have clinical privileges with respect to, or 
membership in, the entity;
    (b) To determine the scope or conditions of such privileges or 
membership; or
    (c) To change or modify such privileges or membership.
    Quality Improvement Organization means a utilization and quality 
control peer review organization (as defined in part B of title XI of 
the Social Security Act) that:
    (a)(1) Is composed of a substantial number of the licensed doctors 
of medicine and osteopathy engaged in the practice of medicine or 
surgery in the area and who are representative of the practicing 
physicians in the area, designated by the Secretary under section 1153, 
with respect to which the entity shall perform services under this 
part, or
    (2) Has available to it, by arrangement or otherwise, the services 
of a sufficient number of licensed doctors of medicine or osteopathy 
engaged in the practice of medicine or surgery in such area to assure 
that adequate peer review of the services provided by the various 
medical specialties and subspecialties can be assured;
    (b) Is able, in the judgment of the Secretary, to perform review 
functions required under section 1154 in a manner consistent with the 
efficient and effective administration of this part and to perform 
reviews of the pattern of quality of care in an area of medical 
practice where actual performance is measured against objective 
criteria which define acceptable and adequate practice; and
    (c) Has at least one individual who is a representative of 
consumers on its governing body.
    Secretary means the Secretary of Health and Human Services and any 
other officer or employee of the Department of Health and Human 
Services to whom the authority involved has been delegated.
    State means the fifty States, the District of Columbia, Puerto 
Rico, the Virgin Islands, Guam, American Samoa, and the Northern 
Mariana Islands.
    State law or fraud enforcement agency includes, but is not limited 
to:
    (a) a State law enforcement agency;
    (b) a State Medicaid fraud control unit (as defined in section 
1903(q) of the Social Security Act); and
    (c) a State agency administering (including those providing payment 
for services) or supervising the administration of a State health care 
program (as defined in section 1128(h) of the Social Security Act).
    State licensing or certification agency includes, but is not 
limited to, any authority of a State (or of a political subdivision 
thereof) responsible for the licensing or certification of health care 
practitioners, physicians, dentists (or any peer review organization or 
private accreditation entity reviewing the services provided by health 
care practitioners, physicians, or dentists), health care entities, 
providers, or suppliers. Examples of such State agencies include 
Departments of Professional Regulation, Health, Social Services 
(including State Survey and Certification and Medicaid Single State 
agencies), Commerce, and Insurance.
    Voluntary surrender of license or certification means a surrender 
made after a notification of investigation or a formal official request 
by a Federal or State licensing or certification authority for a health 
care practitioner, physician, dentist, health care entity, provider, or 
supplier to surrender the license or certification (including 
certification agreements or contracts for participation in Federal or 
State health care programs). The definition also includes those 
instances where a health care practitioner, physician, dentist, health 
care entity, provider, or supplier voluntarily surrenders a license or 
certification (including program participation agreements or contracts) 
in exchange for a decision by the licensing or certification authority 
to cease an investigation or similar proceeding, or in return for not 
conducting an investigation or proceeding, or in lieu of a disciplinary 
action.

Subpart B--Reporting of Information


Sec.  60.4  How information must be reported.

    Information must be reported to the NPDB as required under 
Sec. Sec.  60.7, 60.8, 60.9, 60.10, 60.11, 60.12, 60.13, 60.14, 60.15 
and 60.16 in such form and manner as the Secretary may prescribe.


Sec.  60.5  When information must be reported.

    Information required under Sec. Sec.  60.7, 60.8, and 60.12 must be 
submitted to the NPDB within 30 days following the action to be 
reported, beginning with actions occurring on or after September 1, 
1990; information required under Sec.  60.11 must be submitted to the 
NPDB within 30 days following the action to be reported, beginning with 
actions occurring on or after January 1, 1992; and information required 
under Sec. Sec.  60.9, 60.10, 60.13, 60.14, 60.15, and 60.16 must be 
submitted to the NPDB within 30 days following the action to be 
reported, beginning with actions occurring on or after August 21, 1996.

[[Page 9154]]

Following is the list of reportable actions:
    (a) Malpractice payments (Sec.  60.7);
    (b) Licensure and certification actions (Sec. Sec.  60.8, 60.9, and 
60.10);
    (c) Negative actions or findings (Sec.  60.11);
    (d) Adverse actions (Sec.  60.12);
    (e) Health Care-related Criminal Convictions (Sec.  60.13);
    (f) Health Care-related Civil Judgments (Sec.  60.14);
    (g) Exclusions from Federal or State health care programs (Sec.  
60.15); and
    (h) Other adjudicated actions of decisions (Sec.  60.16).
    Persons or entities responsible for submitting reports of 
malpractice payments (Sec.  60.7), negative actions or findings (Sec.  
60.11), or adverse actions (Sec.  60.12) must additionally provide to 
their respective State authorities a copy of the report they submit to 
the NPDB.


Sec.  60.6  Reporting errors, omissions, revisions or whether an action 
is on appeal.

    (a) Persons and entities are responsible for the accuracy of 
information which they report to the NPDB. If errors or omissions are 
found after information has been reported, the person or entity which 
reported it must send an addition or correction to the NPDB and in the 
case of reports made under Sec.  60.12, also to the Board of Medical 
Examiners, as soon as possible. The NPDB will not accept requests for 
readjudication of the case by the NPDB, and will not examine the 
underlying merits of a reportable action.
    (b) An individual or entity which reports information on licensure 
or certification, negative actions or findings, clinical privileges, 
criminal convictions, civil or administrative judgments, exclusions, or 
adjudicated actions or decisions under Sec. Sec.  60.8, 60.9, 60.10, 
60.11, 60.12, 60.13, 60.14, 60.15, or 60.16 must also report any 
revision of the action originally reported. Revisions include, but are 
not limited to, reversal of a professional review action or 
reinstatement of a license. In the case of actions reported under 
Sec. Sec.  60.9, 60.10, 60.13, 60.14, 60.15 or 60.16, revisions also 
include whether an action is on appeal. Revisions are subject to the 
same time constraints and procedures of Sec. Sec.  60.5, 60.8, 60.9, 
60.10, 60.11, 60.12, 60.13, 60.14, 60.15, or 60.16 as applicable to the 
original action which was reported.
    (c) The subject will be sent a copy of all reports, including 
revisions and corrections to the report.
    (d) Upon receipt of a report, the subject:
    (1) Can accept the report as written;
    (2) May provide a statement to the NPDB that will be permanently 
appended to the report, either directly or through a designated 
representative; (The NPDB will distribute the statement to queriers, 
where identifiable, and to the reporting entity and the subject of the 
report. Only the subject can, upon request, make changes to the 
statement. The NPDB will not edit the statement; however the NPDB 
reserves the right to redact personal indentifying and offensive 
language that does not change the factual nature of the statement.) or
    (3) May follow the dispute process in accordance with Sec.  60.21.


Sec.  60.7  Reporting medical malpractice payments.

    (a) Who must report. Each entity, including an insurance company, 
which makes a payment under an insurance policy, self-insurance, or 
otherwise, for the benefit of a physician, dentist, or other health 
care practitioner in settlement of or in satisfaction in whole or in 
part of a claim or a judgment against such physician, dentist, or other 
health care practitioner for medical malpractice, must report 
information as set forth in paragraph (b) of this section to the NPDB 
and to the appropriate State licensing board(s) in the State in which 
the act or omission upon which the medical malpractice claim was based. 
For purposes of this section, the waiver of an outstanding debt is not 
construed as a ``payment'' and is not required to be reported.
    (b) What information must be reported. Entities described in 
paragraph (a) of this section must report the following information:
    (1) With respect to the physician, dentist, or other health care 
practitioner for whose benefit the payment is made:
    (i) Name,
    (ii) Work address,
    (iii) Home address, if known,
    (iv) Social Security Number, if known, and if obtained in 
accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a 
note),
    (v) Date of birth,
    (vi) Name of each professional school attended and year of 
graduation,
    (vii) For each professional license: the license number, the field 
of licensure, and the name of the State or Territory in which the 
license is held,
    (viii) Drug Enforcement Administration registration number, if 
known,
    (ix) Name of each hospital with which he or she is affiliated, if 
known;
    (2) With respect to the reporting entity:
    (i) Name and address of the entity making the payment,
    (ii) Name, title, and telephone number of the responsible official 
submitting the report on behalf of the entity, and
    (iii) Relationship of the reporting entity to the physician, 
dentist, or other health care practitioner for whose benefit the 
payment is made;
    (3) With respect to the judgment or settlement resulting in the 
payment:
    (i) Where an action or claim has been filed with an adjudicative 
body, identification of the adjudicative body and the case number,
    (ii) Date or dates on which the act(s) or omission(s) which gave 
rise to the action or claim occurred,
    (iii) Date of judgment or settlement,
    (iv) Amount paid, date of payment, and whether payment is for a 
judgment or a settlement,
    (v) Description and amount of judgment or settlement and any 
conditions attached thereto, including terms of payment,
    (vi) A description of the acts or omissions and injuries or 
illnesses upon which the action or claim was based,
    (vii) Classification of the acts or omissions in accordance with a 
reporting code adopted by the Secretary, and
    (viii) Other information as required by the Secretary from time to 
time after publication in the Federal Register and after an opportunity 
for public comment.
    (c) Sanctions. Any entity that fails to report information on a 
payment required to be reported under this section is subject to a 
civil money penalty not to exceed the amount specified at 42 CFR 
1003.103(c).
    (d) Interpretation of information. A payment in settlement of a 
medical malpractice action or claim shall not be construed as creating 
a presumption that medical malpractice has occurred.


Sec.  60.8  Reporting licensure actions taken by Boards of Medical 
Examiners.

    (a) What actions must be reported. Each Board of Medical Examiners 
must report to the NPDB any action based on reasons relating to a 
physician's or dentist's professional competence or professional 
conduct:
    (1) Which revokes or suspends (or otherwise restricts) a 
physician's or dentist's license,
    (2) Which censures, reprimands, or places on probation a physician 
or dentist, or
    (3) Under which a physician's or dentist's license is surrendered.
    (b) Information that must be reported. The Board must report the 
following information for each action:
    (1) The physician's or dentist's name,
    (2) The physician's or dentist's work address,
    (3) The physician's or dentist's home address, if known,

[[Page 9155]]

    (4) The physician's or dentist's Social Security number or 
Individual Tax Identification Number (ITIN), if known, and if obtained 
in accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a 
note),
    (5) The physician's or dentist's date of birth,
    (6) Name of each professional school attended by the physician or 
dentist and year of graduation,
    (7) For each professional license, the physician's or dentist's 
license number, the field of licensure and the name of the State or 
Territory in which the license is held,
    (8) The physician's or dentist's Drug Enforcement Administration 
registration number, if known,
    (9) A description of the acts or omissions or other reasons for the 
action taken,
    (10) A description of the Board action, the date the action was 
taken, its effective date and duration,
    (11) Classification of the action in accordance with a reporting 
code adopted by the Secretary, and
    (12) Other information as required by the Secretary from time to 
time after publication in the Federal Register and after an opportunity 
for public comment.
    (c) Sanctions. If, after notice of noncompliance and providing 
opportunity to correct noncompliance, the Secretary determines that a 
Board has failed to submit a report as required by this section, the 
Secretary will designate another qualified entity for the reporting of 
information under Sec.  60.12.


Sec.  60.9  Reporting licensure and certification actions taken by 
States.

    (a) What actions must be reported. Each State is required to adopt 
a system of reporting to the NPDB actions, as listed below, which are 
taken against a health care practitioner, physician, dentist, health 
care entity, provider, or supplier (all as defined in Sec.  60.3). The 
actions taken must be as a result of formal proceedings (as defined in 
Sec.  60.3). The actions which must be reported are:
    (1) Any adverse action taken by the licensing or certification 
authority of the State as a result of a formal proceeding, including 
revocation or suspension of a license, or certification agreement or 
contract for participation in a State health care program (and the 
length of any such suspension), reprimand, censure, or probation;
    (2) Any dismissal or closure of the formal proceeding by reason of 
the health care practitioner, physician, dentist, health care entity, 
provider, or supplier surrendering the license or certification 
agreement or contract for participation in a State health care program, 
or leaving the State or jurisdiction;
    (3) Any other loss of license or loss of the certification 
agreement or contract for participation in a State health care program, 
or the right to apply for, or renew, a license or certification 
agreement or contract of the health care practitioner, physician, 
dentist, health care entity, provider or supplier, whether by operation 
of law, voluntary surrender, nonrenewal (excluding nonrenewals due to 
nonpayment of fees, retirement, or change to inactive status), or 
otherwise.
    (4) Any negative action or finding by such authority, organization, 
or entity regarding the health care practitioner, physician, dentist, 
health care entity, provider, or supplier.
    (b) What information must be reported. Each State must report the 
following information (not otherwise reported under Sec.  60.8):
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Name;
    (ii) Social Security Number or ITIN, if known, and if obtained in 
accordance with section 7 of the Privacy Act of 1974 (5 U.S.C. 552a 
note);
    (iii) Home address or address of record;
    (iv) Sex; and
    (v) Date of birth.
    (2) If the subject is an individual, employment or professional 
identifiers, including:
    (i) Organization name and type;
    (ii) Occupation and specialty, if applicable;
    (iii) National Provider Identifier (NPI);
    (iv) Name of each professional school attended and year of 
graduation; and
    (v) With respect to the professional license (including 
professional certification and registration) on which the reported 
action was taken, the license number, the field of licensure, and the 
name of the State or Territory in which the license is held.
    (3) If the subject is an organization, identifiers, including:
    (i) Name;
    (ii) Business address;
    (iii) Federal Employer Identification Number (FEIN), or Social 
Security Number when used by the subject as a Taxpayer Identification 
Number (TIN);
    (iv) The NPI;
    (v) Type of organization; and
    (vi) With respect to the license (including certification and 
registration) on which the reported action was taken, the license and 
the name of the State or Territory in which the license is held.
    (4) For all subjects:
    (i) A narrative description of the acts or omissions and injuries 
upon which the reported action was based;
    (ii) Classification of the acts or omissions in accordance with a 
reporting code adopted by the Secretary;
    (iii) Classification of the action taken in accordance with a 
reporting code adopted by the Secretary, and the amount of any monetary 
penalty resulting from the reported action;
    (iv) The date the action was taken, its effective date and 
duration;
    (v) Name of the agency taking the action;
    (vi) Name and address of the reporting entity; and
    (vii) The name, title and telephone number of the responsible 
official submitting the report on behalf of the reporting entity.
    (c) What information may be reported, if known. Reporting entities 
described in paragraph (a) of this section may voluntarily report, if 
known, the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Other name(s) used;
    (ii) Other address;
    (iii) FEIN, when used by the individual as a TIN; and
    (iv) If deceased, date of death.
    (2) If the subject is an individual, employment or professional 
identifiers, including:
    (i) Other State professional license number(s), field(s) of 
licensure, and the name(s) of the State or Territory in which the 
license is held;
    (ii) Other numbers assigned by Federal or State agencies, 
including, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Unique Physician Identification Number(s) 
(UPIN), and Medicaid and Medicare provider number(s);
    (iii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (iv) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (3) If the subject is an organization, identifiers, including:
    (i) Other name(s) used;
    (ii) Other address(es) used;
    (iii) Other FEIN(s) or Social Security Number(s) used;
    (iv) Other NPI(s) used;
    (v) Other State license number(s) and the name(s) of the State or 
Territory in which the license is held;
    (vi) Other numbers assigned by Federal or State agencies, 
including, but not limited to Drug Enforcement Administration (DEA) 
registration

[[Page 9156]]

number(s), Clinical Laboratory Improvement Act (CLIA) number(s), Food 
and Drug Administration (FDA) number(s), and Medicaid and Medicare 
provider number(s);
    (vii) Names and titles of principal officers and owners;
    (viii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (ix) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (4) For all subjects:
    (i) Whether the subject will be automatically reinstated.
    (ii) The date of appeal, if any.
    (d) Access to documents. Each State must provide the Secretary (or 
an entity designated by the Secretary) with access to the documents 
underlying the actions described in paragraphs (a)(1) through (4) of 
this section, as may be necessary for the Secretary to determine the 
facts and circumstances concerning the actions and determinations for 
the purpose of carrying out section 1921.
    (e) Sanctions for failure to report. The Secretary will provide for 
a publication of a public report that identifies failures to report 
information on adverse actions as required to be reported under this 
section.


Sec.  60.10  Reporting Federal licensure and certification actions.

    (a) What actions must be reported. Federal licensing and 
certification agencies must report to the NPDB the following final 
adverse actions that are taken against a health care practitioner, 
physician, dentist, provider, or supplier (regardless of whether the 
final adverse action is the subject of a pending appeal):
    (1) Formal or official actions, such as revocation or suspension of 
a license or certification agreement or contract for participation in 
Federal health care programs (and the length of any such suspension), 
reprimand, censure or probation,
    (2) Any dismissal or closure of the proceedings by reason of the 
health care practitioner, physician, dentist, provider, or supplier 
surrendering their license or certification agreement or contract for 
participation in Federal health care programs, or leaving the State or 
jurisdiction,
    (3) Any other loss of the license or loss of the certification 
agreement or contract for participation in Federal health care 
programs, or the right to apply for, or renew, a license or 
certification agreement or contract of the health care practitioner, 
physician, dentist, provider, or supplier, whether by operation of law, 
voluntary surrender, nonrenewal (excluding nonrenewals due to 
nonpayment of fees, retirement, or change to inactive status), or 
otherwise, and
    (4) Any other negative action or finding by such Federal agency 
that is publicly available information.
    (b) What information must be reported. Each Federal agency 
described in paragraph (a) must report the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Name;
    (ii) Social Security Number or ITIN;
    (iii) Home address or address of record;
    (iv) Sex; and
    (v) Date of birth.
    (2) If the subject is an individual, employment or professional 
identifiers, including:
    (i) Organization name and type;
    (ii) Occupation and specialty, if applicable;
    (iii) National Provider Identifier (NPI);
    (iv) Name of each professional school attended and year of 
graduation; and
    (v) With respect to the State professional license (including 
professional certification and registration) on which the reported 
action was taken, the license number, the field of licensure, and the 
name of the State or Territory in which the license is held.
    (3) If the subject is an organization, identifiers, including:
    (i) Name;
    (ii) Business address;
    (iii) Federal Employer Identification Number (FEIN), or Social 
Security Number (or ITIN) when used by the subject as a Taxpayer 
Identification Number (TIN);
    (iv) The NPI;
    (v) Type of organization; and
    (vi) With respect to the State license (including certification and 
registration) on which the reported action was taken, the license and 
the name of the State or Territory in which the license is held.
    (4) For all subjects:
    (i) A narrative description of the acts or omissions and injuries 
upon which the reported action was based;
    (ii) Classification of the acts or omissions in accordance with a 
reporting code adopted by the Secretary;
    (iii) Classification of the action taken in accordance with a 
reporting code adopted by the Secretary, and the amount of any monetary 
penalty resulting from the reported action;
    (iv) The date the action was taken, its effective date and 
duration;
    (v) Name of the agency taking the action;
    (vi) Name and address of the reporting entity; and
    (vii) The name, title, and telephone number of the responsible 
official submitting the report on behalf of the reporting entity.
    (c) What information may be reported, if known. Reporting entities 
described in paragraph (a) of this section may voluntarily report, if 
known, the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Other name(s) used;
    (ii) Other address;
    (iii) FEIN, when used by the individual as a TIN; and
    (iv) If deceased, date of death.
    (2) If the subject is an individual, employment or professional 
identifiers, including:
    (i) Other State professional license number(s), field(s) of 
licensure, and the name(s) of the State or Territory in which the 
license is held;
    (ii) Other numbers assigned by Federal or State agencies, 
including, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Unique Physician Identification Number(s) 
(UPIN), and Medicaid and Medicare provider number(s);
    (iii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (iv) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (3) If the subject is an organization, identifiers, including:
    (i) Other name(s) used;
    (ii) Other address(es) used;
    (iii) Other FEIN(s) or Social Security Number(s) used;
    (iv) Other NPI(s) used;
    (v) Other State license number(s) and the name(s) of the State or 
Territory in which the license is held;
    (vi) Other numbers assigned by Federal or State agencies, 
including, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Clinical Laboratory Improvement Act (CLIA) 
number(s), Food and Drug Administration (FDA) number(s), and Medicaid 
and Medicare provider number(s);
    (vii) Names and titles of principal officers and owners;
    (viii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (ix) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (4) For all subjects:
    (i) Whether the subject will be automatically reinstated.
    (ii) The date of appeal, if any.
    (d) Sanctions for failure to report. The Secretary will provide for 
a publication

[[Page 9157]]

of a public report that identifies those agencies that have failed to 
report information on adverse actions as required to be reported under 
this section.


Sec.  60.11  Reporting negative actions or findings taken by peer 
review organizations or private accreditation entities.

    (a) What actions must be reported. Peer review organizations and 
private accreditation entities are required to report any negative 
actions or findings (as defined in Sec.  60.3) which are taken against 
a health care practitioner, physician, dentist, health care entity, 
provider, or supplier to the NPDB and provide a copy to the appropriate 
State licensing or certification agency. The health care practitioner, 
physician, dentist, health care entity, provider, or supplier must be 
licensed or otherwise authorized by the State to provide health care 
services. The actions taken must be as a result of formal proceedings 
(as defined in Sec.  60.3).
    (b) What information must be reported. Each peer review 
organization and private accreditation entity must report the 
information as required in Sec.  60.9(b).
    (c) What information may be reported, if known: Each peer review 
organization and private accreditation entity should report, if known, 
the information as described in Sec.  60.9(c).
    (d) Access to documents. Each peer review organization and private 
accreditation entity must provide the Secretary (or an entity 
designated by the Secretary) with access to the documents underlying 
the actions described in this section as may be necessary for the 
Secretary to determine the facts and circumstances concerning the 
actions and determinations for the purpose of carrying out section 
1921.


Sec.  60.12  Reporting adverse actions taken against clinical 
privileges.

    (a) Reporting by health care entities to the NPDB.
    (1) Actions that must be reported and to whom the report must be 
made. Each health care entity must report to the NPDB and provide a 
copy of the report to the Board of Medical Examiners in the State in 
which the health care entity is located the following actions:
    (i) Any professional review action that adversely affects the 
clinical privileges of a physician or dentist for a period longer than 
30 days;
    (ii) Acceptance of the surrender of clinical privileges or any 
restriction of such privileges by a physician or dentist:
    (A) While the physician or dentist is under investigation by the 
health care entity relating to possible incompetence or improper 
professional conduct, or
    (B) In return for not conducting such an investigation or 
proceeding; or
    (iii) In the case of a health care entity which is a professional 
society, when it takes a professional review action concerning a 
physician or dentist.
    (2) Voluntary reporting on other health care practitioners. A 
health care entity may report to the NPDB information as described in 
paragraph (a)(3) of this section concerning actions described in 
paragraph (a)(1) in this section with respect to other health care 
practitioners.
    (3) What information must be reported. The health care entity must 
report the following information concerning actions described in 
paragraph (a)(1) of this section with respect to a physician or 
dentist:
    (i) Name,
    (ii) Work address,
    (iii) Home address, if known,
    (iv) Social Security Number, if known, and if obtained in 
accordance with section 7 of the Privacy Act of 1974,
    (v) Date of birth,
    (vi) Name of each professional school attended and year of 
graduation,
    (vii) For each professional license: the license number, the field 
of licensure, and the name of the State or Territory in which the 
license is held,
    (viii) Drug Enforcement Administration registration number, if 
known,
    (ix) A description of the acts or omissions or other reasons for 
privilege loss, or, if known, for surrender,
    (x) Action taken, date the action was taken, and effective date of 
the action, and
    (xi) Other information as required by the Secretary from time to 
time after publication in the Federal Register and after an opportunity 
for public comment.
    (b) Reporting by the Board of Medical Examiners to the NPDB. Each 
Board must report any known instances of a health care entity's failure 
to report information as required under paragraph (a)(1) of this 
section. In addition, each Board of Medical Examiners must 
simultaneously report this information to the appropriate State 
licensing board in the State in which the health care entity is 
located, if the Board of Medical Examiners is not such licensing board.
    (c) Sanctions.
    (1) Health care entities. If the Secretary has reason to believe 
that a health care entity has substantially failed to report 
information in accordance with this section, the Secretary will conduct 
an investigation. If the investigation shows that the health care 
entity has not complied with this section, the Secretary will provide 
the entity with a written notice describing the noncompliance, giving 
the health care entity an opportunity to correct the noncompliance, and 
stating that the entity may request, within 30 days after receipt of 
such notice, a hearing with respect to the noncompliance. The request 
for a hearing must contain a statement of the material factual issues 
in dispute to demonstrate that there is cause for a hearing. These 
issues must be both substantive and relevant. The hearing will be held 
in the Washington, DC, metropolitan area. The Secretary will deny a 
hearing if:
    (i) The request for a hearing is untimely,
    (ii) The health care entity does not provide a statement of 
material factual issues in dispute, or
    (iii) The statement of factual issues in dispute is frivolous or 
inconsequential. In the event that the Secretary denies a hearing, the 
Secretary will send a written denial to the health care entity setting 
forth the reasons for denial. If a hearing is denied, or if as a result 
of the hearing the entity is found to be in noncompliance, the 
Secretary will publish the name of the health care entity in the 
Federal Register. In such case, the immunity protections provided under 
section 411(a) of the Act will not apply to the health care entity for 
professional review activities that occur during the three-year period 
beginning 30 days after the date of publication of the entity's name in 
the Federal Register.
    (2) Board of Medical Examiners. If, after notice of noncompliance 
and providing opportunity to correct noncompliance, the Secretary 
determines that a Board of Medical Examiners has failed to report 
information in accordance with paragraph (b) of this section, the 
Secretary will designate another qualified entity for the reporting of 
this information.


Sec.  60.13  Reporting Federal or State criminal convictions related to 
the delivery of a health care item or service.

    (a) Who must report. Federal and State prosecutors must report 
criminal convictions against health care practitioners, physicians, 
dentists, providers, and suppliers related to the delivery of a health 
care item or service (regardless of whether the conviction is the 
subject of a pending appeal).

[[Page 9158]]

    (b) Entities described in paragraph (a) of this section must report 
the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Name;
    (ii) Social Security Number (or ITIN) (States must report this 
information, if known, and if obtained in accordance with section 7 of 
the Privacy Act of 1974);
    (iii) Home address or address of record;
    (iv) Sex; and
    (v) Date of birth.
    (2) If the subject is an individual, that individual's employment 
or professional identifiers, including:
    (i) Organization name and type;
    (ii) Occupation and specialty, if applicable; and
    (iii) National Provider Identifier (NPI).
    (3) If the subject is an organization, identifiers, including:
    (i) Name;
    (ii) Business address;
    (iii) Federal Employer Number (FEIN), or Social Security Number (or 
ITIN) when used by the subject as a Taxpayer Identification Number 
(TIN);
    (iv) The NPI; and
    (v) Type of organization.
    (4) For all subjects:
    (i) A narrative description of the acts or omissions and injuries 
upon which the reported action was based;
    (ii) Classification of the acts or omissions in accordance with a 
reporting code adopted by the Secretary;
    (iii) Name and location of court or judicial venue in which the 
action was taken;
    (iv) Docket or court file number;
    (v) Type of action taken;
    (vi) Statutory offense(s) and count(s);
    (vii) Name of primary prosecuting agency (or the plaintiff in civil 
actions);
    (viii) Date of sentence or judgment;
    (ix) Length of incarceration, detention, probation, community 
service, or suspended sentence;
    (x) Amounts of any monetary judgment, penalty, fine, assessment, or 
restitution;
    (xi) Other sentence, judgment, or orders;
    (xii) If the action is on appeal;
    (xiii) Name and address of the reporting entity; and
    (xiv) The name, title, and telephone number of the responsible 
official submitting the report on behalf of the reporting entity.
    (c) Entities described in paragraph (a) of this section and each 
State should report, if known, the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Other name(s) used;
    (ii) Other address; and
    (iii) FEIN, when used by the individual as a TIN.
    (2) If the subject is an individual, that individual's employment 
or professional identifiers, including:
    (i) State professional license (including professional 
certification and registration) number(s), field(s) of licensure, and 
the name(s) of the State or Territory in which the license is held;
    (ii) Other numbers assigned by Federal or State agencies, to 
include, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Unique Physician Identification Number(s) 
(UPIN), and Medicaid and Medicare provider number(s);
    (iii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (iv) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (3) If the subject is an organization, identifiers, including:
    (i) Other name(s) used;
    (ii) Other address(es) used;
    (iii) Other FEIN(s) or Social Security Numbers(s) (or ITINs) used;
    (iv) Other NPI(s) used;
    (v) State license (including certification and registration) 
number(s) and the name(s) of the State or Territory in which the 
license is held;
    (vi) Other numbers assigned by Federal or State agencies, to 
include, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Clinical Laboratory Improvement Act (CLIA) 
number(s), Food and Drug Administration (FDA) number(s), and Medicaid 
and Medicare provider number(s);
    (vii) Names and titles of principal officers and owners;
    (viii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (ix) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (4) For all subjects:
    (i) Prosecuting agency's case number;
    (ii) Investigative agencies involved;
    (iii) Investigative agencies case or file number(s); and
    (iv) The date of appeal, if any.
    (d) Access to documents. Each State must provide the Secretary (or 
an entity designated by the Secretary) with access to the documents 
underlying the actions described in paragraphs (a)(1) through (4) of 
this section, as may be necessary for the Secretary to determine the 
facts and circumstances concerning the actions and determinations for 
the purpose of carrying out section 1921.
    (e) Sanctions for failure to report. The Secretary will provide for 
publication of a public report that identifies those agencies that have 
failed to report information on criminal convictions as required to be 
reported under this section.


Sec.  60.14  Reporting civil judgments related to the delivery of a 
health care item or service.

    (a) Who must report. Federal and State attorneys and health plans 
must report civil judgments against health care practitioners, 
physicians, dentists, providers, or suppliers related to the delivery 
of a health care item or service (regardless of whether the civil 
judgment is the subject of a pending appeal). If a Government agency is 
party to a multi-claimant civil judgment, it must assume the 
responsibility for reporting the entire action, including all amounts 
awarded to all the claimants, both public and private. If there is no 
Government agency as a party, but there are multiple health plans as 
claimants, the health plan which receives the largest award must be 
responsible for reporting the total action for all parties.
    (b) What information must be reported. Entities described in 
paragraph (a) of this section must report the information as required 
in Sec.  60.13(b).
    (c) What information may be reported, if known. Entities described 
in paragraph (a) of this section should report, if known the 
information as described in Sec.  60.13(c).
    (d) Access to documents. Each State must provide the Secretary (or 
an entity designated by the Secretary) with access to the documents 
underlying the actions described in paragraphs (a)(1) through (4) of 
this section, as may be necessary for the Secretary to determine the 
facts and circumstances concerning the actions and determinations for 
the purpose of carrying out section 1921.
    (e) Sanctions for failure to report. Any health plan that fails to 
report information on a civil judgment required to be reported under 
this section will be subject to a civil money penalty (CMP) of not more 
than $25,000 for each such adverse action not reported. Such penalty 
will be imposed and collected in the same manner as CMPs under 
subsection (a) of section 1128A of the Social Security Act. The 
Secretary will provide for publication of a public report that 
identifies those Government agencies that have failed to report 
information on civil judgments as required to be reported under this 
section.

[[Page 9159]]

Sec.  60.15  Reporting exclusions from participation in Federal or 
State health care programs.

    (a) Who must report. Federal Government agencies and State law and 
fraud enforcement agencies must report health care practitioners, 
physicians, dentists, providers, or suppliers excluded from 
participating in Federal or State health care programs, including 
exclusions that were made in a matter in which there was also a 
settlement that is not reported because no findings or admissions of 
liability have been made (regardless of whether the exclusion is the 
subject of a pending appeal).
    (b) What information must be reported. Entities described in 
paragraph (a) of this section must report the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Name;
    (ii) Social Security Number (or ITIN) (State law and fraud 
enforcement agencies must report this information if known, and if 
obtained in accordance with section 7 of the Privacy Act of 1974);
    (iii) Home address or address of record;
    (iv) Sex; and
    (v) Date of birth.
    (2) If the subject is an individual, that individual's employment 
or professional identifiers, including:
    (i) Organization name and type;
    (ii) Occupation and specialty, if applicable; and
    (iii) National Provider Identifier (NPI).
    (3) If the subject is an organization, identifiers, including:
    (i) Name;
    (ii) Business address;
    (iii) Federal Employer Identification Number (FEIN) or Social 
Security Number (or ITIN) when used by the subject as a Taxpayer 
Identification Number (TIN);
    (iv) The NPI; and
    (v) Type of organization.
    (4) For all subjects:
    (i) A narrative description of the acts or omissions and injuries 
upon which the reported action was based;
    (ii) Classification of the acts or omissions in accordance with a 
reporting code adopted by the Secretary;
    (iii) Classification of the action taken in accordance with a 
reporting code adopted by the Secretary, and the amount of any monetary 
penalty resulting from the reported action;
    (iv) The date the action was taken, its effective date and 
duration;
    (v) If the action is on appeal;
    (vi) Name of the agency taking the action;
    (vii) Name and address of the reporting entity; and
    (viii) The name, title, and telephone number of the responsible 
official submitting the report on behalf of the reporting entity.
    (c) Entities described in paragraph (a) of this section should 
report, if known, the following information:
    (1) If the subject is an individual, personal identifiers, 
including:
    (i) Other name(s) used;
    (ii) Other address;
    (iii) FEIN, when used by the individual as a TIN;
    (iv) Name of each professional school attended and year of 
graduation; and
    (v) If deceased, date of death.
    (2) If the subject is an individual, that individual's employment 
or professional identifiers, including:
    (i) State professional license (including professional registration 
and certification) number(s), field(s) of licensure, and the name(s) of 
the State or Territory in which the license is held;
    (ii) Other numbers assigned by Federal or State agencies, to 
include, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Unique Physician Identification Number(s) 
(UPIN), and Medicaid and Medicare provider number(s);
    (iii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (iv) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (3) If the subject is an organization, identifiers, including:
    (i) Other name(s) used;
    (ii) Other address(es) used;
    (iii) Other FEIN(s) or Social Security Numbers(s) (or ITINs) used;
    (iv) Other NPI(s) used;
    (v) State license (including registration and certification) 
number(s) and the name(s) of the State or territory in which the 
license is held;
    (vi) Other numbers assigned by Federal or State agencies, to 
include, but not limited to Drug Enforcement Administration (DEA) 
registration number(s), Clinical Laboratory Improvement Act (CLIA) 
number(s), Food and Drug Administration (FDA) number(s), and Medicaid 
and Medicare provider number(s);
    (vii) Names and titles of principal officers and owners;
    (viii) Name(s) and address(es) of any health care entity with which 
the subject is affiliated or associated; and
    (ix) Nature of the subject's relationship to each associated or 
affiliated health care entity.
    (4) For all subjects:
    (i) If the subject will be automatically reinstated; and
    (ii) The date of appeal, if any.
    (d) Access to documents. Each State must provide the Secretary (or 
an entity designated by the Secretary) with access to the documents 
underlying the actions described in paragraphs (a) (1) through (4) of 
this section, as may be necessary for the Secretary to determine the 
facts and circumstances concerning the actions and determinations for 
the purpose of carrying out section 1921.
    (e) Sanctions for failure to report. The Secretary will provide for 
publication of a public report that identifies those Government 
agencies that have failed to report information on exclusions or 
debarments as required to be reported under this section.


Sec.  60.16  Reporting other adjudicated actions or decisions.

    (a) Who must report. Federal Government agencies, State law or 
fraud enforcement agencies, and health plans must report other 
adjudicated actions or decisions as defined in Sec.  60.3 related to 
the delivery, payment or provision of a health care item or service 
against health care practitioners, physicians, dentists, providers, and 
suppliers (regardless of whether the other adjudicated action or 
decision is subject to a pending appeal).
    (b) Entities described in paragraph (a) of this section must report 
the information as required in Sec.  60.15(b).
    (c) Entities described in paragraph (a) of this section should 
report, if known, the information as described in Sec.  60.15(c).
    (d) Access to documents. Each State must provide the Secretary (or 
an entity designated by the Secretary) with access to the documents 
underlying the actions described in paragraphs (a) (1) through (4) of 
this section, as may be necessary for the Secretary to determine the 
facts and circumstances concerning the actions and determinations for 
the purpose of carrying out section 1921.
    (e) Sanctions for failure to report. Any health plan that fails to 
report information on another adjudicated action or decision required 
to be reported under this section will be subject to a civil money 
penalty (CMP) of not more than $25,000 for each such action not 
reported. Such penalty will be imposed and collected in the same manner 
as CMPs under subsection (a) of section 1128A of the Social Security 
Act. The Secretary will provide for publication of a public report that 
identifies those Government agencies that have failed to report 
information on other adjudicated actions as required to be reported 
under this section.

[[Page 9160]]

Subpart C--Disclosure of Information by the National Practitioner 
Data Bank


Sec.  60.17  Information which hospitals must request from the National 
Practitioner Data Bank.

    (a) When information must be requested. Each hospital, either 
directly or through an authorized agent, must request information from 
the NPDB concerning a physician, dentist, or other health care 
practitioner, as follows:
    (1) At the time a physician, dentist, or other health care 
practitioner, applies for a position on its medical staff (courtesy or 
otherwise), or for clinical privileges at the hospital; and
    (2) Every two years concerning any physician, dentist, or other 
health care practitioner, who is on its medical staff (courtesy or 
otherwise) or has clinical privileges at the hospital.
    (b) Failure to request information. Any hospital which does not 
request the information as required in paragraph (a) of this section is 
presumed to have knowledge of any information reported to the NPDB 
concerning this physician, dentist, or other health care practitioner.
    (c) Reliance on the obtained information. Each hospital may rely 
upon the information provided by the NPDB to the hospital. A hospital 
shall not be held liable for this reliance unless the hospital has 
knowledge that the information provided was false.


Sec.  60.18  Requesting information from the National Practitioner Data 
Bank.

    (a) Who may request information and what information may be 
available. Information in the NPDB will be available, upon request, to 
the persons or entities, or their authorized agents, as described 
below:
    (1) Information reported under Sec. Sec.  60.7, 60.8, and 60.12 is 
available to:
    (i) A hospital that requests information concerning a physician, 
dentist, or other health care practitioner who is on its medical staff 
(courtesy or otherwise) or has clinical privileges at the hospital;
    (ii) A physician, dentist, or other health care practitioner who 
requests information concerning himself or herself;
    (iii) A State Medical Board of Examiners or other State authority 
that licenses physicians, dentists, or other health care practitioners;
    (iv) A health care entity which has entered or may be entering into 
an employment or affiliation relationship with a physician, dentist, or 
other health care practitioner, or to which the physician, dentist, or 
other health care practitioner has applied for clinical privileges or 
appointment to the medical staff;
    (v) An attorney, or individual representing himself or herself, who 
has filed a medical malpractice action or claim in a State or Federal 
court or other adjudicative body against a hospital, and who requests 
information regarding a specific physician, dentist, or other health 
care practitioner who is also named in the action or claim. This 
information will be disclosed only upon the submission of evidence that 
the hospital failed to request information from the NPDB, as required 
by Sec.  60.17(a), and may be used solely with respect to litigation 
resulting from the action or claim against the hospital;
    (vi) A health care entity with respect to professional review 
activity; and
    (vii) A person or entity requesting statistical information, in a 
form which does not permit the identification of any individual or 
entity.
    (2) Information reported under Sec. Sec.  60.9, 60.10, 60.11, 
60.13, 60.14, 60.15, and 60.16 is available to the agencies, 
authorities, and officials listed below that request information on 
licensure or certification actions, any other negative actions or 
findings, or final adverse actions concerning an individual 
practitioner, physician, dentist, health care entity, provider, or 
supplier. These agencies, authorities, and officials may obtain data 
for the purposes of determining the fitness of individuals to provide 
health care services, protecting the health and safety of individuals 
receiving health care through programs administered by the requesting 
agency, and protecting the fiscal integrity of these programs.
    (i) Agencies administering (including those providing payment for 
services) Federal health care programs, including private entities 
administering such programs under contract;
    (ii) State licensing or certification agencies and Federal agencies 
responsible for the licensing and certification of health care 
practitioners, physicians, dentists, providers, or suppliers;
    (iii) State agencies administering or supervising the 
administration of State health care programs (as defined in 42 U.S.C. 
1128(h));
    (iv) State law or fraud enforcement agencies;
    (v) Law enforcement officials and agencies such as:
    (A) United States Attorney General;
    (B) United States Chief Postal Inspector;
    (C) United States Inspectors General;
    (D) United States Attorneys;
    (E) United States Comptroller General;
    (F) United States Drug Enforcement Administration;
    (G) United States Nuclear Regulatory Commission; or
    (H) Federal Bureau of Investigation;
    (vi) Utilization and quality control peer review organizations 
described in part B of title XI and to appropriate entities with 
contracts under section 1154(a)(4)(C) of the Social Security Act with 
respect to eligible organizations reviewed under the contracts, but 
only with respect to information provided pursuant to Sec. Sec.  60.9 
and 60.11, as well as information provided pursuant to Sec. Sec.  
60.13, 60.14, 60.15, and 60.16 by Federal agencies and health plans;
    (vii) Hospitals and other health care entities (as defined in 
section 431 of the Health Care Quality Improvement Act of 1986), with 
respect to physicians or other licensed health care practitioners who 
have entered (or may be entering) into employment or affiliation 
relationships with, or have applied for clinical privileges or 
appointments to the medical staff of such hospitals or other health 
care entities, but only with respect to information provided pursuant 
to Sec. Sec.  60.9 and 60.11, as well as information provided pursuant 
to Sec. Sec.  60.13, 60.14, 60.15, and 60.16 by Federal agencies and 
health plans;
    (viii) health plans;
    and
    (ix) A health care practitioner, physician, dentist, health care 
entity, provider, or supplier who requests information concerning 
himself, herself, or itself; and
    (x) A person or entity requesting statistical information, in a 
form which does not permit the identification of any individual or 
entity. (For example, researchers may use statistical information to 
identify the total number of nurses with adverse licensure actions in a 
specific State. Similarly, researchers may use statistical information 
to identify the total number of health care entities denied 
accreditation.)
    (b) Procedures for obtaining National Practitioner Data Bank 
information. Persons and entities may obtain information from the NPDB 
by submitting a request in such form and manner as the Secretary may 
prescribe. These requests are subject to fees as described in Sec.  
60.19.


Sec.  60.19  Fees applicable to requests for information.

    (a) Policy on Fees. The fees described in this section apply to all 
requests for information from the NPDB. The amount of such fees will be 
sufficient to recover the full costs of operating the NPDB. The actual 
fees will be announced by the Secretary in periodic notices in the 
Federal Register. However, for purposes of verification

[[Page 9161]]

and dispute resolution at the time the report is accepted, the NPDB 
will provide a copy--at the time a report has been submitted, 
automatically, without a request and free of charge--of the record to 
the health care practitioner, physician, dentist, entity, provider, or 
supplier who is the subject of the report and to the reporter.
    (b) Criteria for determining the fee. The amount of each fee will 
be determined based on the following criteria:
    (1) Direct and indirect personnel costs, including salaries and 
fringe benefits such as medical insurance and retirement;
    (2) Physical overhead, consulting, and other indirect costs 
(including materials and supplies, utilities, insurance, travel, and 
rent and depreciation on land, buildings, and equipment);
    (3) Agency management and supervisory costs;
    (4) Costs of enforcement, research, and establishment of 
regulations and guidance;
    (5) Use of electronic data processing equipment to collect and 
maintain information--the actual cost of the service, including 
computer search time, runs and printouts; and
    (6) Any other direct or indirect costs related to the provision of 
services.
    (c) Assessing and collecting fees. The Secretary will announce 
through notice in the Federal Register from time to time the methods of 
payment of NPDB fees. In determining these methods, the Secretary will 
consider efficiency, effectiveness, and convenience for the NPDB users 
and the Department. Methods may include: credit card electronic fund 
transfer, and other methods of electronic payment.


Sec.  60.20  Confidentiality of National Practitioner Data Bank 
information.

    (a) Limitations on disclosure. Information reported to the NPDB is 
considered confidential and shall not be disclosed outside the 
Department of Health and Human Services, except as specified in 
Sec. Sec.  60.17, 60.18, and 60.21. Persons and entities receiving 
information from the NPDB, either directly or from another party, must 
use it solely with respect to the purpose for which it was provided. 
Nothing in this section will prevent the disclosure of information by a 
party from its own files used to create such reports where disclosure 
is otherwise authorized under applicable State or Federal law.
    (b) Penalty for violations. Any person who violates paragraph (a) 
shall be subject to a civil money penalty of up to $11,000 for each 
violation. This penalty will be imposed pursuant to procedures at 42 
CFR part 1003.


Sec.  60.21  How to dispute the accuracy of National Practitioner Data 
Bank information.

    (a) Who may dispute the NPDB information. The NPDB will routinely 
mail or transmit electronically to the subject a copy of the report 
filed in the NPDB. In addition, as indicated in Sec.  60.18(a)(2)(ix), 
the subject may also request a copy of such report. The subject of the 
report or a designated representative may dispute the accuracy of a 
report concerning himself, herself, or itself as set forth in paragraph 
(b) of this section.
    (b) Procedures for disputing a report with the reporting entity.
    (1) If the subject disagrees with the reported information, the 
subject must request in writing that the NPDB enter the report into 
``disputed status.''
    (2) The NPDB will send the report, with a notation that the report 
has been placed in ``disputed status,'' to queriers (where 
identifiable), the reporting entity and the subject of the report.
    (3) The subject must attempt to enter into discussion with the 
reporting entity to resolve the dispute. If the reporting entity 
revises the information originally submitted to the NPDB, the NPDB will 
notify the subject and all entities to whom reports have been sent that 
the original information has been revised. If the reporting entity does 
not revise the reported information, or does not respond to the subject 
within 60 days, the subject may request that the Secretary review the 
report for accuracy. The Secretary will decide whether to correct the 
report within 30 days of the request. This time frame may be extended 
for good cause. The subject also may provide a statement to the NPDB, 
either directly or through a designated representative, that will 
permanently append the report.
    (c) Procedures for requesting a Secretarial review.
    (1) The subject must request, in writing, that the Secretary review 
the report for accuracy. The subject must return this request to the 
NPDB along with appropriate materials that support the subject's 
position. The Secretary will only review the accuracy of the reported 
information, and will not consider the merits or appropriateness of the 
action or the due process that the subject received.
    (2) After the review, if the Secretary:
    (i) Concludes that the information is accurate and reportable to 
the NPDB, the Secretary will inform the subject and the NPDB of the 
determination. The Secretary will include a brief statement 
(Secretarial Statement) in the report that describes the basis for the 
decision. The report will be removed from ``disputed status.'' The NPDB 
will distribute the corrected report and statement(s) to previous 
queriers (where identifiable), the reporting entity and the subject of 
the report.
    (ii) Concludes that the information contained in the report is 
inaccurate, the Secretary will inform the subject of the determination 
and direct the NPDB or the reporting entity to revise the report. The 
Secretary will include a brief statement (Secretarial Statement) in the 
report describing the findings. The NPDB will distribute the corrected 
report and statement(s) to previous queriers (where identifiable), the 
reporting entity and the subject of the report.
    (iii) Determines that the disputed issues are outside the scope of 
the Department's review, the Secretary will inform the subject and the 
NPDB of the determination. The Secretary will include a brief statement 
(Secretarial Statement) in the report describing the findings. The 
report will be removed from ``disputed status.'' The NPDB will 
distribute the report and the statement(s) to previous queriers (where 
identifiable), the reporting entity and the subject of the report.
    (iv) Determines that the adverse action was not reportable and 
therefore should be removed from the NPDB, the Secretary will inform 
the subject and direct the NPDB to void the report. The NPDB will 
distribute a notice to previous queriers (where identifiable), the 
reporting entity and the subject of the report that the report has been 
voided.


Sec.  60.22  Immunity.

    Individuals, entities or their authorized agents, and the NPDB 
shall not be held liable in any civil action filed by the subject of a 
report unless the individual, entity, or authorized agent submitting 
the report has actual knowledge of the falsity of the information 
contained in the report.

Title 45--Public Welfare

4. CHAPTER I--DEPARTMENT OF HEALTH AND HUMAN SERVICES

PART 61--[REMOVED]

    4. Under the authority of 42 U.S.C. 1320a-7e, remove part 61.

[FR Doc. 2012-3014 Filed 2-14-12; 8:45 am]
BILLING CODE 4165-15-P