Privacy Act of 1974; Report of a New System of Records, 58621-58626 [E6-16329]
Download as PDF
<![CDATA[
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
Peachtree Street, N.E., Atlanta, Georgia
30309:
1. FNBC Financial Corporation,
Crestview, Florida; to become a bank
holding company by acquiring 100
percent of the voting shares of First
National Bank of Crestview, Crestview,
Florida.
B. Federal Reserve Bank of Dallas
(W. Arthur Tribble, Vice President) 2200
North Pearl Street, Dallas, Texas 752012272:
1. Kleberg & Company Bankers, Inc.,
Kingsville, Texas, and Kleberg
Delaware, Inc., Dover, Delaware; to
merge with Brazosport Corporation,
Corpus Christi, Texas, and indirectly
acquire Brazosport Corporation –
Nevada, Inc., Carson City, Nevada, and
First Commerce Bank, Corpus Christi,
Texas. In addition, Kleberg & Company
Bankers, Inc., Kingsville, Texas, and
Kleberg Delaware, Inc., Dover,
Delaware, have applied to engage in
lending activities, pursuant to section
225.28(b)(1) of Regulation Y though the
acquisition of an existing company,
First Commerce Mortgage Corporation,
Corpus Christi, Texas.
C. Federal Reserve Bank of San
Francisco (Tracy Basinger, Director,
Regional and Community Bank Group)
101 Market Street, San Francisco,
California 94105-1579:
1. Green Bancorp, Inc.; to become a
bank holding company by acquiring 100
percent of Redstone Bank, N.A., both of
Houston, Texas.
2. Belvedere Texas Holdings, L.P., San
Francisco, California; to become a bank
holding company by acquiring up to 49
percent of Green Bancorp., Inc., and
thereby indirectly acquire Redstone
Bank, N.A., both of Houston, Texas.
3. Belvedere Capital Partners II LLC,
and Belvedere Capital Fund II L.P., San
Francisco, California; to acquire up to
49 percent of Green Bancorp., Inc., and
thereby indirectly acquire Redstone
Bank, N.A., both of Houston, Texas.
Board of Governors of the Federal Reserve
System, September 29, 2006.
Jennifer J. Johnson,
Secretary of the Board.
[FR Doc. E6–16368 Filed 10–3–06; 8:45 am]
BILLING CODE 6210–01–S
FEDERAL RESERVE SYSTEM
rwilkins on PROD1PC63 with NOTICES
Sunshine Act Meeting
Board of
Governors of the Federal Reserve
System.
TIME AND DATE: 11:30 a.m., Tuesday,
October 10, 2006.
AGENCY HOLDING THE MEETING:
VerDate Aug<31>2005
14:45 Oct 03, 2006
Jkt 211001
Marriner S. Eccles Federal
Reserve Board Building, 20th and C
Streets, N.W., Washington, D.C. 20551.
STATUS: Closed.
MATTERS TO BE CONSIDERED:
1. Personnel actions (appointments,
promotions, assignments,
reassignments, and salary actions)
involving individual Federal Reserve
System employees.
2. Any items carried forward from a
previously announced meeting.
FOR FURTHER INFORMATION CONTACT:
Michelle Smith, Director, or Dave
Skidmore, Assistant to the Board, Office
of Board Members at 202–452–2955.
SUPPLEMENTARY INFORMATION: You may
call 202–452–3206 beginning at
approximately 5 p.m. two business days
before the meeting for a recorded
announcement of bank and bank
holding company applications
scheduled for the meeting; or you may
contact the Board’s Web site at https://
www.federalreserve.gov for an electronic
announcement that not only lists
applications, but also indicates
procedural and other information about
the meeting.
PLACE:
Board of Governors of the Federal Reserve
System, September 29, 2006.
Robert deV. Frierson,
Deputy Secretary of the Board.
[FR Doc. 06–8498 Filed 9–29–06; 4:33 pm]
BILLING CODE 6210–01–S
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Medicare & Medicaid
Services
Privacy Act of 1974; Report of a New
System of Records
Department of Health and
Human Services (HHS), Centers for
Medicare & Medicaid Services (CMS).
ACTION: Notice of a New System of
Records (SOR).
AGENCY:
SUMMARY: In accordance with the
requirements of the Privacy Act of 1974,
we are proposing to establish a new
SOR titled ‘‘Low Vision Rehabilitation
Demonstration (LVRD),’’ System No.
09–70–0582. The program is mandated
by Section 641 of the Medicare
Prescription Drug Improvement and
Modernization Act of 2003 (MMA)
(Public Law (Pub. L.) 108–173), enacted
into law on December 8, 2003, and
amended Title XVIII of the Social
Security Act (the Act). The LVRD
program seeks to establish a new
demonstration project to examine
Medicare beneficiaries who are
PO 00000
Frm 00046
Fmt 4703
Sfmt 4703
58621
diagnosed with moderate to severe
visual impairment and who may be
eligible to receive covered vision
rehabilitating services. Rehabilitation
may be conducted under general
supervision of a qualified physician in
an appropriate setting including in the
home of the beneficiary receiving the
services. Improvements in these areas
are expected to generate savings to the
Medicare program to offset the costs of
the performance payments.
The primary purpose of the system is
to collect and maintain identifiable
information on Medicare beneficiaries
who participate in Medicare Part B feefor-service coverage, qualified
physicians, such as ophthalmologists or
optometrists, qualified occupational
therapists, and vision rehabilitation
therapists who are certified by the
Academy for Certification of Vision
Rehabilitation Professionals.
Information retrieved from this system
will also be disclosed to: (1) Support
regulatory, reimbursement, and policy
functions performed within the agency
or by a contractor, consultant, or
grantee; (2) assist another Federal or
state agency with information to enable
such agency to administer a Federal
health benefits program, or to enable
such agency to fulfill a requirement of
Federal statute or regulation that
implements a health benefits program
funded in whole or in part with Federal
funds; (3) assist an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects; (4) support litigation
involving the agency; and (5) combat
fraud, waste, and abuse in certain health
benefits programs. We have provided
background information about the new
system in the SUPPLEMENTARY
INFORMATION section below. Although
the Privacy Act requires only that CMS
provide an opportunity for interested
persons to comment on the proposed
routine uses, CMS invites comments on
all portions of this notice. See EFFECTIVE
DATES section for comment period.
EFFECTIVE DATES: CMS filed a new
system report with the Chair of the
House Committee on Government
Reform and Oversight, the Chair of the
Senate Committee on Homeland
Security and Governmental Affairs, and
the Administrator, Office of Information
and Regulatory Affairs, Office of
Management and Budget (OMB) on 09/
27/2006. In any event, we will not
disclose any information under a
routine use until 30 days after
publication in the Federal Register or
E:\FR\FM\04OCN1.SGM
04OCN1
rwilkins on PROD1PC63 with NOTICES
58622
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
40 days after mailings to Congress,
whichever is later. We may defer
implementation of this system or on one
or more of the routine uses listed below
if we receive comments that persuade us
to defer implementation.
ADDRESSES: The public should address
comments to the CMS Privacy Officer,
Division of Privacy Compliance,
Enterprise Architecture and Strategy
Group, Office of Information Services,
Mail-stop N2–04–27, 7500 Security
Boulevard, Baltimore, Maryland 21244–
1850. Comments received will be
available for review at this location by
appointment during regular business
hours, Monday through Friday from 9
a.m.–3 p.m., eastern time.
FOR FURTHER INFORMATION CONTACT: Joel
Greer, Social Science Research Analyst,
Division of Beneficiary Research,
Research & Evaluation Group, Office of
Research Development and Information,
CMS, Mail Stop C3–18–07, 7500
Security Boulevard, Baltimore,
Maryland 21244–1850. The telephone
number is (410) 786–6695 or e-mail
joel.greer@cms.hhs.gov.
SUPPLEMENTARY INFORMATION: Section
641 of MMA requires the Secretary of
Health and Human Services to carry out
a nationwide outpatient vision
rehabilitation services demonstration
project. Under this LVRD, Medicare will
cover vision rehabilitation services for
people with a diagnosis of moderate or
severe vision impairment including
blindness that is not correctable by
conventional methods, such as glasses
or surgery. Demonstration covered
services will only be available to
Medicare beneficiaries who live in one
of the specified demonstration locales
and must be prescribed by a qualified
physician, such as an ophthalmologist
or an optometrist who also practice in
one of the specified demonstration
locales.
LVRD locales will include New
Hampshire, New York City (all 5
boroughs), Atlanta, GA., North Carolina,
Kansas, and Washington State. Eligible
beneficiaries who live in these areas and
receive their medical eye care from an
ophthalmologist or an optometrist who
practice in these areas could be covered
for up to 9 hours of rehabilitation
services provided in an appropriate
setting, including in the home. For
many with visual impairments,
rehabilitation training can help them
maintain their independence and
quality of life. Rehabilitation can help
prevent accidents, like falls and burns
that often occur when someone cannot
navigate well due to vision loss.
Under LVRD, Medicare will cover
vision rehabilitation services for people
VerDate Aug<31>2005
14:45 Oct 03, 2006
Jkt 211001
with a diagnosis of moderate or severe
vision impairment including blindness
that is not correctable by conventional
methods, such as glasses or surgery.
Rehabilitation may be conducted under
general supervision of a qualified
physician in appropriate settings
including in the home of the beneficiary
receiving the services. Rehabilitation
must be prescribed by a qualified
physician and administered under an
individualized, written plan or care
developed by a qualified physician or
qualified occupational therapist in
private practice (OTPP). The plan of
care must contain a specific diagnosis of
visual impairment and must assure that
vision rehabilitation services are
medically necessary and the beneficiary
receiving vision rehabilitation is capable
of deriving benefit from the
rehabilitation. Under the demonstration,
services will be covered when provided
by a qualified occupational therapist, or
by a low vision therapist, orientation
and mobility specialist, or vision
rehabilitation therapists (aka
rehabilitation teachers) who are certified
by the Academy for Certification of
Vision Rehabilitation Professionals
(ACVREP).
Rehabilitation will be judged
completed when the treatment goals
have been attained and any subsequent
services would be for maintenance of a
level of functional ability or when the
patient has demonstrated no progress on
two consecutive visits. All services
covered under this demonstration are
one-on-one, face to face services. Group
services will not be covered.
Some areas of the country provide
Medicare coverage for vision
rehabilitation services under local
coverage decisions (LCDs). LCDs allow
Medicare to pay for vision rehabilitation
when provided by qualified personnel,
such as occupational therapists. LCDs
may also allow coverage for vision
rehabilitation when provided in the
home by a qualified OTPP under general
supervision. The LVRD does not
supersede LCDs whether services are
provided in a demonstration locale, or
not. Physicians and other providers who
are not practicing in a designated
demonstration locale may submit claims
for vision rehabilitation as LCD covered
therapy services, as before. Physicians
and providers who are practicing
designated demonstration locale may
submit claims as either demonstrationrelated services or LCD covered therapy
services, or both. However, in nondemonstration related services, LCD
will not cover services provided by
orientation and mobility specialists, low
vision therapists, or vision
rehabilitation therapists and only OTPP
PO 00000
Frm 00047
Fmt 4703
Sfmt 4703
can provide rehabilitation services in
the home.
I. Description of the New System of
Records
A. Statutory and Regulatory Basis for
System
The authority for maintenance of this
system is given under the provisions of
Section 641 of the Medicare
Prescription Drug, Improvement, and
Modernization Act of 2003 (MMA)
(Public Law 108–173), enacted into law
on December 8, 2003, and amended
Title XVIII of the Social Security Act.
B. Collection and Maintenance of Data
in the System
The data will be collected and
maintained on individual beneficiaries
receiving the services and who
participate in Medicare Part B fee-forservice coverage, qualified physicians,
such as ophthalmologists or
optometrists, qualified occupational
therapists, and certified low vision
therapists, orientation and mobility
specialists, and vision rehabilitation
therapists (aka rehabilitation teachers)
who are certified by the Academy for
Certification of Vision Rehabilitation
Professionals.
The data collected will consist of, but
not limited to, clinical quality measures
collected from physicians participating
in the demonstration. The collected
information will contain provider name,
unique provider identification number,
unique demonstration practice
identification number, beneficiary
health insurance claim number (HICN),
beneficiary demographic and diagnostic
information relevant to the project.
II. Agency Policies, Procedures, and
Restrictions on the Routine Use
A. The Privacy Act permits us to
disclose information without an
individual’s consent if the information
is to be used for a purpose that is
compatible with the purpose(s) for
which the information was collected.
Any such disclosure of data is known as
a ‘‘routine use.’’ The government will
only release LVRD information that can
be associated with an individual as
provided for under ‘‘Section III.
Proposed Routine Use Disclosures of
Data in the System.’’ Both identifiable
and non-identifiable data may be
disclosed under a routine use.
We will only collect the minimum
personal data necessary to achieve the
purpose of LVRD. CMS has the
following policies and procedures
concerning disclosures of information
that will be maintained in the system.
Disclosure of information from the
E:\FR\FM\04OCN1.SGM
04OCN1
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
system will be approved only to the
extent necessary to accomplish the
purpose of the disclosure and only after
CMS:
1. Determines that the use or
disclosure is consistent with the reason
that the data is being collected, e.g., to
collect and maintain identifiable
information on Medicare beneficiaries
who participate in Medicare Part B feefor-service coverage.
2. Determines that:
a. The purpose for which the
disclosure is to be made can only be
accomplished if the record is provided
in individually identifiable form;
b. The purpose for which the
disclosure is to be made is of sufficient
importance to warrant the effect and/or
risk on the privacy of the individual that
additional exposure of the record might
bring; and
c. There is a strong probability that
the proposed use of the data would in
fact accomplish the stated purpose(s).
3. Requires the information recipient
to:
a. Establish administrative, technical,
and physical safeguards to prevent
unauthorized use of disclosure of the
record;
b. Remove or destroy at the earliest
time all individually identifiable
information; and
c. Agree to not use or disclose the
information for any purpose other than
the stated purpose under which the
information was disclosed.
4. Determines that the data are valid
and reliable.
III. Proposed Routine Use Disclosures
of Data in the System
rwilkins on PROD1PC63 with NOTICES
A. Entities Who May Receive
Disclosures Under Routine Use
The Privacy Act allows us to disclose
information without an individual’s
consent if the information is to be used
for a purpose that is compatible with the
purpose(s) for which the information
was collected. Any such compatible use
of data is known as a ‘‘routine use.’’ The
proposed routine uses in this system
meet the compatibility requirement of
the Privacy Act. We are proposing to
establish the following routine use
disclosures of information maintained
in the system:
1. To support agency contractors,
consultants, or grantees who have been
contracted by the agency to assist in the
performance of a service related to this
system and who need to have access to
the records in order to perform the
activity.
We contemplate disclosing
information under this routine use only
in situations in which CMS may enter
VerDate Aug<31>2005
14:45 Oct 03, 2006
Jkt 211001
into a contractual or similar agreement
with a third party to assist in
accomplishing agency business
functions relating to purposes for this
system.
CMS occasionally contracts out
certain of its functions when doing so
would contribute to effective and
efficient operations. CMS must be able
to give contractors, consultants, or
grantees whatever information is
necessary for the contractor to fulfill its
duties. In these situations, safeguards
are provided in the contract prohibiting
the contractors, consultants, or grantees
from using or disclosing the information
for any purpose other than that
described in the contract and requires
the contractors, consultants, or grantees
to return or destroy all information at
the completion of the contract.
2. To assist another Federal or state
agency to:
a. Contribute to the accuracy of CMS’s
proper payment of Medicare benefits,
b. Enable such agency to administer a
Federal health benefits program, or as
necessary to enable such agency to
fulfill a requirement of a Federal statute
or regulation that implements a health
benefits program funded in whole or in
part with Federal funds, and/or
Other Federal or state agencies in
their administration of a Federal health
program may require LVRD information
in order to support evaluations and
monitoring of Medicare claims
information of beneficiaries, including
proper reimbursement for services
provided.
3. To assist an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects.
The LVRD data will provide for
research or in support of evaluation
projects, a broader, longitudinal,
national perspective of the status of
Medicare beneficiaries. CMS anticipates
that many researchers will have
legitimate requests to use these data in
projects that could ultimately improve
the care provided to Medicare
beneficiaries and the policy that governs
the care.
4. To support the Department of
Justice (DOJ), court or adjudicatory body
when:
a. The agency or any component
thereof, or
b. Any employee of the agency in his
or her official capacity, or
c. Any employee of the agency in his
or her individual capacity where the
DOJ has agreed to represent the
employee, or
PO 00000
Frm 00048
Fmt 4703
Sfmt 4703
58623
d. The United States Government is a
party to litigation or has an interest in
such litigation, and by careful review,
CMS determines that the records are
both relevant and necessary to the
litigation and that the use of such
records by the DOJ, court or
adjudicatory body is compatible with
the purpose for which the agency
collected the records.
Whenever CMS is involved in
litigation, and occasionally when
another party is involved in litigation
and CMS’ policies or operations could
be affected by the outcome of the
litigation, CMS would be able to
disclose information to the DOJ, court or
adjudicatory body involved.
5. To assist a CMS contractor
(including, but not necessarily limited
to fiscal intermediaries and carriers) that
assists in the administration of a CMSadministered health benefits program,
or to a grantee of a CMS-administered
grant program, when disclosure is
deemed reasonably necessary by CMS to
prevent, deter, discover, detect,
investigate, examine, prosecute, sue
with respect to, defend against, correct,
remedy, or otherwise combat fraud,
waste, or abuse in such program.
We contemplate disclosing
information under this routine use only
in situations in which CMS may enter
into a contractual relationship or grant
with a third party to assist in
accomplishing CMS functions relating
to the purpose of combating fraud,
waste, and abuse.
CMS occasionally contracts out
certain of its functions and makes grants
when doing so would contribute to
effective and efficient operations. CMS
must be able to give a contractor or
grantee whatever information is
necessary for the contractor or grantee to
fulfill its duties. In these situations,
safeguards are provided in the contract
prohibiting the contractor or grantee
from using or disclosing the information
for any purpose other than that
described in the contract and requiring
the contractor or grantee to return or
destroy all information.
6. To assist another Federal agency or
to an instrumentality of any
governmental jurisdiction within or
under the control of the United States
(including any state or local
governmental agency), that administers,
or that has the authority to investigate
potential fraud, waste, or abuse in, a
health benefits program funded in
whole or in part by Federal funds, when
disclosure is deemed reasonably
necessary by CMS to prevent, deter,
discover, detect, investigate, examine,
prosecute, sue with respect to, defend
against, correct, remedy, or otherwise
E:\FR\FM\04OCN1.SGM
04OCN1
58624
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
combat fraud, waste, or abuse in such
programs.
Other agencies may require LVRD
information for the purpose of
combating fraud, waste, and abuse in
such Federally-funded programs.
rwilkins on PROD1PC63 with NOTICES
B. Additional Provisions Affecting
Routine Use Disclosures
This system contains Protected Health
Information (PHI) as defined by HHS
regulation ‘‘Standards for Privacy of
Individually Identifiable Health
Information’’ (45 Code of Federal
Regulation Parts 160 and 164, 65 Fed.
Reg. 82462 (12–28–00), Subparts A and
E. Disclosures of PHI authorized by
these routine uses may only be made if,
and as, permitted or required by the
‘‘Standards for Privacy of Individually
Identifiable Health Information.’’
In addition, our policy will be to
prohibit release even of data not directly
identifiable, except pursuant to one of
the routine uses or if required by law,
if we determine there is a possibility
that an individual can be identified
through implicit deduction based on
small cell sizes (instances where the
population is so small that one could
use this information to deduce the
identity of the individual).
IV. Safeguards
CMS has safeguards in place for
authorized users and monitors such
users to ensure against excessive or
unauthorized use. Personnel having
access to the system have been trained
in the Privacy Act and information
security requirements. Employees who
maintain records in this system are
instructed not to release data until the
intended recipient agrees to implement
appropriate management, operational
and technical safeguards sufficient to
protect the confidentiality, integrity and
availability of the information and
information systems and to prevent
unauthorized access.
This system will conform to all
applicable Federal laws and regulations
and Federal, HHS, and CMS policies
and standards as they relate to
information security and data privacy.
These laws and regulations include but
are not limited to: the Privacy Act of
1974; the Federal Information Security
Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the
Health Insurance Portability and
Accountability Act of 1996; the
E-Government Act of 2002, the ClingerCohen Act of 1996; the Medicare
Modernization Act of 2003, and the
corresponding implementing
regulations. OMB Circular A–130,
Management of Federal Resources,
Appendix III, Security of Federal
VerDate Aug<31>2005
14:45 Oct 03, 2006
Jkt 211001
Automated Information Resources also
applies. Federal, HHS, and CMS
policies and standards include but are
not limited to: all pertinent National
Institute of Standards and Technology
publications; the HHS Information
Systems Program Handbook and the
CMS Information Security Handbook.
V. Effects of the New System on
Individual Rights
CMS proposes to establish this system
in accordance with the principles and
requirements of the Privacy Act and will
collect, use, and disseminate
information only as prescribed therein.
Data in this system will be subject to the
authorized releases in accordance with
the routine uses identified in this
system.
CMS will take precautionary
measures (see item IV. above) to
minimize the risks of unauthorized
access to the records and the potential
harm to individual privacy or other
personal or property rights of patients
whose data is maintained in the system.
CMS will collect only that information
necessary to perform the system’s
functions. In addition, CMS will make
disclosure from the proposed system
only with consent of the subject
individual, or his/her legal
representative, or in accordance with an
applicable exception provision of the
Privacy Act.
CMS, therefore, does not anticipate an
unfavorable effect on individual privacy
as a result of maintaining this system.
Dated: September 19, 2006.
John R. Dyer,
Chief Operating Officer, Centers for Medicare
& Medicaid Services.
SYSTEM NUMBER 09–70–0582
SYSTEM NAME:
• ‘‘Low Vision Rehabilitation
Demonstration (LVRD)’’ HHS/CMS/
ORDI
SECURITY CLASSIFICATION:
Level 3 Privacy Act Sensitive
SYSTEM LOCATION:
This system is maintained at the
Centers for Medicare & Medicaid
Services (CMS) Data Center, 7500
Security Boulevard, North Building,
First Floor, Baltimore, Maryland 21244–
1850, and CMS contractors and agents at
various locations.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
The data will be collected and
maintained on individual beneficiaries
receiving the services and who
participate in Medicare Part B fee-forservice coverage, qualified physicians,
PO 00000
Frm 00049
Fmt 4703
Sfmt 4703
such as ophthalmologists or
optometrists, qualified occupational
therapists, and certified low vision
therapists, orientation and mobility
specialists, and vision rehabilitation
therapists (aka rehabilitation teachers)
who are certified by the Academy for
Certification of Vision Rehabilitation
Professionals.
CATEGORIES OF RECORDS IN THE SYSTEM:
The data collected will consist of, but
not limited to, clinical quality measures
collected from physicians participating
in the demonstration. The collected
information will contain provider name,
unique provider identification number,
unique demonstration practice
identification number, beneficiary
health insurance claim number (HICN),
beneficiary demographic and diagnostic
information relevant to the project.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The authority for maintenance of this
system is given under the provisions of
Section 641 of the Medicare
Prescription Drug, Improvement, and
Modernization Act of 2003 (Public Law
108–173), enacted into law on December
8, 2003, and amended Title XVIII of the
Social Security Act.
PURPOSE(S) OF THE SYSTEM:
The primary purpose of the system is
to collect and maintain identifiable
information on Medicare beneficiaries
who participate in Medicare Part B feefor-service coverage, qualified
physicians, such as ophthalmologists or
optometrists, qualified occupational
therapists, and vision rehabilitation
therapists who are certified by the
Academy for Certification of Vision
Rehabilitation Professionals.
Information retrieved from this system
will also be disclosed to: (1) Support
regulatory, reimbursement, and policy
functions performed within the agency
or by a contractor, consultant, or
grantee; (2) assist another Federal or
state agency with information to enable
such agency to administer a Federal
health benefits program, or to enable
such agency to fulfill a requirement of
Federal statute or regulation that
implements a health benefits program
funded in whole or in part with Federal
funds; (3) assist an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects; (4) support litigation
involving the agency; and (5) combat
fraud, waste, and abuse in certain health
benefits programs.
E:\FR\FM\04OCN1.SGM
04OCN1
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OR USERS AND
THE PURPOSES OF SUCH USES:
rwilkins on PROD1PC63 with NOTICES
A. ENTITIES WHO MAY RECEIVE DISCLOSURES
UNDER ROUTINE USE
The Privacy Act allows us to disclose
information without an individual’s
consent if the information is to be used
for a purpose that is compatible with the
purpose(s) for which the information
was collected. Any such compatible use
of data is known as a ‘‘routine use.’’ The
proposed routine uses in this system
meet the compatibility requirement of
the Privacy Act. We are proposing to
establish the following routine use
disclosures of information maintained
in the system:
1. To support agency contractors,
consultants, or grantees who have been
contracted by the agency to assist in the
performance of a service related to this
system and who need to have access to
the records in order to perform the
activity.
2. To assist another Federal or state
agency to:
a. Contribute to the accuracy of CMS’s
proper payment of Medicare benefits,
b. Enable such agency to administer a
Federal health benefits program, or as
necessary to enable such agency to
fulfill a requirement of a Federal statute
or regulation that implements a health
benefits program funded in whole or in
part with Federal funds, and/or
3. To assist an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects.
4. To support the Department of
Justice (DOJ), court or adjudicatory body
when:
a. The agency or any component
thereof, or
b. Any employee of the agency in his
or her official capacity, or
c. Aany employee of the agency in his
or her individual capacity where the
DOJ has agreed to represent the
employee, or
d. The United States Government is a
party to litigation or has an interest in
such litigation, and by careful review,
CMS determines that the records are
both relevant and necessary to the
litigation and that the use of such
records by the DOJ, court or
adjudicatory body is compatible with
the purpose for which the agency
collected the records.
5. To assist a CMS contractor
(including, but not necessarily limited
to fiscal intermediaries and carriers) that
assists in the administration of a CMS-
VerDate Aug<31>2005
16:06 Oct 03, 2006
Jkt 211001
administered health benefits program,
or to a grantee of a CMS-administered
grant program, when disclosure is
deemed reasonably necessary by CMS to
prevent, deter, discover, detect,
investigate, examine, prosecute, sue
with respect to, defend against, correct,
remedy, or otherwise combat fraud,
waste, or abuse in such program.
6. To assist another Federal agency or
to an instrumentality of any
governmental jurisdiction within or
under the control of the United States
(including any state or local
governmental agency), that administers,
or that has the authority to investigate
potential fraud, waste, or abuse in, a
health benefits program funded in
whole or in part by Federal funds, when
disclosure is deemed reasonably
necessary by CMS to prevent, deter,
discover, detect, investigate, examine,
prosecute, sue with respect to, defend
against, correct, remedy, or otherwise
combat fraud, waste, or abuse in such
programs.
B. ADDITIONAL PROVISIONS AFFECTING ROUTINE
USE DISCLOSURES
This system contains Protected Health
Information (PHI) as defined by HHS
regulation ‘‘Standards for Privacy of
Individually Identifiable Health
Information’’ (45 Code of Federal
Regulation Parts 160 and 164, 65 Fed.
Reg. 82462 (12–28–00), Subparts A and
E. Disclosures of PHI authorized by
these routine uses may only be made if,
and as, permitted or required by the
‘‘Standards for Privacy of Individually
Identifiable Health Information.’’
In addition, our policy will be to
prohibit release even of data not directly
identifiable, except pursuant to one of
the routine uses or if required by law,
if we determine there is a possibility
that an individual can be identified
through implicit deduction based on
small cell sizes (instances where the
population is so small that one could
use this information to deduce the
identity of the individual).
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
All records are stored on magnetic
media.
58625
SAFEGUARDS:
CMS has safeguards in place for
authorized users and monitors such
users to ensure against excessive or
unauthorized use. Personnel having
access to the system have been trained
in the Privacy Act and information
security requirements. Employees who
maintain records in this system are
instructed not to release data until the
intended recipient agrees to implement
appropriate management, operational
and technical safeguards sufficient to
protect the confidentiality, integrity and
availability of the information and
information systems and to prevent
unauthorized access.
This system will conform to all
applicable Federal laws and regulations
and Federal, HHS, and CMS policies
and standards as they relate to
information security and data privacy.
These laws and regulations include but
are not limited to: the Privacy Act of
1974; the Federal Information Security
Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the
Health Insurance Portability and
Accountability Act of 1996; the EGovernment Act of 2002, the ClingerCohen Act of 1996; the Medicare
Modernization Act of 2003, and the
corresponding implementing
regulations. Office of Management and
Budget Circular A–130, Management of
Federal Resources, Appendix III,
Security of Federal Automated
Information Resources also applies.
Federal, HHS, and CMS policies and
standards include but are not limited to:
all pertinent National Institute of
Standards and Technology publications;
the HHS Information Systems Program
Handbook and the CMS Information
Security Handbook.
RETENTION AND DISPOSAL:
CMS will retain identifiable
information maintained in the LVRD
system of records for a period of 6 years.
Data residing with the designated claims
payment contractor shall be returned to
CMS at the end of the project, with all
data then being the responsibility of
CMS for adequate storage and security.
All claims-related records are
encompassed by the document
preservation order and will be retained
until notification is received from the
DOJ.
RETRIEVABILITY:
Information collected will be
retrieved by the name or other
identifying information of the
participating provider, and may also be
retrievable by HICN at the individual
beneficiary record level.
PO 00000
Frm 00050
Fmt 4703
Sfmt 4703
SYSTEM MANAGER AND ADDRESS:
Director, Research and Evaluation
Group, Office of Research Development
and Information, CMS, 7500 Security
Boulevard, Mail stop C3–18–07,
Baltimore, Maryland, 21244–1850.
E:\FR\FM\04OCN1.SGM
04OCN1
58626
Federal Register / Vol. 71, No. 192 / Wednesday, October 4, 2006 / Notices
NOTIFICATION PROCEDURE:
For purpose of access, the subject
individual should write to the system
manager who will require the system
name, and for verification purposes, the
subject individual’s name, provider
identification number, and the patient’s
medical record number.
RECORD ACCESS PROCEDURE:
For purpose of access, use the same
procedures outlined in Notification
Procedures above. Requestors should
also reasonably specify the record
contents being sought. (These
procedures are in accordance with
Department regulation 45 CFR
5b.5(a)(2)).
CONTESTING RECORD PROCEDURES:
The subject individual should contact
the system manager named above, and
reasonably identify the record and
specify the information to be contested.
State the corrective action sought and
the reasons for the correction with
supporting justification. (These
procedures are in accordance with
Department regulation 45 CFR 5b.7).
RECORD SOURCE CATEGORIES:
Information maintained in this system
will be collected from physicians
volunteering to participate in the LVRD
Demonstration. Additional data will be
collected from Medicare claims
payment records.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS
OF THE ACT:
None.
[FR Doc. E6–16329 Filed 10–3–06; 8:45 am]
BILLING CODE 4120–03–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Administration for Children and
Families
Administration on Children, Youth and
Families
Administration on Children,
Youth and Families, Administration for
Children and Families.
ACTION: Single-Source Non-Competitive
Continuation Award.
rwilkins on PROD1PC63 with NOTICES
AGENCY:
CFDA Number: 93.557.
Legislative Authority: Public Law
(Pub. L.) 108–96, Runaway, Homeless,
and Missing Children Protection Act of
2003.
Amount of Award: $100,000 for one
year.
Project Period: 09/30/2006—09/29/
2007.
This notice announces the award of a
single-source non-competitive
VerDate Aug<31>2005
14:45 Oct 03, 2006
Jkt 211001
continuation grant to the Fairbanks
Counseling and Adoption (FCA) to
complete the third and final year of a
grant awarded originally to the
Fairbanks Native Association (FNA).
FCA was awarded a one-year noncompetitive successor grant to provide
street outreach services when this grant
was relinquished by Fairbanks Native
Association (FNA) in Fiscal Year 2005.
FNA, a nonprofit agency in Fairbanks,
AK, was awarded a Street Outreach
grant in Fiscal Year 2004. Since FNA
was no longer able to effectively
administer the grant or accomplish the
project goals, the organization
relinquished the grant effective July 1,
2005. On September 14, 2005, FCA was
awarded a single-source successor grant
to replace FNA as grantee. FCA is a
leader in assessing the needs and
benefits of positive youth development
in Fairbanks, Alaska. There was very
little disruption of activities during the
transfer of the grant. Continuation of
these activities in central Alaska by an
entity that already supports homeless
youth is the best option for a successful
completion of the project. The need for
these street outreach services still exists
as it did when the grant was originally
awarded in the year 2004. There will be
no significant change in project
activities.
For Further Information Contact:
Curtis Porter, Director, Youth
Development Division, Family and
Youth Services Bureau, Administration
for Children, Youth and Families,
Administration for Children and
Families, Portals Building, Suite 800,
1250 Maryland Avenue, SW.,
Washington, DC 20024. Telephone:
202–205–8102.
Dated: September 27, 2006.
Joan E. Ohl,
Commissioner, Administration on Youth and
Families.
[FR Doc. E6–16360 Filed 10–3–06; 8:45 am]
BILLING CODE 4184–01–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Administration for Children and
Families
Administration on Children, Youth and
Families Children’s Bureau
AGENCY: Children’s Bureau,
Administration on Children, Youth and
Families, Administration for Children
and Families.
ACTION: Single-Source Program
Expansion Supplement.
PO 00000
CFDA: 93.670.
Frm 00051
Fmt 4703
Sfmt 4703
Legislative Authority: Title II Child
Abuse Prevention and Treatment Act
[42 U.S.C. 5116 et seq.]
Amount of Award: $250,000 for one
year.
Project Period: 9/30/2006–9/29/2007.
Justification for the supplement: The
program expansion supplement will
increase the capacity of the FRIENDS
National Resource Center for
Community-Based Child Abuse
Prevention (CBCAP) to provide training
and technical assistance to State
formula grantees.
Contact for Further Information:
Melissa Lim Brodowski, Children’s
Bureau, Portals Building, Suite 8127,
1250 Maryland Avenue, SW.,
Washington, DC 20024.
Telephone Number: (202) 205–2629.
Dated: September 27, 2006.
Joan E. Ohl,
Commissioner, Administration on Children,
Youth and Families.
[FR Doc. E6–16361 Filed 10–3–06; 8:45 am]
BILLING CODE 4184–01–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Administration for Children and
Families
Administration on Developmental
Disabilities
Administration on
Developmental Disabilities,
Administration for Children and
Families.
ACTION: Single-Source Non-Competitive
Continuation Award.
AGENCY:
CFDA Number: 93.632.
Legislative Authority: Public Law
(Pub. L.) 106–402, Developmental
Disabilities Assistance and Bill of Rights
Act of 2000.
Amount of Award: $60,000 for one
year.
Project Period: September 30, 2006—
September 29, 2007.
This notice announces the award of a
single-source non-competition
continuation award to the Human
Development Center, Louisiana State
University to supplement grant award
90DD0583 to fund a project that would
address the needs of individuals with
developmental disabilities affected by
Hurricane Katrina.
This proposed project falls under the
community services core function of the
University Centers for Excellence in
Developmental Disabilities, Research
and Services (UCEDD) program. The
project proposes to address the needs of
an underserved and unserved
E:\FR\FM\04OCN1.SGM
04OCN1
]]>Agencies
[Federal Register Volume 71, Number 192 (Wednesday, October 4, 2006)]
[Notices]
[Pages 58621-58626]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E6-16329]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
Privacy Act of 1974; Report of a New System of Records
AGENCY: Department of Health and Human Services (HHS), Centers for
Medicare & Medicaid Services (CMS).
ACTION: Notice of a New System of Records (SOR).
-----------------------------------------------------------------------
SUMMARY: In accordance with the requirements of the Privacy Act of
1974, we are proposing to establish a new SOR titled ``Low Vision
Rehabilitation Demonstration (LVRD),'' System No. 09-70-0582. The
program is mandated by Section 641 of the Medicare Prescription Drug
Improvement and Modernization Act of 2003 (MMA) (Public Law (Pub. L.)
108-173), enacted into law on December 8, 2003, and amended Title XVIII
of the Social Security Act (the Act). The LVRD program seeks to
establish a new demonstration project to examine Medicare beneficiaries
who are diagnosed with moderate to severe visual impairment and who may
be eligible to receive covered vision rehabilitating services.
Rehabilitation may be conducted under general supervision of a
qualified physician in an appropriate setting including in the home of
the beneficiary receiving the services. Improvements in these areas are
expected to generate savings to the Medicare program to offset the
costs of the performance payments.
The primary purpose of the system is to collect and maintain
identifiable information on Medicare beneficiaries who participate in
Medicare Part B fee-for-service coverage, qualified physicians, such as
ophthalmologists or optometrists, qualified occupational therapists,
and vision rehabilitation therapists who are certified by the Academy
for Certification of Vision Rehabilitation Professionals. Information
retrieved from this system will also be disclosed to: (1) Support
regulatory, reimbursement, and policy functions performed within the
agency or by a contractor, consultant, or grantee; (2) assist another
Federal or state agency with information to enable such agency to
administer a Federal health benefits program, or to enable such agency
to fulfill a requirement of Federal statute or regulation that
implements a health benefits program funded in whole or in part with
Federal funds; (3) assist an individual or organization for a research
project or in support of an evaluation project related to the
prevention of disease or disability, the restoration or maintenance of
health, or payment related projects; (4) support litigation involving
the agency; and (5) combat fraud, waste, and abuse in certain health
benefits programs. We have provided background information about the
new system in the Supplementary Information section below. Although the
Privacy Act requires only that CMS provide an opportunity for
interested persons to comment on the proposed routine uses, CMS invites
comments on all portions of this notice. See Effective Dates section
for comment period.
Effective Dates: CMS filed a new system report with the Chair of the
House Committee on Government Reform and Oversight, the Chair of the
Senate Committee on Homeland Security and Governmental Affairs, and the
Administrator, Office of Information and Regulatory Affairs, Office of
Management and Budget (OMB) on 09/27/2006. In any event, we will not
disclose any information under a routine use until 30 days after
publication in the Federal Register or
[[Page 58622]]
40 days after mailings to Congress, whichever is later. We may defer
implementation of this system or on one or more of the routine uses
listed below if we receive comments that persuade us to defer
implementation.
ADDRESSES: The public should address comments to the CMS Privacy
Officer, Division of Privacy Compliance, Enterprise Architecture and
Strategy Group, Office of Information Services, Mail-stop N2-04-27,
7500 Security Boulevard, Baltimore, Maryland 21244-1850. Comments
received will be available for review at this location by appointment
during regular business hours, Monday through Friday from 9 a.m.-3
p.m., eastern time.
FOR FURTHER INFORMATION CONTACT: Joel Greer, Social Science Research
Analyst, Division of Beneficiary Research, Research & Evaluation Group,
Office of Research Development and Information, CMS, Mail Stop C3-18-
07, 7500 Security Boulevard, Baltimore, Maryland 21244-1850. The
telephone number is (410) 786-6695 or e-mail joel.greer@cms.hhs.gov.
SUPPLEMENTARY INFORMATION: Section 641 of MMA requires the Secretary of
Health and Human Services to carry out a nationwide outpatient vision
rehabilitation services demonstration project. Under this LVRD,
Medicare will cover vision rehabilitation services for people with a
diagnosis of moderate or severe vision impairment including blindness
that is not correctable by conventional methods, such as glasses or
surgery. Demonstration covered services will only be available to
Medicare beneficiaries who live in one of the specified demonstration
locales and must be prescribed by a qualified physician, such as an
ophthalmologist or an optometrist who also practice in one of the
specified demonstration locales.
LVRD locales will include New Hampshire, New York City (all 5
boroughs), Atlanta, GA., North Carolina, Kansas, and Washington State.
Eligible beneficiaries who live in these areas and receive their
medical eye care from an ophthalmologist or an optometrist who practice
in these areas could be covered for up to 9 hours of rehabilitation
services provided in an appropriate setting, including in the home. For
many with visual impairments, rehabilitation training can help them
maintain their independence and quality of life. Rehabilitation can
help prevent accidents, like falls and burns that often occur when
someone cannot navigate well due to vision loss.
Under LVRD, Medicare will cover vision rehabilitation services for
people with a diagnosis of moderate or severe vision impairment
including blindness that is not correctable by conventional methods,
such as glasses or surgery. Rehabilitation may be conducted under
general supervision of a qualified physician in appropriate settings
including in the home of the beneficiary receiving the services.
Rehabilitation must be prescribed by a qualified physician and
administered under an individualized, written plan or care developed by
a qualified physician or qualified occupational therapist in private
practice (OTPP). The plan of care must contain a specific diagnosis of
visual impairment and must assure that vision rehabilitation services
are medically necessary and the beneficiary receiving vision
rehabilitation is capable of deriving benefit from the rehabilitation.
Under the demonstration, services will be covered when provided by a
qualified occupational therapist, or by a low vision therapist,
orientation and mobility specialist, or vision rehabilitation
therapists (aka rehabilitation teachers) who are certified by the
Academy for Certification of Vision Rehabilitation Professionals
(ACVREP).
Rehabilitation will be judged completed when the treatment goals
have been attained and any subsequent services would be for maintenance
of a level of functional ability or when the patient has demonstrated
no progress on two consecutive visits. All services covered under this
demonstration are one-on-one, face to face services. Group services
will not be covered.
Some areas of the country provide Medicare coverage for vision
rehabilitation services under local coverage decisions (LCDs). LCDs
allow Medicare to pay for vision rehabilitation when provided by
qualified personnel, such as occupational therapists. LCDs may also
allow coverage for vision rehabilitation when provided in the home by a
qualified OTPP under general supervision. The LVRD does not supersede
LCDs whether services are provided in a demonstration locale, or not.
Physicians and other providers who are not practicing in a designated
demonstration locale may submit claims for vision rehabilitation as LCD
covered therapy services, as before. Physicians and providers who are
practicing designated demonstration locale may submit claims as either
demonstration-related services or LCD covered therapy services, or
both. However, in non-demonstration related services, LCD will not
cover services provided by orientation and mobility specialists, low
vision therapists, or vision rehabilitation therapists and only OTPP
can provide rehabilitation services in the home.
I. Description of the New System of Records
A. Statutory and Regulatory Basis for System
The authority for maintenance of this system is given under the
provisions of Section 641 of the Medicare Prescription Drug,
Improvement, and Modernization Act of 2003 (MMA) (Public Law 108-173),
enacted into law on December 8, 2003, and amended Title XVIII of the
Social Security Act.
B. Collection and Maintenance of Data in the System
The data will be collected and maintained on individual
beneficiaries receiving the services and who participate in Medicare
Part B fee-for-service coverage, qualified physicians, such as
ophthalmologists or optometrists, qualified occupational therapists,
and certified low vision therapists, orientation and mobility
specialists, and vision rehabilitation therapists (aka rehabilitation
teachers) who are certified by the Academy for Certification of Vision
Rehabilitation Professionals.
The data collected will consist of, but not limited to, clinical
quality measures collected from physicians participating in the
demonstration. The collected information will contain provider name,
unique provider identification number, unique demonstration practice
identification number, beneficiary health insurance claim number
(HICN), beneficiary demographic and diagnostic information relevant to
the project.
II. Agency Policies, Procedures, and Restrictions on the Routine Use
A. The Privacy Act permits us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected. Any such disclosure of data is known as a ``routine use.''
The government will only release LVRD information that can be
associated with an individual as provided for under ``Section III.
Proposed Routine Use Disclosures of Data in the System.'' Both
identifiable and non-identifiable data may be disclosed under a routine
use.
We will only collect the minimum personal data necessary to achieve
the purpose of LVRD. CMS has the following policies and procedures
concerning disclosures of information that will be maintained in the
system. Disclosure of information from the
[[Page 58623]]
system will be approved only to the extent necessary to accomplish the
purpose of the disclosure and only after CMS:
1. Determines that the use or disclosure is consistent with the
reason that the data is being collected, e.g., to collect and maintain
identifiable information on Medicare beneficiaries who participate in
Medicare Part B fee-for-service coverage.
2. Determines that:
a. The purpose for which the disclosure is to be made can only be
accomplished if the record is provided in individually identifiable
form;
b. The purpose for which the disclosure is to be made is of
sufficient importance to warrant the effect and/or risk on the privacy
of the individual that additional exposure of the record might bring;
and
c. There is a strong probability that the proposed use of the data
would in fact accomplish the stated purpose(s).
3. Requires the information recipient to:
a. Establish administrative, technical, and physical safeguards to
prevent unauthorized use of disclosure of the record;
b. Remove or destroy at the earliest time all individually
identifiable information; and
c. Agree to not use or disclose the information for any purpose
other than the stated purpose under which the information was
disclosed.
4. Determines that the data are valid and reliable.
III. Proposed Routine Use Disclosures of Data in the System
A. Entities Who May Receive Disclosures Under Routine Use
The Privacy Act allows us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected. Any such compatible use of data is known as a ``routine
use.'' The proposed routine uses in this system meet the compatibility
requirement of the Privacy Act. We are proposing to establish the
following routine use disclosures of information maintained in the
system:
1. To support agency contractors, consultants, or grantees who have
been contracted by the agency to assist in the performance of a service
related to this system and who need to have access to the records in
order to perform the activity.
We contemplate disclosing information under this routine use only
in situations in which CMS may enter into a contractual or similar
agreement with a third party to assist in accomplishing agency business
functions relating to purposes for this system.
CMS occasionally contracts out certain of its functions when doing
so would contribute to effective and efficient operations. CMS must be
able to give contractors, consultants, or grantees whatever information
is necessary for the contractor to fulfill its duties. In these
situations, safeguards are provided in the contract prohibiting the
contractors, consultants, or grantees from using or disclosing the
information for any purpose other than that described in the contract
and requires the contractors, consultants, or grantees to return or
destroy all information at the completion of the contract.
2. To assist another Federal or state agency to:
a. Contribute to the accuracy of CMS's proper payment of Medicare
benefits,
b. Enable such agency to administer a Federal health benefits
program, or as necessary to enable such agency to fulfill a requirement
of a Federal statute or regulation that implements a health benefits
program funded in whole or in part with Federal funds, and/or
Other Federal or state agencies in their administration of a
Federal health program may require LVRD information in order to support
evaluations and monitoring of Medicare claims information of
beneficiaries, including proper reimbursement for services provided.
3. To assist an individual or organization for a research project
or in support of an evaluation project related to the prevention of
disease or disability, the restoration or maintenance of health, or
payment related projects.
The LVRD data will provide for research or in support of evaluation
projects, a broader, longitudinal, national perspective of the status
of Medicare beneficiaries. CMS anticipates that many researchers will
have legitimate requests to use these data in projects that could
ultimately improve the care provided to Medicare beneficiaries and the
policy that governs the care.
4. To support the Department of Justice (DOJ), court or
adjudicatory body when:
a. The agency or any component thereof, or
b. Any employee of the agency in his or her official capacity, or
c. Any employee of the agency in his or her individual capacity
where the DOJ has agreed to represent the employee, or
d. The United States Government is a party to litigation or has an
interest in such litigation, and by careful review, CMS determines that
the records are both relevant and necessary to the litigation and that
the use of such records by the DOJ, court or adjudicatory body is
compatible with the purpose for which the agency collected the records.
Whenever CMS is involved in litigation, and occasionally when
another party is involved in litigation and CMS' policies or operations
could be affected by the outcome of the litigation, CMS would be able
to disclose information to the DOJ, court or adjudicatory body
involved.
5. To assist a CMS contractor (including, but not necessarily
limited to fiscal intermediaries and carriers) that assists in the
administration of a CMS-administered health benefits program, or to a
grantee of a CMS-administered grant program, when disclosure is deemed
reasonably necessary by CMS to prevent, deter, discover, detect,
investigate, examine, prosecute, sue with respect to, defend against,
correct, remedy, or otherwise combat fraud, waste, or abuse in such
program.
We contemplate disclosing information under this routine use only
in situations in which CMS may enter into a contractual relationship or
grant with a third party to assist in accomplishing CMS functions
relating to the purpose of combating fraud, waste, and abuse.
CMS occasionally contracts out certain of its functions and makes
grants when doing so would contribute to effective and efficient
operations. CMS must be able to give a contractor or grantee whatever
information is necessary for the contractor or grantee to fulfill its
duties. In these situations, safeguards are provided in the contract
prohibiting the contractor or grantee from using or disclosing the
information for any purpose other than that described in the contract
and requiring the contractor or grantee to return or destroy all
information.
6. To assist another Federal agency or to an instrumentality of any
governmental jurisdiction within or under the control of the United
States (including any state or local governmental agency), that
administers, or that has the authority to investigate potential fraud,
waste, or abuse in, a health benefits program funded in whole or in
part by Federal funds, when disclosure is deemed reasonably necessary
by CMS to prevent, deter, discover, detect, investigate, examine,
prosecute, sue with respect to, defend against, correct, remedy, or
otherwise
[[Page 58624]]
combat fraud, waste, or abuse in such programs.
Other agencies may require LVRD information for the purpose of
combating fraud, waste, and abuse in such Federally-funded programs.
B. Additional Provisions Affecting Routine Use Disclosures
This system contains Protected Health Information (PHI) as defined
by HHS regulation ``Standards for Privacy of Individually Identifiable
Health Information'' (45 Code of Federal Regulation Parts 160 and 164,
65 Fed. Reg. 82462 (12-28-00), Subparts A and E. Disclosures of PHI
authorized by these routine uses may only be made if, and as, permitted
or required by the ``Standards for Privacy of Individually Identifiable
Health Information.''
In addition, our policy will be to prohibit release even of data
not directly identifiable, except pursuant to one of the routine uses
or if required by law, if we determine there is a possibility that an
individual can be identified through implicit deduction based on small
cell sizes (instances where the population is so small that one could
use this information to deduce the identity of the individual).
IV. Safeguards
CMS has safeguards in place for authorized users and monitors such
users to ensure against excessive or unauthorized use. Personnel having
access to the system have been trained in the Privacy Act and
information security requirements. Employees who maintain records in
this system are instructed not to release data until the intended
recipient agrees to implement appropriate management, operational and
technical safeguards sufficient to protect the confidentiality,
integrity and availability of the information and information systems
and to prevent unauthorized access.
This system will conform to all applicable Federal laws and
regulations and Federal, HHS, and CMS policies and standards as they
relate to information security and data privacy. These laws and
regulations include but are not limited to: the Privacy Act of 1974;
the Federal Information Security Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the Health Insurance Portability and
Accountability Act of 1996; the E-Government Act of 2002, the Clinger-
Cohen Act of 1996; the Medicare Modernization Act of 2003, and the
corresponding implementing regulations. OMB Circular A-130, Management
of Federal Resources, Appendix III, Security of Federal Automated
Information Resources also applies. Federal, HHS, and CMS policies and
standards include but are not limited to: all pertinent National
Institute of Standards and Technology publications; the HHS Information
Systems Program Handbook and the CMS Information Security Handbook.
V. Effects of the New System on Individual Rights
CMS proposes to establish this system in accordance with the
principles and requirements of the Privacy Act and will collect, use,
and disseminate information only as prescribed therein. Data in this
system will be subject to the authorized releases in accordance with
the routine uses identified in this system.
CMS will take precautionary measures (see item IV. above) to
minimize the risks of unauthorized access to the records and the
potential harm to individual privacy or other personal or property
rights of patients whose data is maintained in the system. CMS will
collect only that information necessary to perform the system's
functions. In addition, CMS will make disclosure from the proposed
system only with consent of the subject individual, or his/her legal
representative, or in accordance with an applicable exception provision
of the Privacy Act.
CMS, therefore, does not anticipate an unfavorable effect on
individual privacy as a result of maintaining this system.
Dated: September 19, 2006.
John R. Dyer,
Chief Operating Officer, Centers for Medicare & Medicaid Services.
SYSTEM NUMBER 09-70-0582
System Name:
``Low Vision Rehabilitation Demonstration (LVRD)'' HHS/
CMS/ORDI
Security Classification:
Level 3 Privacy Act Sensitive
System Location:
This system is maintained at the Centers for Medicare & Medicaid
Services (CMS) Data Center, 7500 Security Boulevard, North Building,
First Floor, Baltimore, Maryland 21244-1850, and CMS contractors and
agents at various locations.
Categories of Individuals Covered by the System:
The data will be collected and maintained on individual
beneficiaries receiving the services and who participate in Medicare
Part B fee-for-service coverage, qualified physicians, such as
ophthalmologists or optometrists, qualified occupational therapists,
and certified low vision therapists, orientation and mobility
specialists, and vision rehabilitation therapists (aka rehabilitation
teachers) who are certified by the Academy for Certification of Vision
Rehabilitation Professionals.
Categories of Records in the System:
The data collected will consist of, but not limited to, clinical
quality measures collected from physicians participating in the
demonstration. The collected information will contain provider name,
unique provider identification number, unique demonstration practice
identification number, beneficiary health insurance claim number
(HICN), beneficiary demographic and diagnostic information relevant to
the project.
Authority For Maintenance Of The System:
The authority for maintenance of this system is given under the
provisions of Section 641 of the Medicare Prescription Drug,
Improvement, and Modernization Act of 2003 (Public Law 108-173),
enacted into law on December 8, 2003, and amended Title XVIII of the
Social Security Act.
PURPOSE(S) OF THE SYSTEM:
The primary purpose of the system is to collect and maintain
identifiable information on Medicare beneficiaries who participate in
Medicare Part B fee-for-service coverage, qualified physicians, such as
ophthalmologists or optometrists, qualified occupational therapists,
and vision rehabilitation therapists who are certified by the Academy
for Certification of Vision Rehabilitation Professionals. Information
retrieved from this system will also be disclosed to: (1) Support
regulatory, reimbursement, and policy functions performed within the
agency or by a contractor, consultant, or grantee; (2) assist another
Federal or state agency with information to enable such agency to
administer a Federal health benefits program, or to enable such agency
to fulfill a requirement of Federal statute or regulation that
implements a health benefits program funded in whole or in part with
Federal funds; (3) assist an individual or organization for a research
project or in support of an evaluation project related to the
prevention of disease or disability, the restoration or maintenance of
health, or payment related projects; (4) support litigation involving
the agency; and (5) combat fraud, waste, and abuse in certain health
benefits programs.
[[Page 58625]]
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OR USERS AND THE PURPOSES OF SUCH USES:
A. Entities Who May Receive Disclosures Under Routine Use
The Privacy Act allows us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected. Any such compatible use of data is known as a ``routine
use.'' The proposed routine uses in this system meet the compatibility
requirement of the Privacy Act. We are proposing to establish the
following routine use disclosures of information maintained in the
system:
1. To support agency contractors, consultants, or grantees who have
been contracted by the agency to assist in the performance of a service
related to this system and who need to have access to the records in
order to perform the activity.
2. To assist another Federal or state agency to:
a. Contribute to the accuracy of CMS's proper payment of Medicare
benefits,
b. Enable such agency to administer a Federal health benefits
program, or as necessary to enable such agency to fulfill a requirement
of a Federal statute or regulation that implements a health benefits
program funded in whole or in part with Federal funds, and/or
3. To assist an individual or organization for a research project
or in support of an evaluation project related to the prevention of
disease or disability, the restoration or maintenance of health, or
payment related projects.
4. To support the Department of Justice (DOJ), court or
adjudicatory body when:
a. The agency or any component thereof, or
b. Any employee of the agency in his or her official capacity, or
c. Aany employee of the agency in his or her individual capacity
where the DOJ has agreed to represent the employee, or
d. The United States Government is a party to litigation or has an
interest in such litigation, and by careful review, CMS determines that
the records are both relevant and necessary to the litigation and that
the use of such records by the DOJ, court or adjudicatory body is
compatible with the purpose for which the agency collected the records.
5. To assist a CMS contractor (including, but not necessarily
limited to fiscal intermediaries and carriers) that assists in the
administration of a CMS-administered health benefits program, or to a
grantee of a CMS-administered grant program, when disclosure is deemed
reasonably necessary by CMS to prevent, deter, discover, detect,
investigate, examine, prosecute, sue with respect to, defend against,
correct, remedy, or otherwise combat fraud, waste, or abuse in such
program.
6. To assist another Federal agency or to an instrumentality of any
governmental jurisdiction within or under the control of the United
States (including any state or local governmental agency), that
administers, or that has the authority to investigate potential fraud,
waste, or abuse in, a health benefits program funded in whole or in
part by Federal funds, when disclosure is deemed reasonably necessary
by CMS to prevent, deter, discover, detect, investigate, examine,
prosecute, sue with respect to, defend against, correct, remedy, or
otherwise combat fraud, waste, or abuse in such programs.
B. Additional Provisions Affecting Routine Use Disclosures
This system contains Protected Health Information (PHI) as defined
by HHS regulation ``Standards for Privacy of Individually Identifiable
Health Information'' (45 Code of Federal Regulation Parts 160 and 164,
65 Fed. Reg. 82462 (12-28-00), Subparts A and E. Disclosures of PHI
authorized by these routine uses may only be made if, and as, permitted
or required by the ``Standards for Privacy of Individually Identifiable
Health Information.''
In addition, our policy will be to prohibit release even of data
not directly identifiable, except pursuant to one of the routine uses
or if required by law, if we determine there is a possibility that an
individual can be identified through implicit deduction based on small
cell sizes (instances where the population is so small that one could
use this information to deduce the identity of the individual).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
All records are stored on magnetic media.
RETRIEVABILITY:
Information collected will be retrieved by the name or other
identifying information of the participating provider, and may also be
retrievable by HICN at the individual beneficiary record level.
SAFEGUARDS:
CMS has safeguards in place for authorized users and monitors such
users to ensure against excessive or unauthorized use. Personnel having
access to the system have been trained in the Privacy Act and
information security requirements. Employees who maintain records in
this system are instructed not to release data until the intended
recipient agrees to implement appropriate management, operational and
technical safeguards sufficient to protect the confidentiality,
integrity and availability of the information and information systems
and to prevent unauthorized access.
This system will conform to all applicable Federal laws and
regulations and Federal, HHS, and CMS policies and standards as they
relate to information security and data privacy. These laws and
regulations include but are not limited to: the Privacy Act of 1974;
the Federal Information Security Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the Health Insurance Portability and
Accountability Act of 1996; the E-Government Act of 2002, the Clinger-
Cohen Act of 1996; the Medicare Modernization Act of 2003, and the
corresponding implementing regulations. Office of Management and Budget
Circular A-130, Management of Federal Resources, Appendix III, Security
of Federal Automated Information Resources also applies. Federal, HHS,
and CMS policies and standards include but are not limited to: all
pertinent National Institute of Standards and Technology publications;
the HHS Information Systems Program Handbook and the CMS Information
Security Handbook.
RETENTION AND DISPOSAL:
CMS will retain identifiable information maintained in the LVRD
system of records for a period of 6 years. Data residing with the
designated claims payment contractor shall be returned to CMS at the
end of the project, with all data then being the responsibility of CMS
for adequate storage and security. All claims-related records are
encompassed by the document preservation order and will be retained
until notification is received from the DOJ.
SYSTEM MANAGER AND ADDRESS:
Director, Research and Evaluation Group, Office of Research
Development and Information, CMS, 7500 Security Boulevard, Mail stop
C3-18-07, Baltimore, Maryland, 21244-1850.
[[Page 58626]]
NOTIFICATION PROCEDURE:
For purpose of access, the subject individual should write to the
system manager who will require the system name, and for verification
purposes, the subject individual's name, provider identification
number, and the patient's medical record number.
RECORD ACCESS PROCEDURE:
For purpose of access, use the same procedures outlined in
Notification Procedures above. Requestors should also reasonably
specify the record contents being sought. (These procedures are in
accordance with Department regulation 45 CFR 5b.5(a)(2)).
CONTESTING RECORD PROCEDURES:
The subject individual should contact the system manager named
above, and reasonably identify the record and specify the information
to be contested. State the corrective action sought and the reasons for
the correction with supporting justification. (These procedures are in
accordance with Department regulation 45 CFR 5b.7).
RECORD SOURCE CATEGORIES:
Information maintained in this system will be collected from
physicians volunteering to participate in the LVRD Demonstration.
Additional data will be collected from Medicare claims payment records.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
[FR Doc. E6-16329 Filed 10-3-06; 8:45 am]
BILLING CODE 4120-03-P
