Midnight on November 9, 2009 is the deadline to respond to request for comments of the Drug Enforcement Administration (DEA) on how best to standardize the specific internal code number associated with each individual practitioner permitted by the hospital or other institutional practitioner to administer, dispense, or prescribe controlled substances using that institution’s DEA registration.
DEA is soliciting public input in response to comments received to its Notice of Proposed Rulemaking “Electronic Prescriptions for Controlled Substances” regarding electronic prescriptions for controlled substances published on June 27, 2008, 73 FR 36722. In that Notice, DEA proposed:
- That pharmacy applications receiving electronic prescriptions for controlled substances be capable of reading and retaining the full DEA registration number, including any extensions, or other identification numbers used under 21 CFR 1306.05(c).
- That the full number including extensions must be retained in the prescription record.
- That the pharmacy application must verify that the practitioner’s DEA registration was valid at the time the prescription was signed by checking the DEA CSA database or by having another entity check the DEA CSA database during transmission and indicate on the record that the check has occurred and the registration is valid.
- That the pharmacy application must reject prescriptions signed by practitioners without valid DEA registrations.
- Every person who dispenses controlled substances is required to obtain a DEA registration under the Comprehensive Drug Abuse Prevention and Control Act of 1970, often referred to as the Controlled Substances Act (CSA) and the Controlled Substances Import and Export Act (21 U.S.C. 801-971), (CSA).
- An individual practitioner who is an agent or employee of a hospital or other institution registered with DEA may use the DEA registration of that hospital or other institution to administer, dispense, or prescribe controlled substances in accordance with the regulations (21 CFR 1301.22(c)). Specifically, an individual practitioner who is an agent or employee of a hospital or other institution may, when acting in the normal course of business or employment, administer, dispense, or prescribe controlled substances under the registration of the hospital or other institution which is registered in lieu of being registered himself if:
- The dispensing, administering or prescribing is done in the usual course of his professional practice;
- The individual practitioner is authorized or permitted to do so by the jurisdiction in which he is practicing;
- The hospital or other institution by whom he is employed has verified that the individual practitioner is so permitted to dispense, administer, or prescribe drugs within the jurisdiction;
- The individual practitioner is acting only within the scope of his employment in the hospital or institution;
- The hospital or other institution authorizes the individual practitioner to administer, dispense or prescribe under the hospital registration and designates a specific internal code number for each individual practitioner so authorized consisting of numbers, letters, or a combination thereof and shall be a suffix to the institution’s DEA registration number, preceded by a hyphen; and
- A current list of internal codes and the corresponding individual practitioners is kept by the hospital or other institution and is made available at all times to other registrants and law enforcement agencies upon request for the purpose of verifying the authority of the prescribing individual practitioner. See 21 CFR 1301.22(c).
In response to the comments on these proposed provisions, DEA has determined standardization of the internal code numbers assigned by institutional practitioners to the individual practitioners they permit to use their registration to administer, dispense, and prescribe controlled substances is essential for DEA to require pharmacy systems to retain this information.
Since this number has never been standardized, however, DEA anticipates that institutional practitioner registrants have established a variety of internal code number systems. Accordingly, DEA is soliciting information from the regulated industry and other interested members of the public regarding current methods used and how best to implement industry standardization in this area. Specifically, DEA seeks the following information:
- Information regarding formats used by institutional practitioners when establishing internal code numbers for individual practitioners permitted to use the institution’s registration number;
- Estimates of the number of individual practitioners using internal code numbers for identification purposes;
- Estimates of the number of individual practitioners using internal code numbers for identification purposes in a particular institutional practitioner;
- Estimates of costs to institutional practitioners if code numbers for individual practitioners were to be standardized and what changes would be associated with those costs;
- Formats pharmacy applications could accommodate or would prefer, recognizing that pharmacy applications may need to be reprogrammed to accept this information;
- Estimates of the costs to pharmacies and/or pharmacy application providers for such reprogramming;
- Comments regarding whether pharmacies have had difficulty obtaining information from institutional practitioners regarding individual practitioners’ internal code numbers and, if so, any proposed solutions.
Persons wishing to address the above topics or provide other information relative to these proposed rules should submit their comments by Midnight on November 9, 2009 in accordance with the instructions contained in the Notice available for review here.
Register Now For Upcoming September Health Industry Update Programs
If you found this information of interest, you also may be interested in one of the following upcoming health industry programs to be presented by Ms. Stamer during September:
- How to Ensure That Your Organization Is In Compliance With Regulations Governing Discrimination — What You Should Be Doing To Be Prepared for the New, Stepped Up Enforcement Actions on September 10, 2009 hosted via teleconference by Health Resources Publishing
- Health Information Security & Data Breach Under HITECH Act on September 17, 2009 hosted via teleconference by the Health Care Compliance Association
To register or for other details about these and other upcoming programs and presentations by Ms. Stamer and other Curran Tomko Tarski members, see here.
Other Recent Developments
If you found this information of interest, you also may be interested in reviewing some of the following recent Health Care Updates available online by clicking on the article title:
- Two Recent Criminal Prosecutions For HIPAA Privacy Rule Violations Signal Rising Criminal Enforcement Risks
- North Texas Healthcare Compliance Professional Association September 8 Meeting Covers Provider Outreach Activities, New Data Breach Rules.
- September Declared National Prostate Cancer Awareness Month, 2009
- Pfizer To Pay $2.3 Billion For Fraudulent Marketing In Largest DOJ Health Care Fraud Settlement
- Maximum Penalty For Patient Protection Act Confidentiality Breaches To Rise To $11,000
- Health Care Providers & Other HIPAA Covered Entities Must Comply With New Data Breach Rules By September 23
- CDC Healthcare Infection Control Practices Advisory Committee Schedules Teleconference on Draft Guideline for Prevention of Catheter-Associated Urinary Tract Infections 2008
- HHS Secretary Sebelius Announces Intent to Appoint Dr. Helene Gayle as Chair of the Presidential Advisory Council on HIV/AIDS
- Border Health Care Study Sheds Some Light of Health Care Utilization, Needs & Costs
- Health Care Providers & Other HIPAA-Covered Entities & Their Business Associates Must Comply With New HHS Health Information Data Breach Rules By September 24
- HHS Issues Interim Final Requiring Health Care Provider, Health Plans & Other Covered Entities To Give Breach Notifications When Certain Personal Health Information Breached Beginning In September; Register to Participate In September 10th Briefing on New Rules In Person or Via Telephone
- CMS Publishes Updated FY 2010 Inpatient Rehabilitation Facility Prospective Payment System Final Rule
- House Democratic Leaders Work To Resolve Differences In Committee Versions of Health Care Reform Legislation and Build Public Support During August Recess
- HHS Hiring to Expand its Health Information Enforcement Team Again
- Reassignment of HIPAA Security Rule Enforcement Signals Growing Seriousness About Enforcing HIPAA
For More Information
We hope that this information is useful to you. If you need assistance with auditing or defending health care fraud concerns or other health care compliance, risk management, transaction or operation concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Edwin J. Tomko at (214) 270-1405 or another Curran Tomko Tarski LLP Partner of your choice. Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other internal controls and risk management matters.
You can review other recent health care and internal controls resources and additional information about the health industry and other experience of Ms. Stamer here. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information to cstamer@cttlegal.com.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here. To unsubscribe, e-mail here.
©2009 Cynthia Marcotte Stamer. All rights reserved.