[House Report 108-28] [From the U.S. Government Publishing Office] 108th Congress Report HOUSE OF REPRESENTATIVES 1st Session 108-28 ====================================================================== PATIENT SAFETY AND QUALITY IMPROVEMENT ACT _______ March 6, 2003.--Committed to the Committee of the Whole House on the State of the Union and ordered to be printed _______ Mr. Tauzin, from the Committee on Energy and Commerce, submitted the following R E P O R T [To accompany H.R. 663] [Including cost estimate of the Congressional Budget Office] The Committee on Energy and Commerce, to whom was referred the bill (H.R. 663) to amend title IX of the Public Health Service Act to provide for the improvement of patient safety and to reduce the incidence of events that adversely affect patient safety, and for other purposes, having considered the same, report favorably thereon with an amendment and recommend that the bill as amended do pass. CONTENTS Page Amendment........................................................ 1 Purpose and Summary.............................................. 11 Background and Need for Legislation.............................. 11 Hearings......................................................... 12 Committee Consideration.......................................... 12 Committee Votes.................................................. 12 Committee Oversight Findings..................................... 12 Statement of General Performance Goals and Objectives............ 12 New Budget Authority, Entitlement Authority, and Tax Expenditures 13 Committee Cost Estimate.......................................... 13 Congressional Budget Office Estimate............................. 13 Federal Mandates Statement....................................... 17 Advisory Committee Statement..................................... 17 Constitutional Authority Statement............................... 17 Applicability to Legislative Branch.............................. 17 Section-by-Section Analysis of the Legislation................... 17 Changes in Existing Law Made by the Bill, as Reported............ 23 Amendment The amendment is as follows: Strike all after the enacting clause and insert the following: SECTION 1. SHORT TITLE. This Act may be cited as the ``Patient Safety and Quality Improvement Act''. SEC. 2. FINDINGS AND PURPOSES. (a) Findings.--The Congress finds as follows: (1) In 1999, the Institute of Medicine released a report entitled ``To Err Is Human'' that described medical errors as the 8th leading cause of death in the United States, with as many as 98,000 people dying as a result of medical errors each year. (2) To address these deaths and injuries due to medical errors, the health care system must identify and learn from such errors so that systems of care can be improved. (3) Myriad public and private patient safety initiatives have begun. The Quality Interagency Coordination Task Force has recommended steps to improve patient safety that may be taken by each Federal agency involved in health care and activities relating to these steps are ongoing. (4) The Department of Health and Human Services has initiated several patient safety projects. The Joint Commission on Accreditation of Healthcare Organizations issued a patient safety standard that went into effect on July 1, 2001, and the peer review organizations are conducting ongoing studies of clinical performance measurement of care delivered to beneficiaries under the medicare program under title XVIII of the Social Security Act. (5) Several steps can be taken now to improve patient safety. For example, according to the Centers for Disease Control and Prevention, hand washing is the single most important means of preventing the spread of infection. Repeated studies indicate that lack of or improper hand washing still contributes significantly to disease transmission in health care settings. Working with experts from the private sector, the Centers for Disease Control and Prevention has drafted ``Guidelines for Hand Hygiene in Healthcare Settings'' setting forth recommendations to promote improved hand hygiene practices and reduce transmission of pathogenic microorganisms to patients and personnel in health care settings. (6) According to the Centers for Disease Control and Prevention, nosocomial infections affect approximately 2 million patients annually in acute care facilities in the United States at an estimated direct patient care cost of approximately $3.5 billion each year. (7) The Congress encourages the continuation and acceleration of private sector efforts to take immediate steps to improve patient safety and recognizes the need for action in the public sector to complement these efforts. (8) The research on patient safety unequivocally calls for a learning environment, where providers will feel safe to report health care errors, in order to improve patient safety. (9) Voluntary data gathering systems are more supportive than mandatory systems in creating the learning environment referred to in paragraph (8) as stated in the Institute of Medicine's report. (10) Promising patient safety reporting systems have been established throughout the United States, and the best ways to structure and use these systems are currently being determined, largely through projects funded by the Agency for Healthcare Research and Quality. (11) Many organizations currently collecting patient safety information have expressed a need for protections that will allow them to review protected information so that they may collaborate in the development and implementation of patient safety improvement strategies. Currently, the State peer review protections provide inadequate conditions to allow the sharing of information to promote patient safety. (12) In 2001, the Institute of Medicine released a report entitled ``Crossing the Quality Chasm'' that found that the United States health care system does not consistently deliver high-quality care to patients. (b) Purposes.--The purposes of this Act are-- (1) to encourage a culture of safety and quality in the United States health care system by providing for a health care errors reporting system that both protects information and improves patient safety and quality of health care; and (2) to ensure accountability by raising standards and expectations for continuous quality improvements in patient safety through the actions of the Secretary of Health and Human Services. SEC. 3. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT. (a) In General.--Title IX of the Public Health Service Act (42 U.S.C. 299 et seq.) is amended-- (1) in section 912(c), by inserting ``, in accordance with part C,'' after ``The Director shall''; (2) by redesignating part C as part D; (3) by redesignating sections 921 through 928, as sections 931 through 938, respectively; (4) in section 938(1) (as so redesignated), by striking ``921'' and inserting ``931''; and (5) by inserting after part B the following: ``PART C--PATIENT SAFETY IMPROVEMENT ``SEC. 921. DEFINITIONS. ``In this part: ``(1) Identifiable information.--The term `identifiable information' means information that is presented in a form and manner that allows the identification of any provider, patient, or reporter of patient safety work product. With respect to patients, such information includes any individually identifiable health information as that term is defined in the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033). ``(2) Nonidentifiable information.--The term `nonidentifiable information' means information that is presented in a form and manner that prevents the identification of any provider, patient, or reporter of patient safety work product. With respect to patients, such information must be de-identified consistent with the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033). ``(3) Patient safety evaluation system.--The term `patient safety evaluation system' means a process that involves the collection, management, or analysis of information for submission to or by a patient safety organization. ``(4) Patient safety organization.--The term `patient safety organization' means a private or public organization or component thereof that is certified, through a process to be determined by the Secretary under section 925, to perform each of the following activities: ``(A) The conduct, as the organization or component's primary activity, of efforts to improve patient safety and the quality of health care delivery. ``(B) The collection and analysis of patient safety work product that is submitted by providers. ``(C) The development and dissemination of evidence- based information to providers with respect to improving patient safety, such as recommendations, protocols, or information regarding best practices. ``(D) The utilization of patient safety work product to carry out activities limited to those described under this paragraph and for the purposes of encouraging a culture of safety and of providing direct feedback and assistance to providers to effectively minimize patient risk. ``(E) The maintenance of confidentiality with respect to identifiable information. ``(F) The provision of appropriate security measures with respect to patient safety work product. ``(G) The submission of nonidentifiable information to the Agency consistent with standards established by the Secretary under section 923(b) for any National Patient Safety Database. ``(5) Patient safety work product.-- ``(A) The term `patient safety work product' means any document or communication (including any information, report, record, memorandum, analysis, deliberative work, statement, or root cause analysis) that-- ``(i) except as provided in subparagraph (B), is developed by a provider for the purpose of reporting to a patient safety organization, and is reported to a patient safety organization; ``(ii) is created by a patient safety organization; or ``(iii) would reveal the deliberations or analytic process of a patient safety evaluation system (as defined in paragraph (3)). ``(B)(i) Patient safety work product described in subparagraph (A)(i)-- ``(I) does not include any separate information described in clause (ii); and ``(II) shall not be construed to include such separate information merely by reason of inclusion of a copy of the document or communication involved in a submission to, or the fact of submission of such a copy to, a patient safety organization. ``(ii) Separate information described in this clause is a document or communication (including a patient's medical record or any other patient or hospital record) that is developed or maintained, or exists, separately from any patient safety evaluation system. ``(C) Information available from sources other than a patient safety work product under this section may be discovered or admitted in a civil or administrative proceeding, if discoverable or admissible under applicable law. ``(6) Provider.--The term `provider' means-- ``(A) an individual or entity licensed or otherwise authorized under State law to provide health care services, including-- ``(i) a hospital, nursing facility, comprehensive outpatient rehabilitation facility, home health agency, and hospice program; ``(ii) a physician, physician assistant, nurse practitioner, clinical nurse specialist, certified nurse midwife, psychologist, certified social worker, registered dietitian or nutrition professional, physical or occupational therapist, or other individual health care practitioner; ``(iii) a pharmacist; and ``(iv) a renal dialysis facility, ambulatory surgical center, pharmacy, physician or health care practitioner's office, long-term care facility, behavioral health residential treatment facility, clinical laboratory, or community health center; or ``(B) any other person or entity specified in regulations by the Secretary after public notice and comment. ``SEC. 922. PRIVILEGE FOR PATIENT SAFETY WORK PRODUCT. ``(a) Privilege.--Notwithstanding any other provision of law and subject to subsection (c), patient safety work product shall not be-- ``(1) subject to a civil or administrative subpoena or order; ``(2) subject to discovery in connection with a civil or administrative proceeding; ``(3) subject to disclosure pursuant to section 552 of title 5, United States Code (commonly known as the Freedom of Information Act), or any other similar Federal or State law; ``(4) required to be admitted as evidence or otherwise disclosed in any State or Federal civil or administrative proceeding; or ``(5) if the patient safety work product is identifiable information and is received by a national accreditation organization in its capacity as a patient safety organization-- ``(A) used by a national accreditation organization in an accreditation action against the provider that reported the information; ``(B) shared by such organization with its survey team; or ``(C) required as a condition of accreditation by a national accreditation association. ``(b) Reporter Protection.-- ``(1) In general.--A provider may not use against an individual in an adverse employment action described in paragraph (2) the fact that the individual in good faith reported information-- ``(A) to the provider with the intention of having the information reported to a patient safety organization; or ``(B) directly to a patient safety organization. ``(2) Adverse employment action.--For purposes of this subsection, an `adverse employment action' includes-- ``(A) the failure to promote an individual or provide any other employment-related benefit for which the individual would otherwise be eligible; ``(B) an adverse evaluation or decision made in relation to accreditation, certification, credentialing, or licensing of the individual; and ``(C) a personnel action that is adverse to the individual concerned. ``(3) Remedies.--Any provider that violates this subsection shall be subject to a civil monetary penalty of not more than $20,000 for each such violation involved. Such penalty shall be imposed and collected in the same manner as civil money penalties under subsection (a) of section 1128A of the Social Security Act are imposed and collected. ``(c) Disclosures.--Nothing in this section prohibits any of the following disclosures: ``(1) Voluntary disclosure of nonidentifiable information. ``(2) Voluntary disclosure of identifiable information by a provider or patient safety organization, if such disclosure-- ``(A) is authorized by the provider for the purposes of improving quality and safety; ``(B) is to an entity or person subject to the requirements of section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033), or any regulation promulgated under such section; and ``(C) is not in conflict with such section or any regulation promulgated under such section. ``(3) Disclosure as required by law by a provider to the Food and Drug Administration, or on a voluntary basis by a provider to a federally established patient safety program, with respect to an Administration-regulated product or activity for which that entity has responsibility, for the purposes of activities related to the quality, safety, or effectiveness of such Administration-regulated product or activity. ``(4) Disclosures of patient safety work product in accordance with this part by a provider to a patient safety organization. ``(d) Effect of Transfer, Disclosure.--The following shall not be treated as a waiver of any privilege or protection established under this part: ``(1) The transfer of any patient safety work product between a provider and a patient safety organization. ``(2) Disclosure of patient safety work product as described in subsection (c). ``(3) The unauthorized disclosure of patient safety work product. ``(e) Penalty.-- ``(1) Prohibition.--Except as provided in this part, and subject to paragraphs (2) and (4), it shall be unlawful for any person to disclose patient safety work product in violation of this section, if such disclosure constitutes a negligent or knowing breach of confidentiality. ``(2) Relation to HIPAA.--The penalty under paragraph (3) for a disclosure in violation of paragraph (1) does not apply if the person would be subject to a penalty under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033), or any regulation promulgated under such section, for the same disclosure. ``(3) Amount.--Any person who violates paragraph (1) shall be subject to a civil monetary penalty of not more than $10,000 for each such violation involved. Such penalty shall be imposed and collected in the same manner as civil money penalties under subsection (a) of section 1128A of the Social Security Act are imposed and collected. ``(4) Subsequent disclosure.--Paragraph (1) applies only to the first person that breaches confidentiality with respect to particular patient safety work product. ``(f) Relation to HIPAA.-- ``(1) In general.--For purposes of applying the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033)-- ``(A) patient safety organizations shall be treated as business associates; and ``(B) activities of such organizations described in section 921(4) in relation to a provider are deemed to be health care operations (as defined in such regulations) of the provider. ``(2) Rule of construction.--Nothing in this section shall be construed to alter or affect the implementation of such regulations or such section 264(c). ``(g) No Limitation of Other Privileges.--Nothing in this section shall be construed to affect privileges, including peer review and confidentiality protections, that are otherwise available under Federal or State laws. ``(h) No Limitation on Contracts.--Nothing in this section shall be construed to limit the power of a provider and a patient safety organization, or a patient safety organization and the Agency or any National Patient Safety Database, consistent with the provisions of this Act and other applicable law, to enter into a contract requiring greater confidentiality or delegating authority to make an authorized disclosure. ``(i) Relation to State Reporting Requirements.--Nothing in this part shall be construed as preempting or otherwise affecting any State law requiring a provider to report information, including information described in section 921(5)(B), that is not patient safety work product. ``(j) Continuation of Privilege.--Patient safety work product of an organization that is certified as a patient safety organization shall continue to be privileged and confidential, in accordance with this section, if the organization's certification is terminated or revoked or if the organization otherwise ceases to qualify as a patient safety organization. ``(k) Reports on Strategies To Improve Patient Safety.-- ``(1) Draft report.--Not later than the date that is 18 months after any National Patient Safety Database is operational, the Secretary, in consultation with the Director, shall prepare a draft report on effective strategies for reducing medical errors and increasing patient safety. The draft report shall include any measure determined appropriate by the Secretary to encourage the appropriate use of such strategies, including use in any federally funded programs. The Secretary shall make the draft report available for public comment and submit the draft report to the Institute of Medicine for review. ``(2) Final report.--Not later than 1 year after the date described in paragraph (1), the Secretary shall submit a final report to the Congress that includes, in an appendix, any findings by the Institute of Medicine concerning research on the strategies discussed in the draft report and any modifications made by the Secretary based on such findings. ``SEC. 923. NATIONAL DATABASE. ``(a) Authority.-- ``(1) In general.--In conducting activities under this part, the Secretary shall provide for the establishment and maintenance of a database to receive relevant nonidentifiable patient safety work product, and may designate entities to collect relevant nonidentifiable patient safety work product that is voluntarily reported by patient safety organizations upon the request of the Secretary. Any database established or designated under this paragraph may be referred to as a `National Patient Safety Database'. ``(2) Use of information.--Information reported to any National Patient Safety Database shall be used to analyze national and regional statistics, including trends and patterns of health care errors. The information resulting from such analyses may be included in the annual quality reports prepared under section 913(b)(2). ``(3) Advisory role.--The Secretary shall provide scientific support to patient safety organizations, including the dissemination of methodologies and evidence-based information related to root causes and quality improvement. ``(b) Standards.--In establishing or designating a database under subsection (a)(1), the Secretary shall, in consultation with representatives of patient safety organizations, the provider community, and the health information technology industry, determine common formats for the voluntary reporting of nonidentifiable patient safety work product, including necessary elements, common and consistent definitions, and a standardized computer interface for the processing of the work product. To the extent practicable, such standards shall be consistent with the administrative simplification provisions of part C of title XI of the Social Security Act. ``(c) Certain Methodologies for Collection.--The Secretary shall ensure that the methodologies for the collection of nonidentifiable patient safety work product for any National Patient Safety Database include the methodologies developed or recommended by the Patient Safety Task Force of the Department of Health and Human Services. ``(d) Facilitation of Information Exchange.--To the extent practicable, the Secretary may facilitate the direct link of information between providers and patient safety organizations and between patient safety organizations and any National Patient Safety Database. ``(e) Restriction on Transfer.--Only nonidentifiable information may be transferred to any National Patient Safety Database. ``SEC. 924. TECHNICAL ASSISTANCE. ``(a) In General.--The Secretary, acting through the Director, may-- ``(1) provide technical assistance to patient safety organizations, and to States with reporting systems for health care errors; and ``(2) provide guidance on the type of data to be voluntarily submitted to any National Patient Safety Database. ``(b) Annual Meetings.--Assistance provided under subsection (a) may include annual meetings for patient safety organizations to discuss methodology, communication, information collection, or privacy concerns. ``SEC. 925. CERTIFICATION OF PATIENT SAFETY ORGANIZATIONS. ``(a) In General.--Not later than 6 months after the date of enactment of the Patient Safety and Quality Improvement Act, the Secretary shall establish a process for certifying patient safety organizations. ``(b) Process.--The process established under subsection (a) shall include the following: ``(1) Certification of patient safety organizations by the Secretary or by such other national or State governmental organizations as the Secretary determines appropriate. ``(2) If the Secretary allows other governmental organizations to certify patient safety organizations under paragraph (1), the Secretary shall establish a process for approving such organizations. Any such approved organization shall conduct certifications and reviews in accordance with this section. ``(3) A review of each certification under paragraph (1) (including a review of compliance with each criterion in this section and any related implementing standards as determined by the Secretary through rulemaking) not less often than every 3 years, as determined by the Secretary. ``(4) Revocation of any such certification by the Secretary or other such governmental organization that issued the certification, upon a showing of cause. ``(c) Criteria.--A patient safety organization must meet the following criteria as conditions of certification: ``(1) The mission of the patient safety organization is to conduct activities that are to improve patient safety and the quality of health care delivery and is not in conflict of interest with the providers that contract with the patient safety organization. ``(2) The patient safety organization has appropriately qualified staff, including licensed or certified medical professionals. ``(3) The patient safety organization, within any 2 year period, contracts with more than 1 provider for the purpose of receiving and reviewing patient safety work product. ``(4) The patient safety organization is not a component of a health insurer or other entity that offers a group health plan or health insurance coverage. ``(5) The patient safety organization is managed, controlled, and operated independently from any provider that contracts with the patient safety organization for reporting patient safety work product. ``(6) To the extent practical and appropriate, the patient safety organization collects patient safety work product from providers in a standardized manner that permits valid comparisons of similar cases among similar providers. ``(d) Additional Criteria for Component Organizations.--If a patient safety organization is a component of another organization, the patient safety organization must, in addition to meeting the criteria described in subsection (c), meet the following criteria as conditions of certification: ``(1) The patient safety organization maintains patient safety work product separately from the rest of the organization, and establishes appropriate security measures to maintain the confidentiality of the patient safety work product. ``(2) The patient safety organization does not make an unauthorized disclosure under this Act of patient safety work product to the rest of the organization in breach of confidentiality. ``(3) The mission of the patient safety organization does not create a conflict of interest with the rest of the organization.''. (b) Authorization of Appropriations.--Section 937 of the Public Health Service Act (as redesignated by subsection (a)) is amended by adding at the end the following: ``(e) Patient Safety and Quality Improvement.--For the purpose of carrying out part C, there are authorized to be appropriated such sums as may be necessary for each of the fiscal years 2004 through 2008.''. SEC. 4. PROMOTING THE DIFFUSION AND INTEROPERABILITY OF INFORMATION TECHNOLOGY SYSTEMS INVOLVED WITH HEALTH CARE DELIVERY. (a) Voluntary Standards.-- (1) In general.--Not later than 18 months after the date of the enactment of this Act, the Secretary of Health and Human Services (in this section referred to as the ``Secretary'') shall-- (A) develop or adopt voluntary national standards that promote the interoperability of information technology systems involved with health care delivery, including but not limited to computerized physician order entry; (B) in developing or adopting such standards, take into account-- (i) the ability of such systems to capture and aggregate clinically specific data to enable evidence-based medicine and other applications that promote the electronic exchange of patient medical record information; and (ii) the cost that meeting such standards would have on providing health care in the United States and the increased efficiencies in providing such care achieved under the standards; (C) in developing or adopting such standards and to the extent practicable, test the efficacy, usability, and scalability of proposed interoperability standards within a variety of clinical settings, including an urban academic medical center, a rural hospital, a community health center, and a community hospital; and (D) submit a report to the Congress containing recommendations on such standards. (2) Consultation.--In developing or adopting standards under paragraph (1)(A), the Secretary shall consider the recommendations of the National Committee on Vital Health Statistics for the standardization of message formatting, coding, and vocabulary for interoperability of information technology systems involved with health care delivery. The Secretary shall consult with representatives of the health information technology industry and the provider community who are involved with the development of interoperability standards. (b) Updates.--The Secretary shall provide for the ongoing review and periodic updating of the standards developed under subsection (a). SEC. 5. REQUIRED USE OF PRODUCT IDENTIFICATION TECHNOLOGY. The Federal Food, Drug, and Cosmetic Act (21 U.S.C. 301 et seq.) is amended-- (1) in section 502, by adding at the end the following: ``(w) If it is a drug or biological product, unless it includes a unique product identifier for the drug or biological product as required by regulations under section 510(q).''; and (2) in section 510, by adding at the end the following: ``(q)(1) The Secretary shall issue, and may periodically revise, regulations requiring the manufacturer of any drug or biological product that is subject to regulation by the Food and Drug Administration, or the packager or labeler of a drug or biological product that is subject to regulation by the Food and Drug Administration, to include a unique product identifier on the packaging of the drug or biological product. ``(2) For purposes of this subsection, the term `unique product identifier' means an identification that-- ``(A) is affixed by the manufacturer, labeler, or packager to each drug or biological product described in paragraph (1) at each packaging level; ``(B) uniquely identifies the item and meets the standards required by this section; and ``(C) can be read by a scanning device or other technology acceptable to the Secretary. ``(3) A unique product identifier required by regulations issued or revised under paragraph (1) shall be based on-- ``(A) the National Drug Code maintained by the Food and Drug Administration; ``(B) commercially accepted standards established by organizations that are accredited by the American National Standards Institute, such as the Health Industry Business Communication Council or the Uniform Code Council; or ``(C) other identification formats that the Secretary deems appropriate. ``(4) The Secretary may, at the Secretary's discretion, waive the requirements of this section, or add additional provisions that are necessary to safeguard the public health.''. SEC. 6. GRANTS FOR ELECTRONIC PRESCRIPTION PROGRAMS. (a) Grants.-- (1) In general.--The Secretary of Health and Human Services (in this section referred to as the ``Secretary'') may make grants to qualified practitioners for the purpose of establishing electronic prescription programs. (2) Matching funds.-- (A) In general.--With respect to the costs of establishing an electronic prescription program, a condition for the receipt of a grant under paragraph (1) is that the qualified practitioner involved agree to make available (directly or through donations from public or private entities) non-Federal contributions toward such costs in an amount that is not less than 50 percent of such costs. (B) Determination of amount contributed.--Non-Federal contributions required in subparagraph (A) may be in cash or in kind, fairly evaluated, including equipment or services. Amounts provided by the Federal Government, or services assisted or subsidized to any significant extent by the Federal Government, may not be included in determining the amount of such non- Federal contributions. (b) Study.-- (1) In general.--The Secretary, acting through the Director of the Agency for Healthcare Research and Quality, shall support a study to assess existing scientific evidence regarding the effectiveness and cost-effectiveness of the use of electronic prescription programs intended to improve the efficiency of prescription ordering and the safe and effective use of prescription drugs. The study shall address the following: (A) The ability of such programs to reduce medical errors and improve the quality and safety of patient care. (B) The impact of the use of such programs on physicians, pharmacists, and patients, including such factors as direct and indirect costs, changes in productivity, and satisfaction. (C) The effectiveness of strategies for overcoming barriers to the use of electronic prescription programs. (2) Report.--The Secretary shall ensure that, not later than 18 months after the date of the enactment of this Act, a report containing the findings of the study under paragraph (1) is submitted to the appropriate committees of the Congress. (3) Dissemination of findings.--The Secretary shall disseminate the findings of the study under paragraph (1) to appropriate public and private entities. (c) Development of Model.--The Secretary, acting through the Director of the Agency for Healthcare Research and Quality, may develop an Internet-based mathematical model that simulates the cost and effectiveness of electronic prescription programs for qualified practitioners. The model may be designed to allow qualified practitioners to estimate, through an interactive interface, the impact of electronic prescribing on their practices, including the reduction in drug-related health care errors. (d) Definitions.--For purposes of this section: (1) The term ``electronic prescription program''-- (A) means a program for the electronic submission and processing of prescriptions; and (B) includes the hardware (including computers and other electronic devices) and software programs for the electronic submission of prescriptions to pharmacies, the processing of such submissions by pharmacies, and decision-support programs. (2) The term ``qualified practitioner'' means a practitioner licensed by law to administer or dispense prescription drugs. SEC. 7. GRANTS TO HOSPITALS AND OTHER HEALTH CARE PROVIDERS FOR INFORMATION TECHNOLOGIES. (a) In General.--The Secretary of Health and Human Services (in this section referred to as the ``Secretary'') shall make grants to hospitals and other health care providers (but not more than 1 grant to any 1 hospital or provider) to pay the costs of acquiring or implementing information technologies whose purposes are-- (1) to improve quality of care and patient safety; and (2) to reduce adverse events and health care complications resulting from medication errors. (b) Special Consideration.--In making grants under subsection (a), the Secretary shall give special consideration to applicants who seek to promote the following: (1) Interoperability across hospital services or departments using standards developed or adopted by the Secretary under section 4. (2) Electronic communication of patient data across the spectrum of health care delivery. (3) Computerized physician order entry or bar coding applications. (4) Electronic communication of patient data in hospitals that provide services to underserved or low-income populations. (5) Improved clinical decisionmaking through acquisition and implementation of decision-support technologies. (c) Certain Grant Conditions.--A condition for the receipt of a grant under subsection (a) is that the applicant involved meet the following requirements: (1) The applicant agrees to carry out a program to measure, analyze, and report patient safety and medical errors at the hospital or other health care provider involved, to submit to the Secretary a description of the methodology that will be used, and to have such program in effect as soon as practicable after the application for the grant is approved, without regard to whether information technologies under the grant have been implemented. (2) The applicant has arranged for an evaluation that addresses the effectiveness and cost-effectiveness of the information technology for which the grant is provided and its impact on the quality and safety of patient care, submitted the evaluation plan to the Secretary, and received approval from the Secretary of the applicant's methodology. (3) The applicant has or is developing a patient safety evaluation system (as that term is defined in section 921 of the Public Health Service Act (as amended by section 3)) for reporting health care errors to a patient safety organization. (4) The applicant agrees to provide the Secretary with such information as the Secretary may require regarding the use of funds under this program or its impact. (5) The applicant provides assurances satisfactory to the Secretary that any information technology planned, acquired, or implemented with grant funds under this section will be part of an information program that-- (A) carries out the purposes described in subsection (a); and (B) is comprehensive or will be expanded to become comprehensive, regardless of whether Federal assistance is available for such expansion. (d) Technical Assistance to Grantees.--The Secretary, acting through the Director of the Agency for Healthcare Research and Quality, shall provide technical assistance to applicants and grantees to ensure the appropriate evaluation of the information technologies for which grants are awarded under this section, such as-- (1) reviewing and providing technical assistance on the applicant's proposed evaluation; (2) developing mechanisms to ensure ongoing communications between grantees and evaluators to facilitate the identification and resolution of problems as they arise, ensure mutual learning, and promote the rapid dissemination of information; (3) reviewing the interim and final reports required under subsection (e); and (4) disseminating evidence-based information in interim and final reports to patient safety organizations, as appropriate. (e) Evaluation Reports by Grantee.--A condition for the receipt of a grant under subsection (a) is that the applicant agree to submit an interim and a final report to the Secretary in accordance with this subsection. (1) Interim report.--Not later than 1 year after the implementation of information technologies under the grant is completed, the applicant will submit an interim report to the Secretary describing the initial effectiveness of such technologies in carrying out the purposes described in subsection (a). (2) Final report.--Not later than 3 years after the implementation of information technologies under the grant is completed, the applicant will submit a final report to the Secretary describing the effectiveness and cost-effectiveness of such technologies and addressing other issues determined to be important in carrying out the purposes described in subsection (a). (3) Relation to disbursement of grant.--In disbursing a grant under subsection (a), the Secretary shall withhold \1/3\ of the grant until the grantee submits to the Secretary the report required in paragraph (1). (f) Reports by Secretary.-- (1) Interim reports.-- (A) In general.--Through the fiscal year preceding the fiscal year in which the final report under paragraph (2) is prepared, the Secretary shall submit to the Committee on Energy and Commerce of the House of Representatives and the Committee on Health, Education, Labor, and Pensions of the Senate periodic reports on the grant program under subsection (a). Such reports shall be submitted not less frequently than once each fiscal year, beginning with fiscal year 2004. (B) Contents.--A report under subparagraph (A) shall include information on-- (i) the number of grants made; (ii) the nature of the projects for which funding is provided under the grant program; (iii) the geographic distribution of grant recipients; and (iv) such other matters as the Secretary determines appropriate. (2) Final report.--Not later than 180 days after the date on which the last of the reports is due under subsection (e)(2), the Secretary shall submit a final report to the committees referred to in paragraph (1)(A) on the grant program under subsection (a), together with such recommendations for legislation and administrative action as the Secretary determines appropriate. (g) Definitions.--For purposes of this section: (1) The term ``costs'', with respect to information technologies referred to in subsection (a), includes total expenditures incurred for-- (A) purchasing, leasing, and installing computer software and hardware, including hand-held computer technologies; (B) making improvements to existing computer software and hardware; and (C) purchasing or leasing communications capabilities necessary for clinical data access, storage, and exchange. (2) The term ``health care provider'' has the same meaning given to the term ``provider'' in section 921 of the Public Health Services Act (as amended by this Act). (h) Termination of Grant Authorities.--The authority of the Secretary to make grants under subsection (a) terminates upon the expiration of fiscal year 2011. (i) Matching Funds.-- (1) In general.--With respect to the costs of a grant to be carried out under this section, such grant may be made only if the applicant agrees to make available (directly or through donations from public or private entities) non-Federal contributions toward such costs in an amount that is not less than 50 percent of such costs ($1 for each $1 of Federal funds provided in the grant). (2) Determination of amounts contributed.--Amounts provided by the Federal Government, or services assisted or subsidized to any significant extent by the Federal Government, may not be included in determining the amount of such non-Federal contributions. SEC. 8. AUTHORIZATION OF APPROPRIATIONS FOR GRANTS UNDER SECTIONS 6 AND 7. For the purpose of carrying out sections 6 and 7, there are authorized to be appropriated $25,000,000 for each of fiscal years 2004 and 2005. Purpose and Summary H.R. 663 is intended to create a ``culture of safety'' by providing peer review protections for information reported on health care errors for the purpose of quality improvement and patient safety. Background and Need for Legislation In its 1999 report, ``To Err Is Human,'' the Institute of Medicine (IOM) estimated that 44,000 to 98,000 Americans die each year as a result of medical errors; however, providers have little to no incentive to report or analyze errors to improve the quality of health care. The IOM offered several recommendations to improve patient safety and reduce medical errors, including that Congress pass legislation to extend peer review protections to data related to patient safety and quality improvement that are developed and analyzed by health care organizations for internal use or share with others solely for the purposes of improving safety and quality. This bill is intended to encourage the reporting and analysis of medical errors by providing peer review protection of information reported to patient safety organizations for the purposes of quality improvement and patient safety. These protections will facilitate an environment in which health care providers are able to discuss errors openly and learn from them. The protections apply to certain categories of documents and communications termed ``patient safety work product'' that are developed in connection with newly created patient safety organizations. This patient safety work product is considered privileged and, therefore, cannot be subject to civil or administrative proceedings, disclosed pursuant to the Freedom of Information Act, or utilized to carry out an adverse personnel action. Patient safety organizations will analyze information reported from providers and disseminate information back to providers in an effort to improve quality and patient safety. It is intended that providers, with the assistance of patient safety organizations, will determine the causes of these errors, identify what changes need to be made in the health care delivery system in order to prevent these errors, and then implement these changes. These new protections do not, however, prevent a provider from complying with authorized requests for information that has been developed, maintained, or which exists separately from patient safety work product. In general, information that is available to the public today will continue to be available; only new information created for patient safety organizations will be protected. Providers can also voluntarily disclose non- identifiable information, and upon authorized request, they can also disclose identifiable information for purposes of improving safety and quality to entities required to comply with the Health Insurance Portability and Accountability Act (HIPAA). Violations of these provisions are subject to existing penalties under the Public Health Service Act, including a civil monetary penalty or penalties under HIPAA for violations related to individually identifiable health information. The Patient Safety and Quality Improvement Act requires the Secretary of HHS to establish a national database to analyze health care errors. The Secretary of HHS is also required to develop and adopt voluntary national standards to promote the compatibility of health information technology systems. Finally, this bill creates grant programs for hospitals and other health care providers for establishing electronic prescribing programs and implementing information technologies. These grants will allow physicians and other types of providers who lack the necessary resources to adopt the latest technologies that have been proven to significantly reduce the incidence of medical errors. Hearings The Committee on Energy and Commerce has not held any hearings on this legislation. Committee Consideration On Wednesday, February 12, 2003, the Full Committee on Energy and Commerce met in open markup session and ordered H.R. 663 favorably reported to the House, as amended, by a voice vote, a quorum being present. Committee Votes Clause 3(b) of rule XIII of the Rules of the House of Representatives requires the Committee to list the record votes on the motion to report legislation and amendments thereto. There are no record votes taken in connection with ordering H.R. 663 reported. A motion by Mr. Tauzin to order H.R. 663 reported to the House, as amended, was agreed to by a voice vote. Committee Oversight Findings Pursuant to clause 3(c)(1) of rule XIII of the Rules of the House of Representatives, the Committee has not held oversight or legislative hearings on this legislation. Statement of General Performance Goals and Objectives The goal of H.R. 663 is to provide for a health care error reporting system that both protects information and improves patient safety and the quality of health care, and to ensure accountability by raising standards and expectation for continuous quality improvements in patient safety. New Budget Authority, Entitlement Authority, and Tax Expenditures In compliance with clause 3(c)(2) of rule XIII of the Rules of the House of Representatives, the Committee finds that H.R. 663, the Patient Safety and Quality Improvement Act, would result in no new or increased budget authority, or tax expenditures or revenues. Committee Cost Estimate The Committee adopts as its own the cost estimate prepared by the Director of the Congressional Budget Office pursuant to section 402 of the Congressional Budget Act of 1974. Congressional Budget Office Estimate Pursuant to clause 3(c)(3) of rule XIII of the Rules of the House of Representatives, the following is the cost estimate provided by the Congressional Budget Office pursuant to section 402 of the Congressional Budget Act of 1974: U.S. Congress, Congressional Budget Office, Washington, DC, March 3, 2003. Hon. W.J. ``Billy'' Tauzin, Chairman, Committee on Energy and Commerce, House of Representatives, Washington, DC. Dear Mr. Chairman: The Congressional Budget Office has prepared the enclosed cost estimate for H.R. 663, the Patient Safety and Quality Improvement Act. If you wish further details on this estimate, we will be pleased to provide them. The CBO staff contacts are Chris Topoleski and Margaret Nowak. Sincerely, Douglas Holtz-Eakin. Enclosure. H.R 663--Patient Safety and Quality Improvement Act Summary: H.R. 663 would require the Secretary of Health and Human Services to establish credentialing procedures for patient safety organizations (PSOs), which collect patient safety data voluntarily submitted by health care providers for inclusion in a patient safety database. The bill also would establish privacy protections and impose civil monetary penalties for violations of those protections. The Secretary would be required to report to the Congress on effective strategies for reducing medical errors and increasing patient safety. CBO estimates that implementing H.R. 663 would cost $20 million in 2004 and $104 million over the 2004-2008 period, assuming the appropriation of the necessary amounts. CBO estimates that receipts from fines for violation of the privacy protections would amount to less than $500,000 a year. The bill would require the Secretary of Health and Human Services to develop methodologies for the collection of patient safety data and provide technical assistance to PSOs and states. In addition, the Secretary would, with the National Committee for Vital and Health Statistics, develop voluntary national standards that promote the comparability of medical information technology systems. H.R. 663 would authorize grants to qualified practitioners for the purpose of establishing electronic prescription programs, and would authorize the Health Resources and Services Administration (HRSA) to make grants to hospitals and other health care providers for acquiring or implementing information technologies. The bill would require the inclusion of a unique product identifier on packaging of a drug or biological product that is subject to regulation by the Food and Drug Administration (FDA). Drugs and biological products that do not comply with FDA's labeling requirements would be deemed misbranded, and their manufacturers and packagers would be subject to civil penalties. H.R. 663 would preempt state laws that would govern the disclosure of information provided to patient safety organizations, and it would prevent health care providers from taking certain actions against employees because the employee provided information to patient safety organizations. While these provisions would be intergovernmental mandates as defined in the Unfunded Mandates Reform Act (UMRA), they would impose no requirements on states that would result in additional spending; thus, the threshold as established by UMRA would not be exceeded ($59 million in 2003, adjusted annually for inflation). The bill would impose private-sector mandates, as defined in UMRA, on health care providers and on manufacturers, packagers, and labelers of drugs and biological products. Because the specific requirements of the bill would depend on future actions by the Secretary of Health and Human Services, however, CBO cannot determine whether the direct cost of the mandates would exceed the annual threshold specified in UMRA ($117 million in 2003, adjusted annually for inflation). Estimated cost to the federal government: The estimated cost of H.R. 663 is shown in the following table. The bill could also result in an increase in revenues from fines, but CBO estimates that any such increase would be less than $500,000 a year. The costs of this legislation fall within budget function 550 (health). ---------------------------------------------------------------------------------------------------------------- By fiscal year, in millions of dollars-- ------------------------------------------------------ 2004 2005 2006 2007 2008 ---------------------------------------------------------------------------------------------------------------- CHANGES IN SPENDING SUBJECT TO APPROPRIATION Estimated Authorization Level............................ 39 38 13 13 13 Estimated Outlays........................................ 20 39 20 13 13 ---------------------------------------------------------------------------------------------------------------- Basis of estimate Spending subject to appropriation H.R. 663 would expand the current duties of the Agency for Healthcare Research and Quality (AHRQ). Although not specifically named, the AHRQ is the most likely and appropriate agency within the Department of Health and Human Services to carry out theprovisions of the bill. The new duties would include providing technical assistance to states that have (or are developing) systems for reporting medical errors. AHRQ also would oversee the certification and recertification of PSOs, which collect patient safety data from health care providers. (PSOs are private or public organizations that conduct activities to improve patient safety and the quality of health care delivery.) PSOs would not receive funding under this bill. In addition, the bill would require AHRQ to establish a patient safety database to collect, support, and coordinate the analysis of patient safety data that is reported on a voluntary basis. AHRQ also would develop an Internet-based mathematical model that simulates the cost and effectiveness of electronic prescription programs. Based on information from AHRQ, CBO expects that these tasks would require increased staff for providing assistance to states, oversight of PSOs, and collection and maintenance of the patient safety database. They would also require additional computer resources for the database. CBO estimates that the agency would need additional appropriations of $14 million in 2004 and $64 million over the 2004-2008 period to carry out these responsibilities. We estimate that outlays would total $54 million over the 2004- 2008 period, assuming the necessary amounts are appropriated. In 2004, we estimate that the agency would spend about $5 million, primarily on developing and maintaining the patient safety database. The bill would require the Secretary to provide scientific support to PSOs and to develop methodologies for collecting data on patient safety. In addition, H.R. 663 would require the Secretary to develop voluntary, national standards that promote the compatibility of health care information technology systems across all health care settings. CBO estimates that these efforts would cost less than $500,000 a year. H.R. 663 would allow the Secretary to make grants to qualified practitioners for the purpose of establishing electronic prescription programs. AHRQ would conduct a study and report to the Congress on the effectiveness of electronic prescription programs. HRSA would make grants available to hospitals and other health care providers for acquisition or implementation of information technology systems. CBO assumes that grants would be awarded starting in 2004. The bill would authorize appropriations for these grants at $25 million in fiscal year 2004 and $50 million over the 2004-2008 period. Based on historical spending patterns for similar activities, CBO estimates that outlays would total $50 million over the 2004-2008 period, assuming appropriation of the authorized amounts. The bill would require the inclusion of a unique product identifier on packaging of a drug or biological product that is subject to regulation by the Food and Drug Administration. This provision would cost the FDA less than $500,000 per year to implement. Revenues Because those prosecuted and convicted for violation of the bill's privacy provisions could be subject to civil monetary penalties, the federal government might collect additional fines if the bill is enacted. Drugs and biological products that do not comply with FDA's labeling requirements would be deemed misbranded, and their manufacturers and packagers would be subject to civil penalties. Collection of civil fines are recorded in the budget as governmental receipts (i.e., revenues). CBO estimates that any additional receipts would be less than $500,000 a year. Estimated impact on state, local, and tribal governments: H.R. 663 would preempt any state freedom of information law or other laws governing civil or administrative procedure that would require the disclosure of information provided by a health care provider to a certified patient safety organization. This preemption would be an intergovernmental mandate as defined in UMRA because it would limit the application of those state laws. Another intergovernmental mandate in the bill would prohibit health care providers (including public entities) from using the fact that an employee reported patient safety data in an adverse employment action against the employee. CBO estimates that these mandates would impose no requirements on states that would result in additional spending; thus, the threshold as established by UMRA would not be exceeded ($59 million in 2003, adjusted annually for inflation). Estimated impact on the private sector: The bill contains private-sector mandates, as defined in UMRA, on manufacturers, packagers, and labelers of drugs and biological products and on health care providers. Because the specific requirements of the bill would depend on the future actions of the Secretary of Health and Human Services, however, CBO cannot determine whether the direct cost of the mandates would exceed the annual threshold specified in UMRA ($117 million in 2003, adjusted annually for inflation). Under the bill, manufacturers, packagers, and labelers would be required to include a computer-scannable unique product identifier on the packaging of drugs and biological products. Many drug products are currently labeled with such identifiers, but many are not. Of the approximately 200,000 over-the-counter and prescription drug products currently on the market, over one quarter are over-the-counter drugs--nearly all of which already contain universal product codes at the shelf-keeping unit level. In addition, a growing percentage of prescription drugs administered in hospitals are labeled with computer-scannable unique product identifiers. It is unclear whether existing identifiers would meet the requirements of the Secretary. Adding unique product identifiers would impose costs for products that do not now contain them, and potentially for products that already contain similar information. Under the bill, the Secretary would determine how much standardization of identifiers would be required. The Secretary also would determine what information would have to be included on the identifiers. If identifiers were required to include only the National Drug Code associated with that product, for example, industry costs would be lower than if the identifiers also had to include the lot number and expiration date of the product. The specific details of the requirements imposed by the Secretary, including how quickly the new requirements would have to be implemented, would determine whether the cost of this mandate would exceed the threshold specified in UMRA. The bill also would impose a mandate on health care providers, by not allowing them to use the fact that an employee reported patient safety data in an adverse employment action against the employee. This mandate would not have any direct cost, however, because there are no activities that health care providers would undertake under current law that they would be prohibited from undertaking under the bill (because patient safety data, as defined in the bill, do not exist under current law). Estimate prepared by: Federal revenues and outlays: Alexis Ahlstrom, Julia Christensen, Margaret Nowak, and Chris Topoleski; impact on state, local, and tribal governments: Leo Lex; impact on the private sector: Dan Wilmoth. Estimate approved by: Peter H. Fontaine, Deputy Assistant Director for Budget Analysis. Federal Mandates Statement The Committee adopts as its own the estimate of Federal mandates prepared by the Director of the Congressional Budget Office pursuant to section 423 of the Unfunded Mandates Reform Act. Advisory Committee Statement No advisory committees within the meaning of section 5(b) of the Federal Advisory Committee Act were created by this legislation. Constitutional Authority Statement Pursuant to clause 3(d)(1) of rule XIII of the Rules of the House of Representatives, the Committee finds that the Constitutional authority for this legislation is provided in Article I, section 8, clause 3, which grants Congress the power to regulate commerce with foreign nations, among the several States, and with the Indian tribes. Applicability to Legislative Branch The Committee finds that the legislation does not relate to the terms and conditions of employment or access to public services or accommodations with the meaning of section 102(b)(3) of the Congressional Accountability Act. Section-by-Section Analysis of the Legislation Section 1. Short title Section 1 establishes the short title as the Patient Safety and Quality Improvement Act. Section 2. Findings and purposes Section 2. sets out a number of findings and purposes related to patient safety and initiatives to improve patient safety. Section 3. Amendments to Public Health Service Act Section 3 would establish a new Part C in Title IX of the Public Health Service Act to encourage a voluntary reporting system for patient safety data as set out below. Section 921. Definitions The bill would add a new section 921 to identify and define the elements of a new voluntary reporting system, including the terms ``identifiable information,'' ``non-identifiable information,'' ``patient safety evaluation system,'' ``patient safety organization,'' ``patient safety work product,'' and ``provider.'' Identifiable information is defined as information that reveals the patient, individual provider, and/or the provider organization. With respect to patients, the term includes individually identifiable health information as defined in the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Non-identifiable information includes de-identified patient level information as specified in HIPAA as well as information that does not reveal the individual provider or provider organization. A patient safety organization is defined as requiring a certification under new section 925. Once a certification of a patient safety organization is provided by a state or federal governmental organization, a provider may rely on that certification with respect to privileges available for patient safety work product. The activities listed in the definition are general categories of activities or functions the patient safety organization is required to perform in order to receive a safety and quality; (2) the collection and analysis of information submitted by providers; (3) the development and dissemination of recommendations, protocols, or best practices; (4) the utilization of reported information limited to the activities described; (5) the maintenance of confidentially with respect to individually-identifiable information; (6) the provision of appropriate security measures with respect to reported information; and, (7) the submission of non- identifiable information to the Agency for Health Research and Quality consistent with standard established by the Secretary for any National Patient Safety Database. The definition of patient safety work product contains several parts, and a document or communication is patient safety work product if it fall into any of the categories in clauses (5)(A)(i)-(iii). A document may be patient safety work product for multiple reasons. For example, a patient safety organization may prepare a memorandum describing its request for further collection of information from the reporting provider. The memorandum of the patient safety organization is both a document created by the patient safety organization and a document that would reveal the deliberations or analytic process of a patient safety evaluation system. Any memorandum of the provider that reveals the deliberations or analytic process of a patient safety evaluation system would also be patient safety work product. Subparagraph 5(B) explains documents or communications that are not covered under clause (5)(A)(i). The Committee understands that it is likely and appropriate for a provider to keep a copy of documents and possible logs of communications under (5)(A)(i) that are reported to the patient safety organization. Generally, such copies are also patient safety work product. On the other hand, there may be documents or communications that are part of traditional medical record keeping (such as patients' medical records, billing records, guidance and procedures, hospital policies, logs of operations, records of drug deliveries, primary information on the time of events), all of which may be sent to a patient safety organization, but the originals or copies of such documents are developed maintained or exist separately from any patient safety evaluation system. These documents may be relevant to a patient safety evaluation system but also are available for other purposes and are not covered under 5(A)(i). In such circumstances, such documents or communications at the provider are not patient safety work product. Section 922. Privilege for patient safety work product New section 922 creates a privilege for patient safety work product. The owner of the privilege may not be coerced into waiving such privilege. New paragraph 922(a)(5) sets out some points with respect to the possibility that a patient safety organization is a component of a national accreditation organization. This paragraph is essentially a clarification of some general rules elsewhere in the Act that require patient safety organizations that are components to maintain patient safety work product separately from the rest of the organization. The paragraph also clarifies that no one may coerce a provider into contracting with or reporting to a patient safety organization. Contracting with a patient safety organization must at all times be a voluntary decision on the part of a provider. Subsection 922(b) sets out protections for individuals who report information to providers, with the intent that the information is reported to a patient safety organization, or who report directly to a patient safety organization. A provider may not use the fact that an individual reported against the individual in any adverse employment action. An adverse employment action includes traditional actions such as firing the individual. The term also includes other adverse actions, such as a failure to promote an individual, an adverse evaluation, or any adverse accreditation, licensing, or certification decision. Subsection 922(c) states that nothing in this section prohibits any of a number of categories of disclosures. Under new paragraph 922(c)(2), nothing in the section prohibits the voluntary disclosure of identifiable information by a provider or patient safety organization provided such disclosure meets 3 tests. First, the provider must authorize the disclosure for the purposes of improving quality and safety. The term improving quality and safety can also include voluntarily providing useful information for improving quality and safety through accreditation systems. Second, under subparagraph 922(c)(2), such voluntary disclosure must be an entity or person subject to the requirements of section 264(c) of HIPAA, or any regulations promulgated under that section. Finally, the disclosure must not be in conflict with such section or any regulation promulgated under such section of HIPAA. The Committee intends this approach to ensure that individually identifiable health information as that term is used under regulations under section 264(c) of HIPAA remain subject to those provisions and that nothing in the new law removes any confidentiality protection otherwise available for individually identifiable health information of patients. Voluntary disclosure of non-identifiable information in patient safety work product is always allowable and does not itself, under subsection 992(d), waive any privilege. Subsection 922(d) sets out that the privilege is not waived based on disclosures listed in the subsection. The Committee understands that non-identifiable information may be voluntarily disclosed and subsequently incorporated in other publicly available documents or studies. Those subsequent documents or studied are not the subject of the privilege under this section because they are publicly available and involve voluntary disclosure. Subsection (e) sets out a penalty for disclosures of patient safety work product in violation of section 922, if such disclosure constitutes a negligent or knowing breach of confidentiality. The protections of enforcement provisions of HIPAA and ensuring regulations continue to apply. Where a party would be subject to sanctions under the HIPAA scheme, those sanctions are exclusive for the same disclosure. The new penalty provisions in new section 992(e) would not apply. In addition, the new penalty only applies to the first person who breaches confidentiality with respect to particular patient safety work product. New subsection 922(f) deems that a patient safety organization shall be treated as a business associate for purposes of section 264(c) of HIPAA. The activities of such organization described in section 921(4) are deemed to be health care operations of the provider. Other than on these two points, nothing alters or effects the implementation of section 264(c) of HIPAA or regulations under section 264(c). New subsection 922(g) is a savings clause for privileges, including peer-review and confidentiality protections that are otherwise available under Federal or State laws. New subsection 922(h) is also a savings clause. Providers and patient safety organizations can enter contracts that increase confidentiality or restrict the use of information for purposes of the relationship between the contracting parties, so long as the contracts do not conflict with this Act or any other laws. Parties may, by contract, delegate the authority to make an authorized disclosure that is otherwise permissible under the Act. New subsection 922(i) is a savings clause concerning state reporting requirements. State reporting requirements cannot require reporting of patient safety work product but can require reporting of primary medical information and other documents or communications that are not patient safety work product. Such reporting requirements may even require providers to produce reports that are similar in basic function to reports being provided to a patient safety organization. However, patient safety work product itself, as defined in this Act, remains privileged. New subsection 922(j) explains that patient safety work product remains privileged and confidential, in accordance with this section, even where a patient safety organization has its certification terminated or revoked or otherwise ceases to qualify as a patient safety organization. New subsection 922(k) requires the Secretary to provide a report on effective strategies for reducing medical errors and increasing patient safety, including any appropriate measures to encourage the use of these strategies in federally funded programs. Section 923. National database New section 923 requires the Secretary to: (1) establish a National Patient Safety Database to collect reported, non- identifiable information concerning patient safety; (2) analyze national and regional statistics on health care errors; (3) offer technical assistance to patient safety organizations including dissemination of methodologies and evidence-based information on quality improvement; and, (4) establish commonformats for reporting data to the National Patient Safety Database in consultation with representatives from patient safety organizations, the provider community, and health care information technology industry. The Secretary would also be permitted to enter into contracts with private and public entities to administer the Database. The database will contain only non-identifiable information that precludes the identification of any provider, patient, or reporter of the information. Identifiable information will not be transferred to the database. The Secretary will ensure that methods of data collection recommended by the interagency Patient Safety Task Force in the Department of Health and Human Services are utilized in effort to maximize the efficiency and utility of common data collection efforts across agencies. If feasible, the Secretary will also facilitate a direct link between patient safety organizations and the National Patient Safety Database to allow for real time exchange of non- identifiable information. There are authorized to be appropriated such sums as may be necessary for each fiscal year to carry out this section. Section 924. Technical assistance New section 924 states that the Secretary may provide technical assistance to patient safety organizations and states with reporting systems and may provide guidance on the type of data to submit to the National Patient Safety Database. This assistance may include annual meetings to share methods and any concerns regarding confidentiality. Section 925. Certification of patient safety organizations New section 925 requires the Secretary to set up a process for certification of patient safety organizations that includes a number of elements. Certifications must be performed by the Secretary or by state or federal governmental organizations that have been approved by the Secretary. Certifications must be reviewed by the appropriate certifying organization every three years. The certifying organization has the authority to revoke certifications upon a showing of cause. New subsection 925(c) sets out criteria a patient safety organization must meet as conditions of certification. Paragraph 925(c)(5) states that the mission of a patient safety organization must be to conduct activities to improve quality and safety and must not create a conflict of interest with the providers contracting with it. A patient safety organization must be managed, controlled, and operated independently from any provider that contracts with the patient safety organization for reporting patient safety work product. Patient safety organizations may not, for example, be subsidiaries or partners of providers that contract with them. The contract hiring the patient safety organization, terms therein, or requests for analyses do not form a basis for a violation of this paragraph. It is not the intent of the Committee to disqualify a patient safety organization that meets the independence requirements and is established by a broader-based alliance or organization of providers in which no single or subset of providers can influence (through ownership or other interest) the policies or activities of the alliance or organization or of the patient safety organization. New paragraph 925(d) sets out certain additional requirements for patient safety organizations that are components of other organizations. For example, the patient safety component must maintain patient safety work product separately from the rest of the organization and establish appropriate security measures to safeguard the confidentiality of the patient safety work product. Also, the mission of the patient safety component must not create a conflict of interest with the rest of the organization. Section 4. Promoting the diffusion and interoperability of health care information technology systems involved with health care delivery Section 4 requires the Secretary within 18 months of enactment to develop or adopt (and periodically review and update) voluntary, national standards that promote the interoperability of health care information technology systems across all health care settings, including but not limited to computer physician order entry. The Secretary must take into account (1) the ability of the standards to promote the aggregation of clinical data, electronic exchange of medical records, and evidence based medicine and (2) the costs to the health care system and any efficiencies that result from the adoption of these standards. These standards would be developed with consideration of reports and opinions of the National Committee for Vital and Health Statistics and in consultation with health information technology industry and providers. The Secretary is required to report to Congress on the interoperability standards but there is no requirement to issue regulations. The Secretary, to the extent practicable, shall test the efficiency, usability, and scalability of proposed interoperability standards within a variety of clinical settings, including an urban academic medical center, a rural hospital, a community health center, and a community hospital. It is the intent of the Committee that this testing would demonstrate the effectiveness of the voluntary national standards and encourage industry to comply with them. Section 5. Required use of product identification technology Section 5 amends the Federal Food, Drug, and Cosmetic Act by adding to section 510 a requirement for the Secretary to issue regulations for unique product identification for drug and biological products. These regulations would require manufacturers and entities that label and package drugs and biological products to use unique product identifiers on the packaging of each product. This includes bar codes that can be read by scanners and other unique identifiers that can be read through other technologies as deemed acceptable by the Secretary. Identifiers will be based on the national Drug Code or other standards that are either commercially acceptable or deemed appropriate by the Secretary. The Secretary will have the authority to waive these regulatory requirements or add provisions in order to safeguard the public health. Under this section, the FFDCA is also amended by adding to section 502 that a drug or biological product without a unique product identifier, as required by regulations under section 510, is considered misbranded. Section 6. Grants for electronic prescribing Section 6 would make grants available to physicians and other health care professionals licensed to prescribe prescription drugs for technology or services necessary to establish electronic prescription programs in their practices. Grantees would have to fund 50 percent of the cost of the electronic prescription program in order to receive a grant. Under this section, the Agency for Healthcare Research and Quality would conduct a study of the cost-effectiveness of electronic prescription programs based on the available scientific evidence. the study would evaluate (1) effectiveness of electronic prescribing in reducing medical errors, (2) strategies used to overcome barriers to electronic prescribing, and, (3) the impact of electronic prescribing on physicians, pharmacists, and patients. A report would be presented to Congress within 18 months of enactment and made available to relevant public and private entities. Under this section, the Agency would also be allowed to develop an Internet-based decision analytic model to allow prescribing clinicians to simulate the health and economic impact of electronic prescribing on their individual practices. This model would assist clinicians in making informed decisions regarding the use of electronic prescription programs. Section 7. Grants for hospitals and other health care providers for information technologies Under section 7, matching grants would be available to hospitals and other health care providers who apply to obtain new or improved computer hardware and software for the purposes of improving patient safety, health care quality, and reducing adverse events and health care complications resulting from medication errors. Grants would cover 50 percent of the costs of information technologies and would only be available once to grantees. Grantees would be required to measure, analyze, and report the effect of the information technologies on medical errors. Interim and final reports would be required at 1 and 3 years, respectively. The final \1/3\ of each grant would not be disbursed until the grantee submitted the interim report at 1 year. Any sums necessary for this grant program would be authorized for appropriations until 2011. Section 8. Grants for hospitals and other health care providers for information technologies Section 8 authorizes $25,000,000 to be appropriated for each of fiscal years 2004 and 2005 for the purpose of carrying out sections 6 and 7. Changes in Existing Law Made by the Bill, as Reported In compliance with clause 3(e) of rule XIII of the Rules of the House of Representatives, changes in existing law made by the bill, as reported, are shown as follows (existing law proposed to be omitted is enclosed in black brackets, new matter is printed in italic, existing law in which no change is proposed is shown in roman): TITLE IX OF THE PUBLIC HEALTH SERVICE ACT TITLE IX--AGENCY FOR HEALTHCARE RESEARCH AND QUALITY * * * * * * * PART B--HEALTH CARE IMPROVEMENT RESEARCH * * * * * * * SEC. 912. PRIVATE-PUBLIC PARTNERSHIPS TO IMPROVE ORGANIZATION AND DELIVERY. (a) * * * * * * * * * * (c) Reducing Errors in Medicine.--The Director shall, in accordance with part C, conduct and support research and build private-public partnerships to-- (1) * * * * * * * * * * PART C--PATIENT SAFETY IMPROVEMENT SEC. 921. DEFINITIONS. In this part: (1) Identifiable information.--The term ``identifiable information'' means information that is presented in a form and manner that allows the identification of any provider, patient, or reporter of patient safety work product. With respect to patients, such information includes any individually identifiable health information as that term is defined in the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033). (2) Nonidentifiable information.--The term ``nonidentifiable information'' means information that is presented in a form and manner that prevents the identification of any provider, patient, or reporter of patient safety work product. With respect to patients, such information must be de-identified consistent with the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033). (3) Patient safety evaluation system.--The term ``patient safety evaluation system'' means a process that involves the collection, management, or analysis of information for submission to or by a patient safety organization. (4) Patient safety organization.--The term ``patient safety organization'' means a private or public organization or component thereof that is certified, through a process to be determined by the Secretary under section 925, to perform each of the following activities: (A) The conduct, as the organization or component's primary activity, of efforts to improve patient safety and the quality of health care delivery. (B) The collection and analysis of patient safety work product that is submitted by providers. (C) The development and dissemination of evidence-based information to providers with respect to improving patient safety, such as recommendations, protocols, or information regarding best practices. (D) The utilization of patient safety work product to carry out activities limited to those described under this paragraph and for the purposes of encouraging a culture of safety and of providing direct feedback and assistance to providers to effectively minimize patient risk. (E) The maintenance of confidentiality with respect to identifiable information. (F) The provision of appropriate security measures with respect to patient safety work product. (G) The submission of nonidentifiable information to the Agency consistent with standards established by the Secretary under section 923(b) for any National Patient Safety Database. (5) Patient safety work product.-- (A) The term ``patient safety work product'' means any document or communication (including any information, report, record, memorandum, analysis, deliberative work, statement, or root cause analysis) that-- (i) except as provided in subparagraph (B), is developed by a provider for the purpose of reporting to a patient safety organization, and is reported to a patient safety organization; (ii) is created by a patient safety organization; or (iii) would reveal the deliberations or analytic process of a patient safety evaluation system (as defined in paragraph (3)). (B)(i) Patient safety work product described in subparagraph (A)(i)-- (I) does not include any separate information described in clause (ii); and (II) shall not be construed to include such separate information merely by reason of inclusion of a copy of the document or communication involved in a submission to, or the fact of submission of such a copy to, a patient safety organization. (ii) Separate information described in this clause is a document or communication (including a patient's medical record or any other patient or hospital record) that is developed or maintained, or exists, separately from any patient safety evaluation system. (C) Information available from sources other than a patient safety work product under this section may be discovered or admitted in a civil or administrative proceeding, if discoverable or admissible under applicable law. (6) Provider.--The term ``provider'' means-- (A) an individual or entity licensed or otherwise authorized under State law to provide health care services, including-- (i) a hospital, nursing facility, comprehensive outpatient rehabilitation facility, home health agency, and hospice program; (ii) a physician, physician assistant, nurse practitioner, clinical nurse specialist, certified nurse midwife, psychologist, certified social worker, registered dietitian or nutrition professional, physical or occupational therapist, or other individual health care practitioner; (iii) a pharmacist; and (iv) a renal dialysis facility, ambulatory surgical center, pharmacy, physician or health care practitioner's office, long-term care facility, behavioral health residential treatment facility, clinical laboratory, or community health center; or (B) any other person or entity specified in regulations by the Secretary after public notice and comment. SEC. 922. PRIVILEGE FOR PATIENT SAFETY WORK PRODUCT. (a) Privilege.--Notwithstanding any other provision of law and subject to subsection (c), patient safety work product shall not be-- (1) subject to a civil or administrative subpoena or order; (2) subject to discovery in connection with a civil or administrative proceeding; (3) subject to disclosure pursuant to section 552 of title 5, United States Code (commonly known as the Freedom of Information Act), or any other similar Federal or State law; (4) required to be admitted as evidence or otherwise disclosed in any State or Federal civil or administrative proceeding; or (5) if the patient safety work product is identifiable information and is received by a national accreditation organization in its capacity as a patient safety organization-- (A) used by a national accreditation organization in an accreditation action against the provider that reported the information; (B) shared by such organization with its survey team; or (C) required as a condition of accreditation by a national accreditation association. (b) Reporter Protection.-- (1) In general.--A provider may not use against an individual in an adverse employment action described in paragraph (2) the fact that the individual in good faith reported information-- (A) to the provider with the intention of having the information reported to a patient safety organization; or (B) directly to a patient safety organization. (2) Adverse employment action.--For purposes of this subsection, an ``adverse employment action'' includes-- (A) the failure to promote an individual or provide any other employment-related benefit for which the individual would otherwise be eligible; (B) an adverse evaluation or decision made in relation to accreditation, certification, credentialing, or licensing of the individual; and (C) a personnel action that is adverse to the individual concerned. (3) Remedies.--Any provider that violates this subsection shall be subject to a civil monetary penalty of not more than $20,000 for each such violation involved. Such penalty shall be imposed and collected in the same manner as civil money penalties under subsection (a) of section 1128A of the Social Security Act are imposed and collected. (c) Disclosures.--Nothing in this section prohibits any of the following disclosures: (1) Voluntary disclosure of nonidentifiable information. (2) Voluntary disclosure of identifiable information by a provider or patient safety organization, if such disclosure-- (A) is authorized by the provider for the purposes of improving quality and safety; (B) is to an entity or person subject to the requirements of section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033), or any regulation promulgated under such section; and (C) is not in conflict with such section or any regulation promulgated under such section. (3) Disclosure as required by law by a provider to the Food and Drug Administration, or on a voluntary basis by a provider to a federally established patient safety program, with respect to an Administration- regulated product or activity for which that entity has responsibility, for the purposes of activities related to the quality, safety, or effectiveness of such Administration-regulated product or activity. (4) Disclosures of patient safety work product in accordance with this part by a provider to a patient safety organization. (d) Effect of Transfer, Disclosure.--The following shall not be treated as a waiver of any privilege or protection established under this part: (1) The transfer of any patient safety work product between a provider and a patient safety organization. (2) Disclosure of patient safety work product as described in subsection (c). (3) The unauthorized disclosure of patient safety work product. (e) Penalty.-- (1) Prohibition.--Except as provided in this part, and subject to paragraphs (2) and (4), it shall be unlawful for any person to disclose patient safety work product in violation of this section, if such disclosure constitutes a negligent or knowing breach of confidentiality. (2) Relation to HIPAA.--The penalty under paragraph (3) for a disclosure in violation of paragraph (1) does not apply if the person would be subject to a penalty under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033), or any regulation promulgated under such section, for the same disclosure. (3) Amount.--Any person who violates paragraph (1) shall be subject to a civil monetary penalty of not more than $10,000 for each such violation involved. Such penalty shall be imposed and collected in the same manner as civil money penalties under subsection (a) of section 1128A of the Social Security Act are imposed and collected. (4) Subsequent disclosure.--Paragraph (1) applies only to the first person that breaches confidentiality with respect to particular patient safety work product. (f) Relation to HIPAA.-- (1) In general.--For purposes of applying the regulations promulgated pursuant to section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191; 110 Stat. 2033)-- (A) patient safety organizations shall be treated as business associates; and (B) activities of such organizations described in section 921(4) in relation to a provider are deemed to be health care operations (as defined in such regulations) of the provider. (2) Rule of construction.--Nothing in this section shall be construed to alter or affect the implementation of such regulations or such section 264(c). (g) No Limitation of Other Privileges.--Nothing in this section shall be construed to affect privileges, including peer review and confidentiality protections, that are otherwise available under Federal or State laws. (h) No Limitation on Contracts.--Nothing in this section shall be construed to limit the power of a provider and a patient safety organization, or a patient safety organization and the Agency or any National Patient Safety Database, consistent with the provisions of this Act and other applicable law, to enter into a contract requiring greater confidentiality or delegating authority to make an authorized disclosure. (i) Relation to State Reporting Requirements.--Nothing in this part shall be construed as preempting or otherwise affecting any State law requiring a provider to report information, including information described in section 921(5)(B), that is not patient safety work product. (j) Continuation of Privilege.--Patient safety work product of an organization that is certified as a patient safety organization shall continue to be privileged and confidential, in accordance with this section, if the organization's certification is terminated or revoked or if the organization otherwise ceases to qualify as a patient safety organization. (k) Reports on Strategies To Improve Patient Safety.-- (1) Draft report.--Not later than the date that is 18 months after any National Patient Safety Database is operational, the Secretary, in consultation with the Director, shall prepare a draft report on effective strategies for reducing medical errors and increasing patient safety. The draft report shall include any measure determined appropriate by the Secretary to encourage the appropriate use of such strategies, including use in any federally funded programs. The Secretary shall make the draft report available for public comment and submit the draft report to the Institute of Medicine for review. (2) Final report.--Not later than 1 year after the date described in paragraph (1), the Secretary shall submit a final report to the Congress that includes, in an appendix, any findings by the Institute of Medicine concerning research on the strategies discussed in the draft report and any modifications made by the Secretary based on such findings. SEC. 923. NATIONAL DATABASE. (a) Authority.-- (1) In general.--In conducting activities under this part, the Secretary shall provide for the establishment and maintenance of a database to receive relevant nonidentifiable patient safety work product, and may designate entities to collect relevant nonidentifiable patient safety work product that is voluntarily reported by patient safety organizations upon the request of the Secretary. Any database established or designated under this paragraph may be referred to as a ``National Patient Safety Database''. (2) Use of information.--Information reported to any National Patient Safety Database shall be used to analyze national and regional statistics, including trends and patterns of health care errors. The information resulting from such analyses may be included in the annual quality reports prepared under section 913(b)(2). (3) Advisory role.--The Secretary shall provide scientific support to patient safety organizations, including the dissemination of methodologies and evidence-based information related to root causes and quality improvement. (b) Standards.--In establishing or designating a database under subsection (a)(1), the Secretary shall, in consultation with representatives of patient safety organizations, the provider community, and the health information technology industry, determine common formats for the voluntary reporting of nonidentifiable patient safety work product, including necessary elements, common and consistent definitions, and a standardized computer interface for the processing of the work product. To the extent practicable, such standards shall be consistent with the administrative simplification provisions of part C of title XI of the Social Security Act. (c) Certain Methodologies for Collection.--The Secretary shall ensure that the methodologies for the collection of nonidentifiable patient safety work product for any National Patient Safety Database include the methodologies developed or recommended by the Patient Safety Task Force of the Department of Health and Human Services. (d) Facilitation of Information Exchange.--To the extent practicable, the Secretary may facilitate the direct link of information between providers and patient safety organizations and between patient safety organizations and any National Patient Safety Database. (e) Restriction on Transfer.--Only nonidentifiable information may be transferred to any National Patient Safety Database. SEC. 924. TECHNICAL ASSISTANCE. (a) In General.--The Secretary, acting through the Director, may-- (1) provide technical assistance to patient safety organizations, and to States with reporting systems for health care errors; and (2) provide guidance on the type of data to be voluntarily submitted to any National Patient Safety Database. (b) Annual Meetings.--Assistance provided under subsection (a) may include annual meetings for patient safety organizations to discuss methodology, communication, information collection, or privacy concerns. SEC. 925. CERTIFICATION OF PATIENT SAFETY ORGANIZATIONS. (a) In General.--Not later than 6 months after the date of enactment of the Patient Safety and Quality Improvement Act, the Secretary shall establish a process for certifying patient safety organizations. (b) Process.--The process established under subsection (a) shall include the following: (1) Certification of patient safety organizations by the Secretary or by such other national or State governmental organizations as the Secretary determines appropriate. (2) If the Secretary allows other governmental organizations to certify patient safety organizations under paragraph (1), the Secretary shall establish a process for approving such organizations. Any such approved organization shall conduct certifications and reviews in accordance with this section. (3) A review of each certification under paragraph (1) (including a review of compliance with each criterion in this section and any related implementing standards as determined by the Secretary through rulemaking) not less often than every 3 years, as determined by the Secretary. (4) Revocation of any such certification by the Secretary or other such governmental organization that issued the certification, upon a showing of cause. (c) Criteria.--A patient safety organization must meet the following criteria as conditions of certification: (1) The mission of the patient safety organization is to conduct activities that are to improve patient safety and the quality of health care delivery and is not in conflict of interest with the providers that contract with the patient safety organization. (2) The patient safety organization has appropriately qualified staff, including licensed or certified medical professionals. (3) The patient safety organization, within any 2 year period, contracts with more than 1 provider for the purpose of receiving and reviewing patient safety work product. (4) The patient safety organization is not a component of a health insurer or other entity that offers a group health plan or health insurance coverage. (5) The patient safety organization is managed, controlled, and operated independently from any provider that contracts with the patient safety organization for reporting patient safety work product. (6) To the extent practical and appropriate, the patient safety organization collects patient safety work product from providers in a standardized manner that permits valid comparisons of similar cases among similar providers. (d) Additional Criteria for Component Organizations.--If a patient safety organization is a component of another organization, the patient safety organization must, in addition to meeting the criteria described in subsection (c), meet the following criteria as conditions of certification: (1) The patient safety organization maintains patient safety work product separately from the rest of the organization, and establishes appropriate security measures to maintain the confidentiality of the patient safety work product. (2) The patient safety organization does not make an unauthorized disclosure under this Act of patient safety work product to the rest of the organization in breach of confidentiality. (3) The mission of the patient safety organization does not create a conflict of interest with the rest of the organization. PART [C] D--GENERAL PROVISIONS SEC. [921] 931. ADVISORY COUNCIL FOR HEALTHCARE RESEARCH AND QUALITY. (a) * * * * * * * * * * SEC. [922] 932. PEER REVIEW WITH RESPECT TO GRANTS AND CONTRACTS. (a) * * * * * * * * * * SEC. [923] 933. CERTAIN PROVISIONS WITH RESPECT TO DEVELOPMENT, COLLECTION, AND DISSEMINATION OF DATA. (a) * * * * * * * * * * SEC. [924] 934. DISSEMINATION OF INFORMATION. (a) * * * * * * * * * * SEC. [925] 935. ADDITIONAL PROVISIONS WITH RESPECT TO GRANTS AND CONTRACTS. (a) * * * * * * * * * * SEC. [926] 936. CERTAIN ADMINISTRATIVE AUTHORITIES. (a) * * * * * * * * * * SEC. [927] 937. FUNDING. (a) * * * * * * * * * * (e) Patient Safety and Quality Improvement.--For the purpose of carrying out part C, there are authorized to be appropriated such sums as may be necessary for each of the fiscal years 2004 through 2008. SEC. [928] 938. DEFINITIONS. In this title: (1) Advisory council.--The term ``Advisory Council'' means the National Advisory Council on Healthcare Research and Quality established under section [921] 931. * * * * * * * ---------- FEDERAL FOOD, DRUG, AND COSMETIC ACT * * * * * * * CHAPTER V--DRUGS AND DEVICES Subchapter A--Drugs and Devices * * * * * * * misbranded drugs and devices Sec. 502. A drug or device shall be deemed to be misbranded-- (a) * * * * * * * * * * (w) If it is a drug or biological product, unless it includes a unique product identifier for the drug or biological product as required by regulations under section 510(q). * * * * * * * registration of producers of drugs and devices Sec. 510. (a) * * * * * * * * * * (q)(1) The Secretary shall issue, and may periodically revise, regulations requiring the manufacturer of any drug or biological product that is subject to regulation by the Food and Drug Administration, or the packager or labeler of a drug or biological product that is subject to regulation by the Food and Drug Administration, to include a unique product identifier on the packaging of the drug or biological product. (2) For purposes of this subsection, the term ``unique product identifier'' means an identification that-- (A) is affixed by the manufacturer, labeler, or packager to each drug or biological product described in paragraph (1) at each packaging level; (B) uniquely identifies the item and meets the standards required by this section; and (C) can be read by a scanning device or other technology acceptable to the Secretary. (3) A unique product identifier required by regulations issued or revised under paragraph (1) shall be based on-- (A) the National Drug Code maintained by the Food and Drug Administration; (B) commercially accepted standards established by organizations that are accredited by the American National Standards Institute, such as the Health Industry Business Communication Council or the Uniform Code Council; or (C) other identification formats that the Secretary deems appropriate. (4) The Secretary may, at the Secretary's discretion, waive the requirements of this section, or add additional provisions that are necessary to safeguard the public health. * * * * * * *