[House Report 109-197]
[From the U.S. Government Publishing Office]
109th Congress Report
HOUSE OF REPRESENTATIVES
1st Session 109-197
======================================================================
PATIENT SAFETY AND QUALITY IMPROVEMENT ACT OF 2005
_______
July 27, 2005.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
_______
Mr. Barton of Texas, from the Committee on Energy and Commerce,
submitted the following
R E P O R T
[To accompany H.R. 3205]
[Including cost estimate of the Congressional Budget Office]
The Committee on Energy and Commerce, to whom was referred
the bill (H.R. 3205) to amend title IX of the Public Health
Service Act to provide for the improvement of patient safety
and to reduce the incidence of events that adversely affect
patient safety, and for other purposes, having considered the
same, report favorably thereon with an amendment and recommend
that the bill as amended do pass.
CONTENTS
Page
Amendment........................................................ 2
Purpose and Summary.............................................. 9
Background and Need for Legislation.............................. 9
Hearings......................................................... 9
Committee Consideration.......................................... 10
Committee Votes.................................................. 10
Committee Oversight Findings..................................... 10
Statement of General Performance Goals and Objectives............ 10
New Budget Authority, Entitlement Authority, and Tax Expenditures 10
Committee Cost Estimate.......................................... 10
Congressional Budget Office Estimate............................. 10
Federal Mandates Statement....................................... 13
Advisory Committee Statement..................................... 13
Constitutional Authority Statement............................... 13
Applicability to Legislative Branch.............................. 13
Section-by-Section Analysis of the Legislation................... 13
Changes in Existing Law Made by the Bill, as Reported............ 18
Amendment
The amendment is as follows:
Strike all after the enacting clause and insert the
following:
SECTION 1. SHORT TITLE; TABLE OF CONTENTS.
(a) Short Title.--This Act may be cited as the ``Patient Safety and
Quality Improvement Act of 2005''.
(b) Table of Contents.--The table of contents for this Act is as
follows:
Sec. 1. Short title; table of contents.
Sec. 2. Amendments to Public Health Service Act.
``Part C--Patient Safety Improvement
``Sec. 921. Definitions.
``Sec. 922. Privilege and confidentiality protections.
``Sec. 923. Network of patient safety databases.
``Sec. 924. Patient safety organization certification and
listing.
``Sec. 925. Technical assistance.
``Sec. 926. Severability.
SEC. 2. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT.
(a) In General.--Title IX of the Public Health Service Act (42 U.S.C.
299 et seq.) is amended--
(1) in section 912(c), by inserting ``, in accordance with
part C,'' after ``The Director shall'';
(2) by redesignating part C as part D;
(3) by redesignating sections 921 through 928, as sections
931 through 938, respectively;
(4) in section 938(1) (as so redesignated), by striking
``921'' and inserting ``931''; and
(5) by inserting after part B the following:
``PART C--PATIENT SAFETY IMPROVEMENT
``SEC. 921. DEFINITIONS.
``In this part:
``(1) HIPAA confidentiality regulations.--The term `HIPAA
confidentiality regulations' means regulations promulgated
under section 264(c) of the Health Insurance Portability and
Accountability Act of 1996 (Public Law 104-191; 110 Stat.
2033).
``(2) Identifiable patient safety work product.--The term
`identifiable patient safety work product' means patient safety
work product that--
``(A) is presented in a form and manner that allows
the identification of any provider that is a subject of
the work product, or any providers that participate in
activities that are a subject of the work product;
``(B) constitutes individually identifiable health
information as that term is defined in the HIPAA
confidentiality regulations; or
``(C) is presented in a form and manner that allows
the identification of an individual who reported
information in the manner specified in section 922(e).
``(3) Nonidentifiable patient safety work product.--The term
`nonidentifiable patient safety work product' means patient
safety work product that is not identifiable patient safety
work product (as defined in paragraph (2)).
``(4) Patient safety organization.--The term `patient safety
organization' means a private or public entity or component
thereof that is listed by the Secretary pursuant to section
924(d).
``(5) Patient safety activities.--The term `patient safety
activities' means the following activities:
``(A) Efforts to improve patient safety and the
quality of health care delivery.
``(B) The collection and analysis of patient safety
work product.
``(C) The development and dissemination of
information with respect to improving patient safety,
such as recommendations, protocols, or information
regarding best practices.
``(D) The utilization of patient safety work product
for the purposes of encouraging a culture of safety and
of providing feedback and assistance to effectively
minimize patient risk.
``(E) The maintenance of procedures to preserve
confidentiality with respect to patient safety work
product.
``(F) The provision of appropriate security measures
with respect to patient safety work product.
``(G) The utilization of qualified staff.
``(H) Activities related to the operation of a
patient safety evaluation system and to the provision
of feedback to participants in a patient safety
evaluation system.
``(6) Patient safety evaluation system.--The term `patient
safety evaluation system' means the collection, management, or
analysis of information for reporting to or by a patient safety
organization.
``(7) Patient safety work product.--
``(A) In general.--Except as provided in subparagraph
(B), the term `patient safety work product' means any
data, reports, records, memoranda, analyses (such as
root cause analyses), or written or oral statements--
``(i) which--
``(I) are assembled or developed by a
provider for reporting to a patient
safety organization and are reported to
a patient safety organization; or
``(II) are developed by a patient
safety organization for the conduct of
patient safety activities;
and which could result in improved patient
safety, health care quality, or health care
outcomes; or
``(ii) which identify or constitute the
deliberations or analysis of, or identify the
fact of reporting pursuant to, a patient safety
evaluation system.
``(B) Clarification.--
``(i) Information described in subparagraph
(A) does not include a patient's medical
record, billing and discharge information, or
any other original patient or provider record.
``(ii) Information described in subparagraph
(A) does not include information that is
collected, maintained, or developed separately,
or exists separately, from a patient safety
evaluation system. Such separate information or
a copy thereof reported to a patient safety
organization shall not by reason of its
reporting be considered patient safety work
product.
``(iii) Nothing in this part shall be
construed to limit--
``(I) the discovery of or
admissibility of information described
in this subparagraph in a criminal,
civil, or administrative proceeding;
``(II) the reporting of information
described in this subparagraph to a
Federal, State, or local governmental
agency for public health surveillance,
investigation, or other public health
purposes or health oversight purposes;
or
``(III) a provider's recordkeeping
obligation with respect to information
described in this subparagraph under
Federal, State, or local law.
``(8) Provider.--The term `provider' means--
``(A) an individual or entity licensed or otherwise
authorized under State law to provide health care
services, including--
``(i) a hospital, nursing facility,
comprehensive outpatient rehabilitation
facility, home health agency, hospice program,
renal dialysis facility, ambulatory surgical
center, pharmacy, physician or health care
practitioner's office, long term care facility,
behavior health residential treatment facility,
clinical laboratory, or health center; or
``(ii) a physician, physician assistant,
nurse practitioner, clinical nurse specialist,
certified registered nurse anesthetist,
certified nurse midwife, psychologist,
certified social worker, registered dietitian
or nutrition professional, physical or
occupational therapist, pharmacist, or other
individual health care practitioner; or
``(B) any other individual or entity specified in
regulations promulgated by the Secretary.
``SEC. 922. PRIVILEGE AND CONFIDENTIALITY PROTECTIONS.
``(a) Privilege.--Notwithstanding any other provision of Federal,
State, or local law, and subject to subsection (c), patient safety work
product shall be privileged and shall not be--
``(1) subject to a Federal, State, or local civil, criminal,
or administrative subpoena or order, including in a Federal,
State, or local civil or administrative disciplinary proceeding
against a provider;
``(2) subject to discovery in connection with a Federal,
State, or local civil, criminal, or administrative proceeding,
including in a Federal, State, or local civil or administrative
disciplinary proceeding against a provider;
``(3) subject to disclosure pursuant to section 552 of title
5, United States Code (commonly known as the Freedom of
Information Act) or any other similar Federal, State, or local
law;
``(4) admitted as evidence in any Federal, State, or local
governmental civil proceeding, criminal proceeding,
administrative rulemaking proceeding, or administrative
adjudicatory proceeding, including any such proceeding against
a provider; or
``(5) admitted in a professional disciplinary proceeding of a
professional disciplinary body established or specifically
authorized under State law.
``(b) Confidentiality of Patient Safety Work Product.--
Notwithstanding any other provision of Federal, State, or local law,
and subject to subsection (c), patient safety work product shall be
confidential and shall not be disclosed.
``(c) Exceptions.--Except as provided in subsection (g)(3)--
``(1) Exceptions from privilege and confidentiality.--
Subsections (a) and (b) shall not apply to (and shall not be
construed to prohibit) one or more of the following
disclosures:
``(A) Disclosure of relevant patient safety work
product for use in a criminal proceeding, but only
after a court makes an in camera determination that
such patient safety work product contains evidence of a
criminal act and that such patient safety work product
is material to the proceeding and not reasonably
available from any other source.
``(B) Disclosure of patient safety work product to
the extent required to carry out subsection (f)(4)(A).
``(C) Disclosure of identifiable patient safety work
product if authorized by each provider identified in
such work product.
``(2) Exceptions from confidentiality.--Subsection (b) shall
not apply to (and shall not be construed to prohibit) one or
more of the following disclosures:
``(A) Disclosure of patient safety work product to
carry out patient safety activities.
``(B) Disclosure of nonidentifiable patient safety
work product.
``(C) Disclosure of patient safety work product to
grantees, contractors, or other entities carrying out
research, evaluation, or demonstration projects
authorized, funded, certified, or otherwise sanctioned
by rule or other means by the Secretary, for the
purpose of conducting research to the extent that
disclosure of protected health information would be
allowed for such purpose under the HIPAA
confidentiality regulations.
``(D) Disclosure by a provider to the Food and Drug
Administration with respect to a product or activity
regulated by the Food and Drug Administration.
``(E) Voluntary disclosure of patient safety work
product by a provider to an accrediting body that
accredits that provider.
``(F) Disclosures that the Secretary may determine,
by rule or other means, are necessary for business
operations and are consistent with the goals of this
part.
``(G) Disclosure of patient safety work product to
law enforcement authorities relating to the commission
of a crime (or to an event reasonably believed to be a
crime) if the person making the disclosure believes,
reasonably under the circumstances, that the patient
safety work product that is disclosed is necessary for
criminal law enforcement purposes.
``(H) With respect to a person other than a patient
safety organization, the disclosure of patient safety
work product that does not include materials that--
``(i) assess the quality of care of an
identifiable provider; or
``(ii) describe or pertain to one or more
actions or failures to act by an identifiable
provider.
``(3) Exception from privilege.--Subsection (a) shall not
apply to (and shall not be construed to prohibit) voluntary
disclosure of nonidentifiable patient safety work product.
``(d) Continued Protection of Information After Disclosure.--
``(1) In general.--Patient safety work product that is
disclosed under subsection (c) shall continue to be privileged
and confidential as provided for in subsections (a) and (b),
and such disclosure shall not be treated as a waiver of
privilege or confidentiality, and the privileged and
confidential nature of such work product shall also apply to
such work product in the possession or control of a person to
whom such work product was disclosed.
``(2) Exception.--Notwithstanding paragraph (1), and subject
to paragraph (3)--
``(A) if patient safety work product is disclosed in
a criminal proceeding, the confidentiality protections
provided for in subsection (b) shall no longer apply to
the work product so disclosed; and
``(B) if patient safety work product is disclosed as
provided for in subsection (c)(2)(B) (relating to
disclosure of nonidentifiable patient safety work
product), the privilege and confidentiality protections
provided for in subsections (a) and (b) shall no longer
apply to such work product.
``(3) Construction.--Paragraph (2) shall not be construed as
terminating or limiting the privilege or confidentiality
protections provided for in subsection (a) or (b) with respect
to patient safety work product other than the specific patient
safety work product disclosed as provided for in subsection
(c).
``(4) Limitations on actions.--
``(A) Patient safety organizations.--
``(i) In general.--A patient safety
organization shall not be compelled to disclose
information collected or developed under this
part whether or not such information is patient
safety work product unless such information is
identified, is not patient safety work product,
and is not reasonably available from another
source.
``(ii) Nonapplication.--The limitation
contained in clause (i) shall not apply in an
action against a patient safety organization or
with respect to disclosures pursuant to
subsection (c)(1).
``(B) Providers.--An accrediting body shall not take an
accrediting action against a provider based on the good faith
participation of the provider in the collection, development,
reporting, or maintenance of patient safety work product in
accordance with this part. An accrediting body may not require
a provider to reveal its communications with any patient safety
organization established in accordance with this part.
``(e) Reporter Protection.--
``(1) In general.--A provider may not take an adverse
employment action, as described in paragraph (2), against an
individual based upon the fact that the individual in good
faith reported information--
``(A) to the provider with the intention of having
the information reported to a patient safety
organization; or
``(B) directly to a patient safety organization.
``(2) Adverse employment action.--For purposes of this
subsection, an `adverse employment action' includes--
``(A) loss of employment, the failure to promote an
individual, or the failure to provide any other
employment-related benefit for which the individual
would otherwise be eligible; or
``(B) an adverse evaluation or decision made in
relation to accreditation, certification,
credentialing, or licensing of the individual.
``(f) Enforcement.--
``(1) Civil monetary penalty.--Subject to paragraphs (2) and
(3), a person who discloses identifiable patient safety work
product in knowing or reckless violation of subsection (b)
shall be subject to a civil monetary penalty of not more than
$10,000 for each act constituting such violation.
``(2) Procedure.--The provisions of section 1128A of the
Social Security Act, other than subsections (a) and (b) and the
first sentence of subsection (c)(1), shall apply to civil money
penalties under this subsection in the same manner as such
provisions apply to a penalty or proceeding under section 1128A
of the Social Security Act.
``(3) Relation to hipaa.--Penalties shall not be imposed both
under this subsection and under the regulations issued pursuant
to section 264(c)(1) of the Health Insurance Portability and
Accountability Act of 1996 (42 U.S.C. 1320d-2 note) for a
single act or omission.
``(4) Equitable relief.--
``(A) In general.--Without limiting remedies
available to other parties, a civil action may be
brought by any aggrieved individual to enjoin any act
or practice that violates subsection (e) and to obtain
other appropriate equitable relief (including
reinstatement, back pay, and restoration of benefits)
to redress such violation.
``(B) Against state employees.--An entity that is a
State or an agency of a State government may not assert
the privilege described in subsection (a) unless before
the time of the assertion, the entity or, in the case
of and with respect to an agency, the State has
consented to be subject to an action described in
subparagraph (A), and that consent has remained in
effect.
``(g) Rule of Construction.--Nothing in this section shall be
construed--
``(1) to limit the application of other Federal, State, or
local laws that provide greater privilege or confidentiality
protections than the privilege and confidentiality protections
provided for in this section;
``(2) to limit, alter, or affect the requirements of Federal,
State, or local law pertaining to information that is not
privileged or confidential under this section;
``(3) except as provided in subsection (i), to alter or
affect the implementation of any provision of the HIPAA
confidentiality regulations or section 1176 of the Social
Security Act (or regulations promulgated under such section);
``(4) to limit the authority of any provider, patient safety
organization, or other entity to enter into a contract
requiring greater confidentiality or delegating authority to
make a disclosure or use in accordance with this section;
``(5) as preempting or otherwise affecting any State law
requiring a provider to report information that is not patient
safety work product; or
``(6) to limit, alter, or affect any requirement for
reporting to the Food and Drug Administration information
regarding the safety of a product or activity regulated by the
Food and Drug Administration.
``(h) Clarification.--Nothing in this part prohibits any person from
conducting additional analysis for any purpose regardless of whether
such additional analysis involves issues identical to or similar to
those for which information was reported to or assessed by a patient
safety organization or a patient safety evaluation system.
``(i) Clarification of application of hipaa confidentiality
regulations to patient safety organizations.--For purposes of applying
the HIPAA confidentiality regulations--
``(1) patient safety organizations shall be treated as
business associates; and
``(2) patient safety activities of such organizations in
relation to a provider are deemed to be health care operations
(as defined in such regulations) of the provider.
``(j) Reports on Strategies To Improve Patient Safety.--
``(1) Draft report.--Not later than the date that is 18
months after any network of patient safety databases is
operational, the Secretary, in consultation with the Director,
shall prepare a draft report on effective strategies for
reducing medical errors and increasing patient safety. The
draft report shall include any measure determined appropriate
by the Secretary to encourage the appropriate use of such
strategies, including use in any federally funded programs. The
Secretary shall make the draft report available for public
comment and submit the draft report to the Institute of
Medicine for review.
``(2) Final report.--Not later than 1 year after the date
described in paragraph (1), the Secretary shall submit a final
report to the Congress.
``SEC. 923. NETWORK OF PATIENT SAFETY DATABASES.
``(a) In General.--The Secretary shall facilitate the creation of,
and maintain, a network of patient safety databases that provides an
interactive evidence-based management resource for providers, patient
safety organizations, and other entities. The network of databases
shall have the capacity to accept, aggregate across the network, and
analyze nonidentifiable patient safety work product voluntarily
reported by patient safety organizations, providers, or other entities.
The Secretary shall assess the feasibility of providing for a single
point of access to the network for qualified researchers for
information aggregated across the network and, if feasible, provide for
implementation.
``(b) Data Standards.--The Secretary may determine common formats for
the reporting to and among the network of patient safety databases
maintained under subsection (a) of nonidentifiable patient safety work
product, including necessary work product elements, common and
consistent definitions, and a standardized computer interface for the
processing of such work product. To the extent practicable, such
standards shall be consistent with the administrative simplification
provisions of part C of title XI of the Social Security Act.
``(c) Use of Information.--Information reported to and among the
network of patient safety databases under subsection (a) shall be used
to analyze national and regional statistics, including trends and
patterns of health care errors. The information resulting from such
analyses shall be made available to the public and included in the
annual quality reports prepared under section 913(b)(2).
``SEC. 924. PATIENT SAFETY ORGANIZATION CERTIFICATION AND LISTING.
``(a) Certification.--
``(1) Initial certification.--An entity that seeks to be a
patient safety organization shall submit an initial
certification to the Secretary that the entity--
``(A) has policies and procedures in place to perform
each of the patient safety activities described in
section 921(5); and
``(B) upon being listed under subsection (d), will
comply with the criteria described in subsection (b).
``(2) Subsequent certifications.--An entity that is a patient
safety organization shall submit every 3 years after the date
of its initial listing under subsection (d) a subsequent
certification to the Secretary that the entity--
``(A) is performing each of the patient safety
activities described in section 921(5); and
``(B) is complying with the criteria described in
subsection (b).
``(b) Criteria.--
``(1) In general.--The following are criteria for the initial
and subsequent certification of an entity as a patient safety
organization:
``(A) The mission and primary activity of the entity
are to conduct activities that are to improve patient
safety and the quality of health care delivery.
``(B) The entity has appropriately qualified staff
(whether directly or through contract), including
licensed or certified medical professionals.
``(C) The entity, within each 24-month period that
begins after the date of the initial listing under
subsection (d), has bona fide contracts, each of a
reasonable period of time, with more than 1 provider
for the purpose of receiving and reviewing patient
safety work product.
``(D) The entity is not, and is not a component of, a
health insurance issuer (as defined in section
2791(b)(2)).
``(E) The entity shall fully disclose--
``(i) any financial, reporting, or
contractual relationship between the entity and
any provider that contracts with the entity;
and
``(ii) if applicable, the fact that the
entity is not managed, controlled, and operated
independently from any provider that contracts
with the entity.
``(F) To the extent practical and appropriate, the
entity collects patient safety work product from
providers in a standardized manner that permits valid
comparisons of similar cases among similar providers.
``(G) The utilization of patient safety work product
for the purpose of providing direct feedback and
assistance to providers to effectively minimize patient
risk.
``(2) Additional criteria for component organizations.--If an
entity that seeks to be a patient safety organization is a
component of another organization, the following are additional
criteria for the initial and subsequent certification of the
entity as a patient safety organization:
``(A) The entity maintains patient safety work
product separately from the rest of the organization,
and establishes appropriate security measures to
maintain the confidentiality of the patient safety work
product.
``(B) The entity does not make an unauthorized
disclosure under this part of patient safety work
product to the rest of the organization in breach of
confidentiality.
``(C) The mission of the entity does not create a
conflict of interest with the rest of the organization.
``(c) Review of Certification.--
``(1) In general.--
``(A) Initial certification.--Upon the submission by
an entity of an initial certification under subsection
(a)(1), the Secretary shall determine if the
certification meets the requirements of subparagraphs
(A) and (B) of such subsection.
``(B) Subsequent certification.--Upon the submission
by an entity of a subsequent certification under
subsection (a)(2), the Secretary shall review the
certification with respect to requirements of
subparagraphs (A) and (B) of such subsection.
``(2) Notice of acceptance or non-acceptance.--If the
Secretary determines that--
``(A) an entity's initial certification meets
requirements referred to in paragraph (1)(A), the
Secretary shall notify the entity of the acceptance of
such certification; or
``(B) an entity's initial certification does not meet
such requirements, the Secretary shall notify the
entity that such certification is not accepted and the
reasons therefor.
``(3) Disclosures regarding relationship to providers.--The
Secretary shall consider any disclosures under subsection
(b)(1)(E) by an entity and shall make public findings on
whether the entity can fairly and accurately perform the
patient safety activities of a patient safety organization. The
Secretary shall take those findings into consideration in
determining whether to accept the entity's initial
certification and any subsequent certification submitted under
subsection (a) and, based on those findings, may deny,
condition, or revoke acceptance of the entity's certification.
``(d) Listing.--The Secretary shall compile and maintain a listing of
entities with respect to which there is an acceptance of a
certification pursuant to subsection (c)(2)(A) that has not been
revoked under subsection (e) or voluntarily relinquished.
``(e) Revocation of Acceptance of Certification.--
``(1) In general.--If, after notice of deficiency, an
opportunity for a hearing, and a reasonable opportunity for
correction, the Secretary determines that a patient safety
organization does not meet the certification requirements under
subsection (a)(2), including subparagraphs (A) and (B) of such
subsection, the Secretary shall revoke the Secretary's
acceptance of the certification of such organization.
``(2) Supplying confirmation of notification to providers.--
Within 15 days of a revocation under paragraph (1), a patient
safety organization shall submit to the Secretary a
confirmation that the organization has taken all reasonable
actions to notify each provider whose patient safety work
product is collected or analyzed by the organization of such
revocation.
``(3) Publication of decision.--If the Secretary revokes the
certification of an organization under paragraph (1), the
Secretary shall--
``(A) remove the organization from the listing
maintained under subsection (d); and
``(B) publish notice of the revocation in the Federal
Register.
``(f) Status of Data After Removal From Listing.--
``(1) New data.--With respect to the privilege and
confidentiality protections described in section 922, data
submitted to an entity within 30 days after the entity is
removed from the listing under subsection (e)(3)(A) shall have
the same status as data submitted while the entity was still
listed.
``(2) Protection to continue to apply.--If the privilege and
confidentiality protections described in section 922 applied to
patient safety work product while an entity was listed, or to
data described in paragraph (1), such protections shall
continue to apply to such work product or data after the entity
is removed from the listing under subsection (e)(3)(A).
``(g) Disposition of Work Product and Data.--If the Secretary removes
a patient safety organization from the listing as provided for in
subsection (e)(3)(A), with respect to the patient safety work product
or data described in subsection (f)(1) that the patient safety
organization received from another entity, such former patient safety
organization shall--
``(1) with the approval of the other entity and a patient
safety organization, transfer such work product or data to such
patient safety organization;
``(2) return such work product or data to the entity that
submitted the work product or data; or
``(3) if returning such work product or data to such entity
is not practicable, destroy such work product or data.
``SEC. 925. TECHNICAL ASSISTANCE.
``The Secretary, acting through the Director, may provide technical
assistance to patient safety organizations, including convening annual
meetings for patient safety organizations to discuss methodology,
communication, data collection, or privacy concerns.
``SEC. 926. SEVERABILITY.
``If any provision of this part is held to be unconstitutional, the
remainder of this part shall not be affected.''.
(b) Authorization of Appropriations.--Section 937 of the Public
Health Service Act (as redesignated by subsection (a)) is amended by
adding at the end the following:
``(e) Patient Safety and Quality Improvement.--For the purpose of
carrying out part C, there are authorized to be appropriated such sums
as may be necessary for each of the fiscal years 2006 through 2010.''.
(c) GAO Study on Implementation.--
(1) Study.--The Comptroller General of the United States
shall conduct a study on the effectiveness of part C of title
IX of the Public Health Service Act (as added by subsection
(a)) in accomplishing the purposes of such part.
(2) Report.--Not later than February 1, 2010, the Comptroller
General shall submit a report on the study conducted under
paragraph (1). Such report shall include such recommendations
for changes in such part as the Comptroller General deems
appropriate.
Purpose and Summary
H.R. 3205 is intended to help create a ``culture of
safety'' by providing peer review protections for information
reported on health care errors for the purposes of quality
improvement and patient safety.
Background and Need for Legislation
In its 1999 report, To Err Is Human, the Institute of
Medicine (IOM) estimated that 44,000 to 98,000 Americans die
each year as a result of medical errors; however, providers
have little to no incentive to report or analyze errors to
improve the quality of health care. The IOM offered several
recommendations to improve patient safety and reduce medical
errors, including that Congress pass legislation to extend peer
review protections to data related to patient safety and
quality improvement that are developed and analyzed by health
care organizations for internal use or shared with others
solely for the purposes of improving safety and quality.
This bill is intended to encourage the reporting and
analysis of medical errors and health care systems by providing
peer review protection of information reported to patient
safety organizations for the purposes of quality improvement
and patient safety. These protections will facilitate an
environment in which health care providers are able to discuss
errors openly and learn from them. The protections apply to
certain categories of documents and communications termed
``patient safety work product'' that are developed in
connection with newly created patient safety organizations.
This patient safety work product is considered privileged and,
therefore, cannot be subject to disclosures in certain civil,
criminal, administrative, and disciplinary proceedings or
disclosed pursuant to the Freedom of Information Act.
Patient safety organizations will analyze information
reported from providers and disseminate information back to
providers in effort to improve quality and patient safety.
Providers will work with patient safety organizations to
determine the causes of these errors, identify what changes
need to be made to prevent these errors, and then implement
these changes.
These new protections do not, however, prevent a provider
from complying with authorized requests for information that
has been collected, developed, maintained, or exists separately
from a patient safety evaluation system. Additionally, all
original patient or provider records are not patient safety
work product. In general, information that is available to the
public today will continue to be available.
The Patient Safety and Quality Improvement Act requires the
Secretary of Health and Human Services (HHS) to facilitate the
creation of a network of databases to analyze health care
errors.
Hearings
On Thursday, June 9, 2005, the Subcommittee on Health held
an oversight hearing entitled ``Patient Safety and Quality
Initiatives.'' The subcommittee received testimony from Dr.
Carolyn M. Clancy, Director, Agency for Healthcare Research and
Quality; Dr. Dennis O'Leary, President, Joint Commission on
Accreditation of Healthcare Organizations; Dr. F. Dean Griffen,
MD, FACS, American College of Surgeons; Dr. William A.
Bornstein, MD, PhD, Medical Association of Georgia; and, Dr.
Jane Loewenson, Director, Health Policy, National Partnership
for Women & Families.
Committee Consideration
On Thursday, July 14, 2005, the Subcommittee on Health met
in open markup session and approved H.R. 3205 for full
Committee consideration, by a voice vote, a quorum being
present. On Wednesday, July 20, 2005, the full Committee met in
open markup session and ordered H.R. 3205 favorably reported to
the House, amended, by a voice vote, a quorum being present.
Committee Votes
Clause 3(b) of rule XIII of the Rules of the House of
Representatives requires the Committee to list the record votes
on the motion to report legislation and amendments thereto.
There were no record votes taken in connection with ordering
H.R. 3205 reported. A motion by Mr. Barton to order H.R. 3205
reported to the House, amended, was agreed to by a voice vote.
Committee Oversight Findings
Pursuant to clause 3(c)(1) of rule XIII of the Rules of the
House of Representatives, the Committee has not held oversight
or legislative hearings on this legislation.
Statement of General Performance Goals and Objectives
The goal of H.R. 3205 is to provide for a health care error
reporting system that both protects information and improves
patient safety and the quality of health care, and to ensure
accountability by raising standards and expectation for
continuous quality improvements in patient safety.
New Budget Authority, Entitlement Authority, and Tax Expenditures
In compliance with clause 3(c)(2) of rule XIII of the Rules
of the House of Representatives, the Committee finds that H.R.
3205, the Patient Safety and Quality Improvement Act, would
result in no new or increased budget authority, entitlement
authority, or tax expenditures or revenues.
Committee Cost Estimate
The Committee adopts as its own the cost estimate prepared
by the Director of the Congressional Budget Office pursuant to
section 402 of the Congressional Budget Act of 1974.
Congressional Budget Office Estimate
Pursuant to clause 3(c)(3) of rule XIII of the Rules of the
House of Representatives, the following is the cost estimate
provided by the Congressional Budget Office pursuant to section
402 of the Congressional Budget Act of 1974:
U.S. Congress,
Congressional Budget Office,
Washington, DC, July 27, 2005.
Hon. Joe Barton,
Chairman, Committee on Energy and Commerce,
House of Representatives, Washington, DC.
Dear Mr. Chairman: The Congressional Budget Office has
prepared the enclosed cost estimate for H.R. 3205, the Patient
Safety and Quality Improvement Act of 2005.
If you wish further details on this estimate, we will be
pleased to provide them. The CBO staff contact is Julia
Christensen.
Sincerely,
Elizabeth M. Robinson
(For Douglas Holtz-Eakin, Director).
Enclosure.
H.R. 3205--Patient Safety and Quality Improvement Act of 2005
Summary: H.R. 3205 would establish certification procedures
for patient safety organizations (PSOs) and require the
Secretary of Health and Human Services to maintain a list of
certified PSOs. Those PSOs would collect patient safety data
voluntarily submitted by health care providers for inclusion in
a network of databases. The bill would require the Secretary to
develop a uniform database, establish national standards for
the collection and maintenance of patient safety data, and
provide technical assistance to PSOs. The bill also would
establish privacy protections and impose civil monetary
penalties for violations of those protections. The bill would
require two reports, including a report by the Government
Accountability Office (GAO) on the overall effectiveness of the
program and a report by the Secretary on effective strategies
for increasing patient safety.
CBO estimates that implementing H.R. 3205 would cost $5
million in 2006 and $58 million over the 2006-2010 period,
assuming the appropriation of the necessary amounts. CBO
estimates that receipts from fines for violation of the privacy
protections, which are recorded as federal revenues, would
amount to less than $500,000 a year.
H.R. 3205 would preempt state laws that govern the
disclosure of information provided to patient safety
organizations. While that preemption would be an
intergovernmental mandate as defined in the Unfunded Mandates
Reform Act (UMRA), it would impose no requirements on states
that would result in additional spending; thus, the threshold
established by UMRA would not be exceeded ($62 million in 2005,
adjusted annually for inflation).
The bill would impose a private-sector mandate on health
care providers, as defined in UMRA, by not allowing them to use
the fact that an employee reported patient safety data in an
adverse employment action against an employee. That mandate
would not have any direct cost, however, because patient safety
data as defined in the bill does not exist under current law.
Estimated cost to the Federal Government: The estimated
cost of H.R. 3205 is shown in the following table. The bill
could also result in an increase in revenues from fines, but
CBO estimates that any such increase would be less than
$500,000 a year. The costs of this legislation fall within
budget functions 550 (health) and 800 (general government).
------------------------------------------------------------------------
By fiscal year, in millions of
dollars--
---------------------------------------
2006 2007 2008 2009 2010
------------------------------------------------------------------------
CHANGES IN SPENDING SUBJECT TO APPROPRIATION
Estimated authorization level... 15 13 14 14 14
Estimated outlays............... 5 11 14 14 14
------------------------------------------------------------------------
Basis of estimate
Spending subject to appropriation
H.R. 3205 would expand the current duties of the Agency for
Healthcare Research and Quality (AHRQ). Although not
specifically named, the AHRQ is the most likely agency within
the Department of Health and Human Services to carry out the
provisions of the bill. The new duties would include providing
technical assistance to PSOs that have (or are developing)
systems for reporting medical errors. AHRQ also would oversee
the certification and listing of PSOs, which collect patient
safety data from health care providers. (PSOs are private or
public organizations that conduct activities to improve patient
safety and the quality of health care delivery.) PSOs would not
receive funding under this bill.
In addition, the bill would require AHRQ to develop and
maintain a network of databases to collect, support, and
coordinate the analysis of patient safety data that is reported
on a voluntary basis. Based on information from AHRQ, CBO
expects that these tasks would require increased staff for
providing assistance to PSOs, oversight of PSOs, and
maintenance of the patient safety database. CBO estimates that
the agency would need appropriations of$15 million in 2006 and
about $70 million over the 2006-2010 period to carry out those
responsibilities. We estimate that the agency would spend about $5
million in 2006 (primarily on the development of the patient safety
database) and $58 million over the 2006-2010 period, assuming the
necessary amounts are appropriated.
Revenues
Because those prosecuted and convicted for violation of the
bill's privacy provisions could be subject to civil monetary
penalties, the federal government might collect additional
fines if the bill is enacted. Collections of civil fines are
recorded in the budget as governmental receipts (i.e.,
revenues). CBO estimates that any additional receipts would be
less than $500,000 a year.
Estimated Impact on State, Local, and Tribal Governments:
H.R. 3205 would preempt any state freedom of information law or
other laws governing subpoena power or civil or administrative
procedure that require the disclosure of information provided
by a health care provider to a certified patient safety
organization. That preemption would be an intergovernmental
mandate as deemed in UMRA because it would limit the
application of those state laws. The bill also would establish
a number of exceptions to the preemption of state and local
laws, thus narrowing the scope of the mandate. CBO estimates
that this mandate would impose no requirement on states that
would result in additional spending; thus, the threshold as
established by UMRA would not be exceeded ($62 million in 2005,
adjusted annually for inflation).
Estimated Impact on the Private Sector: The bill would
impose a private-sector mandate on health care providers, as
deemed in UMRA, by not allowing them to use the fact that an
employee reported patient safety data in an adverse employment
action against the employee. This mandate would not have any
direct cost, however, because patient safety data as defined in
the bill does not exist under current law.
Previous CBO estimate: On March 31, 2005, CBO transmitted
an estimate for S. 544, the Patient Safety and Quality
Improvement Act of 2005, as ordered reported by the Senate
Committee on Health, Education, Labor, and Pensions. The scope
of work under S. 544 is similar to H.R. 3205, and CBO's two
cost estimates are nearly identical.
Estimate prepared by: Federal Costs: Julia M. Christensen
and Camite Williams. Impact on State, Local, and Tribal
Governments: Leo Lex. Impact on the Private Sector: Peter
Richmond.
Estimate Approved by: Peter H. Fontaine, Deputy Assistant
Director for Budget Analysis.
Federal Mandates Statement
The Committee adopts as its own the estimate of Federal
mandates prepared by the Director of the Congressional Budget
Office pursuant to section 423 of the Unfunded Mandates Reform
Act.
Advisory Committee Statement
No advisory committees within the meaning of section 5(b)
of the Federal Advisory Committee Act were created by this
legislation.
Constitutional Authority Statement
Pursuant to clause 3(d)(1) of rule XIII of the Rules of the
House of Representatives, the Committee finds that the
Constitutional authority for this legislation is provided in
Article I, section 8, clause 3, which grants Congress the power
to regulate commerce with foreign nations, among the several
States, and with the Indian tribes.
Applicability to Legislative Branch
The Committee finds that the legislation does not relate to
the terms and conditions of employment or access to public
services or accommodations within the meaning of section
102(b)(3) of the Congressional Accountability Act.
Section-by-Section Analysis of the Legislation
Section 1. Short title
Section 1 establishes the short title as the ``Patient
Safety and Quality Improvement Act of 2005.''
Section 2. Amendments to the Public Health Service Act
Section 2(a) would establish a new Part C in Title IX of
the Public Health Service Act to encourage a voluntary
reporting system for patient safety data as set out below.
Section 921. Definitions
The bill would add a new section 921 to identify and define
the elements of a new voluntary reporting system, including the
terms ``identifiable information,'' ``non-identifiable
information,'' ``patient safety activities,'' ``patient safety
evaluation system,'' ``patient safety organization,'' ``patient
safety work product,'' and ``provider.''
The definition of patient safety work product contains
several parts,and a document or communication is patient safety
work product if it falls into any of the categories in clauses
(7)(A)(i)-(iii). A document may be patient safety work product for
multiple reasons. For example, a patient safety organization may
prepare a memorandum describing its request for further collection of
information from the reporting provider. The memorandum of the patient
safety organization is both a document developed by the patient safety
organization and a document that would identify the deliberations of a
patient safety evaluation system. A memorandum of the provider that
identifies the deliberations of a patient safety evaluation system
would also be patient safety work product.
Paragraphs 7(B)(i) and (ii) explains documents or
communications that are not included under clause (7)(A). The
Committee understands that it is likely and appropriate for a
provider to keep a copy of documents and possible logs of
communications that are reported to the patient safety
organization. Generally, such copies are also patient safety
work product because they are part of the patient safety
evaluation system. Such items would not be considered original
provider records as set out under 7(B)(i).
On the other hand, there may be documents or communications
that are part of traditional health care operations or record
keeping (including but not limited to medical records, billing
records, guidance on procedures, physician notes, hospital
policies, logs of operations, records of drug deliveries, and
primary information at the time of events). Such information
may be in communications or copies of documents sent to a
patient safety organization. Originals or copies of such
documents are both original provider records and separate
information that is developed, collected, maintained or exist
separately from any patient safety evaluation system. Both
these original documents and ordinary information about health
care operations may be relevant to a patient safety evaluation
system but are not themselves patient safety work product.
Once something is patient safety work product, a person may
disclose such work product for a variety of purposes under
subsection 922(c). Subsection 922(d) provides that, despite
such a disclosure, such work product remains confidential and
privileged and does not lose its status as patient safety work
product. Thus, clause 921(7)(B)(ii) would not operate to change
the status of the patient safety work product in this
circumstance. For example, assume material otherwise meets the
definition of patient safety work product. If the provider
voluntarily discloses such work product to an accrediting
organization under subsection 922(c)(2)(E), the privileged and
confidential nature of the work product remains.
On the other hand, nothing requires a provider to disclose
such patient safety work product to an accrediting
organization. A provider may choose to collect, develop, or
maintain information separately from a patient safety
evaluation system. That separate information or analysis may be
similar or identical in substance or subject matter to patient
safety work product. A provider may choose this route in
disclosing such separate material to an accrediting
organization.
A similar approach would apply to material given to
researchers or for patient safety activities. Information
provided for research or patient safety activities may be
patient safety work product or it may not be patient safety
work product.
There is further discussion of the term ``patient safety
work product'' in the context of section 922.
Section 922. Privilege and confidentiality protections
New subsection 922(a) creates a privilege for patient
safety work product for certain proceedings and forums.
Paragraphs 922(c)(1) and (3) contain exceptions to the
prohibitions in 922(a). Nothing in this legislation changes
other requirements that may exist for evidence.
Here are a few examples of the privilege. Assume a trial
lawyer asks a provider what communications has the provider had
with other parties concerning the medical procedures that took
place during the month of August 2006. Communications that
identify or constitute the deliberations of or analyses of, or
identify the fact or reporting to, a patient safety evaluation
system under 921(7)(A)(ii) are patient safety work product.
Such information would not be discoverable. Communications with
other parties, however, would be discoverable.
Assume a trial lawyer asks what a specific practitioner
understood about how a certain piece of medical equipment
operated. Even if this same information was reported to a
patient safety organization, such information ``exists
separately'' from a patient safety evaluation system under
921(7)(B)(ii). Under such a circumstance, the provider should
respond to the interrogatory but not reveal that similar or the
same information was being reviewed within the context of a
patient safety evaluation system.
Assume an expert analysis is relevant to a legal proceeding
and a patient safety organization had developed such an
analysis. The fact that a patient safety organization has
developed such an analysis does not mean a party could not
obtain a separate analysis on the same subject matter from a
different expert or prepare a separate analysis on the same
subject matter in-house. Such analysis may be separate from a
patient safety evaluation system both under the meaning of
921(7)(b)(ii) and under 922(h).
New subsection 922(b) provides that patient safety work
product shall not be disclosed except as provided for in
922(c)(1) and (2). A person may rely on any of the exceptions
to justify a permissible disclosure. The same disclosure may
fall under multiple exceptions. For example, patient safety
work product may be provided, under appropriate circumstances,
to a researcher under multiple exceptions, including but not
limited to 922(c)(2)(C).
There are more exceptions to 922(b) under subsection (c)
than thereare to 922(a). For example, a discovery order cannot
request the dates of meetings held between a patient safety
organization and other parties. On the other hand, schedulers for
parties may disclose dates of such individual meetings relevant to that
party for ordinary purposes such as contacting other schedulers,
setting out travel vouchers, or other purposes. Such disclosure could
be a disclosure of patient safety work product under 922(c)(2)(H). Such
a disclosure would neither assess the quality of care of an
identifiable provider nor describe or pertain to one or more actions or
failures to act by an identifiable provider.
Subsection 922(d)(1) states that the fact of disclosure of
information under one of the exceptions under subsection (c)
shall not be treated as a waiver of privilege or
confidentiality. Nor can such a disclosure change the
privileged or confidential status of such work product.
Subparagraph 922(d)(4)(A) provides that a patient safety
organization shall not be compelled to disclose information
collected or developed under this part whether or not such
information is patient safety work product unless such
information is identified, is not patient safety work product,
and is not reasonably available from another source. This
limitation does not apply to actions against the patient safety
organization or with respect to disclosures under subsection
(c)(1). The basic idea is that patient safety organizations may
be collecting or developing material that is based on
underlying material that is available at the provider's office
or through another party. In such circumstances, discovery
orders should be made to other parties and not the patient
safety organization.
Subsection (e) sets out protections for individuals who in
good faith report information to providers, with the intent
that the information is reported to a patient safety
organization, or who report directly to a patient safety
organization. A provider may not use the fact that an
individual reported to a patient safety organization or that
provider against the individual in any adverse employment
action.
Paragraph (f)(1) provides monetary penalties for a knowing
or reckless violation of subsection (b). Subsection 922(a) is
not enforceable under paragraph (f)(1) but rather should be
administered in the context of the relevant proceeding. To be
held liable under paragraph (f)(1) a person should at least
know, or be reckless in not knowing, that the information was
indeed confidential patient safety work product.
Paragraph (f)(3) provides that penalties shall not be
imposed under (f)(1) and pursuant to HIPAA confidentiality
regulations for a single act or omission.
Under paragraph (g)(3) the provisions of the HIPAA
confidentiality regulations continue to apply, except as
provided in subsection (i).
Under paragraph (g)(4), providers, patient safety
organizations, or other entities, can enter contracts that
increase confidentiality or restrict the use of information for
purposes of the relationship between the contracting parties,
so long as the contracts do not conflict with this Act or any
other laws. Parties may also, by contract, delegate the
authority to make an authorized disclosure that is otherwise
permissible under the Act for that person.
Paragraph (g)(5) is a savings clause concerning state
reporting requirements. State reporting requirements cannot
require reporting of patient safety work product but can
require reporting of primary medical information and other
documents or communications that are not patient safety work
product. Such reporting requirements may even require providers
to produce reports that are similar in basic function to
reports being provided to a patient safety organization.
However, patient safety work product itself, as defined in this
Act, remains privileged.
Subsection (h) was discussed in part above. Nothing in this
part prohibits any person from conducting additional analysis
for any purpose regardless of whether such additional analysis
involves issues identical to or similar to those for which
information was reported to or assessed by a patient safety
organization or a patient safety evaluation system. Such
additional analysis is separate and not patient safety work
product.
Under subsection (i) a patient safety organization shall be
treated as a business associate for purposes of section 264(c)
of HIPAA. The patient safety activities of such organization
are deemed to be health care operations of the provider. A
patient safety organization can be a covered entity for other
purposes, but also a business associate in its role as a
patient safety organization.
Subsection (j) requires the Secretary to provide a report
on effective strategies for reducing medical errors and
increasing patient safety.
Section 923. Network of patient safety databases
New section 923 requires the Secretary to facilitate the
creation of, and maintain, a network of patient safety
databases that provides an interactive evidence-based
management resource for providers, patient safety
organizations, and other entities.
The Secretary may establish common formats for reporting
data to and among the network of patient safety databases to
enable ease of use and communication to and among the
databases. The Secretary should build upon existing databases
and work already done by the Office of the National Coordinator
for Health Information Technology and other parts of the
Department in an effort to maximize the efficiency and utility
of common data collection efforts across agencies.
Each database in the network shall be able to accept
nonidentifiable information, aggregate all the nonidentifiable
information within the network, and analyze such information.
The Secretary shall make the information available to
providers, patient safety organizations and the public and, if
feasible, the Secretary shall also provide for implementation
of a single point of access to the individual and aggregated
data in the network of databases.
Section 924. Certification of patient safety organizations
Subsection (a) of new section 924 sets out certain
requirements for initial and subsequent certifications for
patient safety organizations. Paragraph (b)(1) sets out
criteria a patient safety organization must meet as conditions
of certification. New paragraph 924(b)(2) sets out certain
additional requirements for patient safety organizations that
are components of other organizations. Subsection (c) provides
procedures for the review of certifications. Subsection (d)
provides for the listing of certifications that have been
accepted and not revoked. Subsection (e) provides for
revocation procedures for certain causes. Subsection (f)
maintains the confidential and privileged status of information
even where a patient safety organizations listing has been
revoked.
Section 925. Technical assistance
New section 925 states that the Secretary may provide
certain technical assistance to patient safety organizations.
Section 926. Severability
New section 926 provides that if any provision of this part
is held to be unconstitutional, the remainder of this part
shall not be affected.
Subsection (2)(b) of the Act would modify existing section
937 of the Public Health Service Act to authorize such sums as
may be necessary for each of the fiscal years 2006-2010.
Subsection (2)(c) of the Act provides for study from the
General Accounting Office regarding implementation of the Act.
Changes in Existing Law Made by the Bill, as Reported
In compliance with clause 3(e) of rule XIII of the Rules of
the House of Representatives, changes in existing law made by
the bill, as reported, are shown as follows (existing law
proposed to be omitted is enclosed in black brackets, new
matter is printed in italic, existing law in which no change is
proposed is shown in roman):
PUBLIC HEALTH SERVICE ACT
* * * * * * *
TITLE IX--AGENCY FOR HEALTHCARE RESEARCH AND QUALITY
* * * * * * *
PART B--HEALTH CARE IMPROVEMENT RESEARCH
* * * * * * *
SEC. 912. PRIVATE-PUBLIC PARTNERSHIPS TO IMPROVE ORGANIZATION AND
DELIVERY.
(a) * * *
* * * * * * *
(c) Reducing Errors in Medicine.--The Director shall, in
accordance with part C, conduct and support research and build
private-public partnerships to--
(1) * * *
* * * * * * *
PART C--PATIENT SAFETY IMPROVEMENT
SEC. 921. DEFINITIONS.
In this part:
(1) HIPAA confidentiality regulations.--The term
``HIPAA confidentiality regulations'' means regulations
promulgated under section 264(c) of the Health
Insurance Portability and Accountability Act of 1996
(Public Law 104-191; 110 Stat. 2033).
(2) Identifiable patient safety work product.--The
term ``identifiable patient safety work product'' means
patient safety work product that--
(A) is presented in a form and manner that
allows the identification of any provider that
is a subject of the work product, or any
providers that participate in activities that
are a subject of the work product;
(B) constitutes individually identifiable
health information as that term is defined in
the HIPAA confidentiality regulations; or
(C) is presented in a form and manner that
allows the identification of an individual who
reported information in the manner specified in
section 922(e).
(3) Nonidentifiable patient safety work product.--The
term ``nonidentifiable patient safety work product''
means patient safety work product that is not
identifiable patient safety work product (as defined in
paragraph (2)).
(4) Patient safety organization.--The term ``patient
safety organization'' means a private or public entity
or component thereof that is listed by the Secretary
pursuant to section 924(d).
(5) Patient safety activities.--The term ``patient
safety activities'' means the following activities:
(A) Efforts to improve patient safety and the
quality of health care delivery.
(B) The collection and analysis of patient
safety work product.
(C) The development and dissemination of
information with respect to improving patient
safety, such as recommendations, protocols, or
information regarding best practices.
(D) The utilization of patient safety work
product for the purposes of encouraging a
culture of safety and of providing feedback and
assistance to effectively minimize patient
risk.
(E) The maintenance of procedures to preserve
confidentiality with respect to patient safety
work product.
(F) The provision of appropriate security
measures with respect to patient safety work
product.
(G) The utilization of qualified staff.
(H) Activities related to the operation of a
patient safety evaluation system and to the
provision of feedback to participants in a
patient safety evaluation system.
(6) Patient safety evaluation system.--The term
``patient safety evaluation system'' means the
collection, management, or analysis of information for
reporting to or by a patient safety organization.
(7) Patient safety work product.--
(A) In general.--Except as provided in
subparagraph (B), the term ``patient safety
work product'' means any data, reports,
records, memoranda, analyses (such as root
cause analyses), or written or oral
statements--
(i) which--
(I) are assembled or
developed by a provider for
reporting to a patient safety
organization and are reported
to a patient safety
organization; or
(II) are developed by a
patient safety organization for
the conduct of patient safety
activities;
and which could result in improved
patient safety, health care quality, or
health care outcomes; or
(ii) which identify or constitute the
deliberations or analysis of, or
identify the fact of reporting pursuant
to, a patient safety evaluation system.
(B) Clarification.--
(i) Information described in
subparagraph (A) does not include a
patient's medical record, billing and
discharge information, or any other
original patient or provider record.
(ii) Information described in
subparagraph (A) does not include
information that is collected,
maintained, or developed separately, or
exists separately, from a patient
safety evaluation system. Such separate
information or a copy thereof reported
to a patient safety organization shall
not by reason of its reporting be
considered patient safety work product.
(iii) Nothing in this part shall be
construed to limit--
(I) the discovery of or
admissibility of information
described in this subparagraph
in a criminal, civil, or
administrative proceeding;
(II) the reporting of
information described in this
subparagraph to a Federal,
State, or local governmental
agency for public health
surveillance, investigation, or
other public health purposes or
health oversight purposes; or
(III) a provider's
recordkeeping obligation with
respect to information
described in this subparagraph
under Federal, State, or local
law.
(8) Provider.--The term ``provider'' means--
(A) an individual or entity licensed or
otherwise authorized under State law to provide
health care services, including--
(i) a hospital, nursing facility,
comprehensive outpatient rehabilitation
facility, home health agency, hospice
program, renal dialysis facility,
ambulatory surgical center, pharmacy,
physician or health care practitioner's
office, long term care facility,
behavior health residential treatment
facility, clinical laboratory, or
health center; or
(ii) a physician, physician
assistant, nurse practitioner, clinical
nurse specialist, certified registered
nurse anesthetist, certified nurse
midwife, psychologist, certified social
worker, registered dietitian or
nutrition professional, physical or
occupational therapist, pharmacist, or
other individual health care
practitioner; or
(B) any other individual or entity specified
in regulations promulgated by the Secretary.
SEC. 922. PRIVILEGE AND CONFIDENTIALITY PROTECTIONS.
(a) Privilege.--Notwithstanding any other provision of
Federal, State, or local law, and subject to subsection (c),
patient safety work product shall be privileged and shall not
be--
(1) subject to a Federal, State, or local civil,
criminal, or administrative subpoena or order,
including in a Federal, State, or local civil or
administrative disciplinary proceeding against a
provider;
(2) subject to discovery in connection with a
Federal, State, or local civil, criminal, or
administrative proceeding, including in a Federal,
State, or local civil or administrative disciplinary
proceeding against a provider;
(3) subject to disclosure pursuant to section 552 of
title 5, United States Code (commonly known as the
Freedom of Information Act) or any other similar
Federal, State, or local law;
(4) admitted as evidence in any Federal, State, or
local governmental civil proceeding, criminal
proceeding, administrative rulemaking proceeding, or
administrative adjudicatory proceeding, including any
such proceeding against a provider; or
(5) admitted in a professional disciplinary
proceeding of a professional disciplinary body
established or specifically authorized under State law.
(b) Confidentiality of Patient Safety Work Product.--
Notwithstanding any other provision of Federal, State, or local
law, and subject to subsection (c), patient safety work product
shall be confidential and shall not be disclosed.
(c) Exceptions.--Except as provided in subsection (g)(3)--
(1) Exceptions from privilege and confidentiality.--
Subsections (a) and (b) shall not apply to (and shall
not be construed to prohibit) one or more of the
following disclosures:
(A) Disclosure of relevant patient safety
work product for use in a criminal proceeding,
but only after a court makes an in camera
determination that such patient safety work
product contains evidence of a criminal act and
that such patient safety work product is
material to the proceeding and not reasonably
available from any other source.
(B) Disclosure of patient safety work product
to the extent required to carry out subsection
(f)(4)(A).
(C) Disclosure of identifiable patient safety
work product if authorized by each provider
identified in such work product.
(2) Exceptions from confidentiality.--Subsection (b)
shall not apply to (and shall not be construed to
prohibit) one or more of the following disclosures:
(A) Disclosure of patient safety work product
to carry out patient safety activities.
(B) Disclosure of nonidentifiable patient
safety work product.
(C) Disclosure of patient safety work product
to grantees, contractors, or other entities
carrying out research, evaluation, or
demonstration projects authorized, funded,
certified, or otherwise sanctioned by rule or
other means by the Secretary, for the purpose
of conducting research to the extent that
disclosure of protected health information
would be allowed for such purpose under the
HIPAA confidentiality regulations.
(D) Disclosure by a provider to the Food and
Drug Administration with respect to a product
or activity regulated by the Food and Drug
Administration.
(E) Voluntary disclosure of patient safety
work product by a provider to an accrediting
body that accredits that provider.
(F) Disclosures that the Secretary may
determine, by rule or other means, are
necessary for business operations and are
consistent with the goals of this part.
(G) Disclosure of patient safety work product
to law enforcement authorities relating to the
commission of a crime (or to an event
reasonably believed to be a crime) if the
person making the disclosure believes,
reasonably under the circumstances, that the
patient safety work product that is disclosed
is necessary for criminal law enforcement
purposes.
(H) With respect to a person other than a
patient safety organization, the disclosure of
patient safety work product that does not
include materials that--
(i) assess the quality of care of an
identifiable provider; or
(ii) describe or pertain to one or
more actions or failures to act by an
identifiable provider.
(3) Exception from privilege.--Subsection (a) shall
not apply to (and shall not be construed to prohibit)
voluntary disclosure of nonidentifiable patient safety
work product.
(d) Continued Protection of Information After Disclosure.--
(1) In general.--Patient safety work product that is
disclosed under subsection (c) shall continue to be
privileged and confidential as provided for in
subsections (a) and (b), and such disclosure shall not
be treated as a waiver of privilege or confidentiality,
and the privileged and confidential nature of such work
product shall also apply to such work product in the
possession or control of a person to whom such work
product was disclosed.
(2) Exception.--Notwithstanding paragraph (1), and
subject to paragraph (3)--
(A) if patient safety work product is
disclosed in a criminal proceeding, the
confidentiality protections provided for in
subsection (b) shall no longer apply to the
work product so disclosed; and
(B) if patient safety work product is
disclosed as provided for in subsection
(c)(2)(B) (relating to disclosure of
nonidentifiable patient safety work product),
the privilege and confidentiality protections
provided for in subsections (a) and (b) shall
no longer apply to such work product.
(3) Construction.--Paragraph (2) shall not be
construed as terminating or limiting the privilege or
confidentiality protections provided for in subsection
(a) or (b) with respect to patient safety work product
other than the specific patient safety work product
disclosed as provided for in subsection (c).
(4) Limitations on actions.--
(A) Patient safety organizations.--
(i) In general.--A patient safety
organization shall not be compelled to
disclose information collected or
developed under this part whether or
not such information is patient safety
work product unless such information is
identified, is not patient safety work
product, and is not reasonably
available from another source.
(ii) Nonapplication.--The limitation
contained in clause (i) shall not apply
in an action against a patient safety
organization or with respect to
disclosures pursuant to subsection
(c)(1).
(B) Providers.--An accrediting body shall not take an
accrediting action against a provider based on the good
faith participation of the provider in the collection,
development, reporting, or maintenance of patient
safety work product in accordance with this part. An
accrediting body may not require a provider to reveal
its communications with any patient safety organization
established in accordance with this part.
(e) Reporter Protection.--
(1) In general.--A provider may not take an adverse
employment action, as described in paragraph (2),
against an individual based upon the fact that the
individual in good faith reported information--
(A) to the provider with the intention of
having the information reported to a patient
safety organization; or
(B) directly to a patient safety
organization.
(2) Adverse employment action.--For purposes of this
subsection, an ``adverse employment action'' includes--
(A) loss of employment, the failure to
promote an individual, or the failure to
provide any other employment-related benefit
for which the individual would otherwise be
eligible; or
(B) an adverse evaluation or decision made in
relation to accreditation, certification,
credentialing, or licensing of the individual.
(f) Enforcement.--
(1) Civil monetary penalty.--Subject to paragraphs
(2) and (3), a person who discloses identifiable
patient safety work product in knowing or reckless
violation of subsection (b) shall be subject to a civil
monetary penalty of not more than $10,000 for each act
constituting such violation.
(2) Procedure.--The provisions of section 1128A of
the Social Security Act, other than subsections (a) and
(b) and the first sentence of subsection (c)(1), shall
apply to civil money penalties under this subsection in
the same manner as such provisions apply to a penalty
or proceeding under section 1128A of the Social
Security Act.
(3) Relation to hipaa.--Penalties shall not be
imposed both under this subsection and under the
regulations issued pursuant to section 264(c)(1) of the
Health Insurance Portability and Accountability Act of
1996 (42 U.S.C. 1320d-2 note) for a single act or
omission.
(4) Equitable relief.--
(A) In general.--Without limiting remedies
available to other parties, a civil action may
be brought by any aggrieved individual to
enjoin any act or practice that violates
subsection (e) and to obtain other appropriate
equitable relief (including reinstatement, back
pay, and restoration of benefits) to redress
such violation.
(B) Against state employees.--An entity that
is a State or an agency of a State government
may not assert the privilege described in
subsection (a) unless before the time of the
assertion, the entity or, in the case of and
with respect to an agency, the State has
consented to be subject to an action described
in subparagraph (A), and that consent has
remained in effect.
(g) Rule of Construction.--Nothing in this section shall be
construed--
(1) to limit the application of other Federal, State,
or local laws that provide greater privilege or
confidentiality protections than the privilege and
confidentiality protections provided for in this
section;
(2) to limit, alter, or affect the requirements of
Federal, State, or local law pertaining to information
that is not privileged or confidential under this
section;
(3) except as provided in subsection (i), to alter or
affect the implementation of any provision of the HIPAA
confidentiality regulations or section 1176 of the
Social Security Act (or regulations promulgated under
such section);
(4) to limit the authority of any provider, patient
safety organization, or other entity to enter into a
contract requiring greater confidentiality or
delegating authority to make a disclosure or use in
accordance with this section;
(5) as preempting or otherwise affecting any State
law requiring a provider to report information that is
not patient safety work product; or
(6) to limit, alter, or affect any requirement for
reporting to the Food and Drug Administration
information regarding the safety of a product or
activity regulated by the Food and Drug Administration.
(h) Clarification.--Nothing in this part prohibits any person
from conducting additional analysis for any purpose regardless
of whether such additional analysis involves issues identical
to or similar to those for which information was reported to or
assessed by a patient safety organization or a patient safety
evaluation system.
(i) Clarification of Application of HIPAA Confidentiality
Regulations to Patient Safety Organizations.--For purposes of
applying the HIPAA confidentiality regulations--
(1) patient safety organizations shall be treated as
business associates; and
(2) patient safety activities of such organizations
in relation to a provider are deemed to be health care
operations (as defined in such regulations) of the
provider.
(j) Reports on Strategies To Improve Patient Safety.--
(1) Draft report.--Not later than the date that is 18
months after any network of patient safety databases is
operational, the Secretary, in consultation with the
Director, shall prepare a draft report on effective
strategies for reducing medical errors and increasing
patient safety. The draft report shall include any
measure determined appropriate by the Secretary to
encourage the appropriate use of such strategies,
including use in any federally funded programs. The
Secretary shall make the draft report available for
public comment and submit the draft report to the
Institute of Medicine for review.
(2) Final report.--Not later than 1 year after the
date described in paragraph (1), the Secretary shall
submit a final report to the Congress.
SEC. 923. NETWORK OF PATIENT SAFETY DATABASES.
(a) In General.--The Secretary shall facilitate the creation
of, and maintain, a network of patient safety databases that
provides an interactive evidence-based management resource for
providers, patient safety organizations, and other entities.
The network of databases shall have the capacity to accept,
aggregate across the network, and analyze nonidentifiable
patient safety work product voluntarily reported by patient
safety organizations, providers, or other entities. The
Secretary shall assess the feasibility of providing for a
single point of access to the network for qualified researchers
for information aggregated across the network and, if feasible,
provide for implementation.
(b) Data Standards.--The Secretary may determine common
formats for the reporting to and among the network of patient
safety databases maintained under subsection (a) of
nonidentifiable patient safety work product, including
necessary work product elements, common and consistent
definitions, and a standardized computer interface for the
processing of such work product. To the extent practicable,
such standards shall be consistent with the administrative
simplification provisions of part C of title XI of the Social
Security Act.
(c) Use of Information.--Information reported to and among
the network of patient safety databases under subsection (a)
shall be used to analyze national and regional statistics,
including trends and patterns of health care errors. The
information resulting from such analyses shall be made
available to the public and included in the annual quality
reports prepared under section 913(b)(2).
SEC. 924. PATIENT SAFETY ORGANIZATION CERTIFICATION AND LISTING.
(a) Certification.--
(1) Initial certification.--An entity that seeks to
be a patient safety organization shall submit an
initial certification to the Secretary that the
entity--
(A) has policies and procedures in place to
perform each of the patient safety activities
described in section 921(5); and
(B) upon being listed under subsection (d),
will comply with the criteria described in
subsection (b).
(2) Subsequent certifications.--An entity that is a
patient safety organization shall submit every 3 years
after the date of its initial listing under subsection
(d) a subsequent certification to the Secretary that
the entity--
(A) is performing each of the patient safety
activities described in section 921(5); and
(B) is complying with the criteria described
in subsection (b).
(b) Criteria.--
(1) In general.--The following are criteria for the
initial and subsequent certification of an entity as a
patient safety organization:
(A) The mission and primary activity of the
entity are to conduct activities that are to
improve patient safety and the quality of
health care delivery.
(B) The entity has appropriately qualified
staff (whether directly or through contract),
including licensed or certified medical
professionals.
(C) The entity, within each 24-month period
that begins after the date of the initial
listing under subsection (d), has bona fide
contracts, each of a reasonable period of time,
with more than 1 provider for the purpose of
receiving and reviewing patient safety work
product.
(D) The entity is not, and is not a component
of, a health insurance issuer (as defined in
section 2791(b)(2)).
(E) The entity shall fully disclose--
(i) any financial, reporting, or
contractual relationship between the
entity and any provider that contracts
with the entity; and
(ii) if applicable, the fact that the
entity is not managed, controlled, and
operated independently from any
provider that contracts with the
entity.
(F) To the extent practical and appropriate,
the entity collects patient safety work product
from providers in a standardized manner that
permits valid comparisons of similar cases
among similar providers.
(G) The utilization of patient safety work
product for the purpose of providing direct
feedback and assistance to providers to
effectively minimize patient risk.
(2) Additional criteria for component
organizations.--If an entity that seeks to be a patient
safety organization is a component of another
organization, the following are additional criteria for
the initial and subsequent certification of the entity
as a patient safety organization:
(A) The entity maintains patient safety work
product separately from the rest of the
organization, and establishes appropriate
security measures to maintain the
confidentiality of the patient safety work
product.
(B) The entity does not make an unauthorized
disclosure under this part of patient safety
work product to the rest of the organization in
breach of confidentiality.
(C) The mission of the entity does not create
a conflict of interest with the rest of the
organization.
(c) Review of Certification.--
(1) In general.--
(A) Initial certification.--Upon the
submission by an entity of an initial
certification under subsection (a)(1), the
Secretary shall determine if the certification
meets the requirements of subparagraphs (A) and
(B) of such subsection.
(B) Subsequent certification.--Upon the
submission by an entity of a subsequent
certification under subsection (a)(2), the
Secretary shall review the certification with
respect to requirements of subparagraphs (A)
and (B) of such subsection.
(2) Notice of acceptance or non-acceptance.--If the
Secretary determines that--
(A) an entity's initial certification meets
requirements referred to in paragraph (1)(A),
the Secretary shall notify the entity of the
acceptance of such certification; or
(B) an entity's initial certification does
not meet such requirements, the Secretary shall
notify the entity that such certification is
not accepted and the reasons therefor.
(3) Disclosures regarding relationship to
providers.--The Secretary shall consider any
disclosures under subsection (b)(1)(E) by an entity and
shall make public findings on whether the entity can
fairly and accurately perform the patient safety
activities of a patient safety organization. The
Secretary shall take those findings into consideration
in determining whether to accept the entity's initial
certification and any subsequent certification
submitted under subsection (a) and, based on those
findings, may deny, condition, or revoke acceptance of
the entity's certification.
(d) Listing.--The Secretary shall compile and maintain a
listing of entities with respect to which there is an
acceptance of a certification pursuant to subsection (c)(2)(A)
that has not been revoked under subsection (e) or voluntarily
relinquished.
(e) Revocation of Acceptance of Certification.--
(1) In general.--If, after notice of deficiency, an
opportunity for a hearing, and a reasonable opportunity
for correction, the Secretary determines that a patient
safety organization does not meet the certification
requirements under subsection (a)(2), including
subparagraphs (A) and (B) of such subsection, the
Secretary shall revoke the Secretary's acceptance of
the certification of such organization.
(2) Supplying confirmation of notification to
providers.--Within 15 days of a revocation under
paragraph (1), a patient safety organization shall
submit to the Secretary a confirmation that the
organization has taken all reasonable actions to notify
each provider whose patient safety work product is
collected or analyzed by the organization of such
revocation.
(3) Publication of decision.--If the Secretary
revokes the certification of an organization under
paragraph (1), the Secretary shall--
(A) remove the organization from the listing
maintained under subsection (d); and
(B) publish notice of the revocation in the
Federal Register.
(f) Status of Data After Removal From Listing.--
(1) New data.--With respect to the privilege and
confidentiality protections described in section 922,
data submitted to an entity within 30 days after the
entity is removed from the listing under subsection
(e)(3)(A) shall have the same status as data submitted
while the entity was still listed.
(2) Protection to continue to apply.--If the
privilege and confidentiality protections described in
section 922 applied to patient safety work product
while an entity was listed, or to data described in
paragraph (1), such protections shall continue to apply
to such work product or data after the entity is
removed from the listing under subsection (e)(3)(A).
(g) Disposition of Work Product and Data.--If the Secretary
removes a patient safety organization from the listing as
provided for in subsection (e)(3)(A), with respect to the
patient safety work product or data described in subsection
(f)(1) that the patient safety organization received from
another entity, such former patient safety organization shall--
(1) with the approval of the other entity and a
patient safety organization, transfer such work product
or data to such patient safety organization;
(2) return such work product or data to the entity
that submitted the work product or data; or
(3) if returning such work product or data to such
entity is not practicable, destroy such work product or
data.
SEC. 925. TECHNICAL ASSISTANCE.
The Secretary, acting through the Director, may provide
technical assistance to patient safety organizations, including
convening annual meetings for patient safety organizations to
discuss methodology, communication, data collection, or privacy
concerns.
SEC. 926. SEVERABILITY.
If any provision of this part is held to be unconstitutional,
the remainder of this part shall not be affected.
PART [C] D--GENERAL PROVISIONS
SEC. [921] 931. ADVISORY COUNCIL FOR HEALTHCARE RESEARCH AND QUALITY.
(a) * * *
* * * * * * *
SEC. [922] 932. PEER REVIEW WITH RESPECT TO GRANTS AND CONTRACTS.
(a) * * *
* * * * * * *
SEC. [923] 933. CERTAIN PROVISIONS WITH RESPECT TO DEVELOPMENT,
COLLECTION, AND DISSEMINATION OF DATA.
(a) * * *
* * * * * * *
SEC. [924] 934. DISSEMINATION OF INFORMATION.
(a) * * *
* * * * * * *
SEC. [925] 935. ADDITIONAL PROVISIONS WITH RESPECT TO GRANTS AND
CONTRACTS.
(a) * * *
* * * * * * *
SEC. [926] 936. CERTAIN ADMINISTRATIVE AUTHORITIES.
(a) * * *
* * * * * * *
SEC. [927] 937. FUNDING.
(a) * * *
* * * * * * *
(e) Patient Safety and Quality Improvement.--For the purpose
of carrying out part C, there are authorized to be appropriated
such sums as may be necessary for each of the fiscal years 2006
through 2010.
SEC. [928] 938. DEFINITIONS.
In this title:
(1) Advisory council.--The term ``Advisory Council''
means the National Advisory Council on Healthcare
Research and Quality established under section [921]
931.
* * * * * * *
�