Healthcare Law Blog

TAKING BACK PRIVILEGE AND CONFIDENTIALITY: THE PATIENT SAFETY AND QUALITY IMPROVEMENT ACT OF 2005

The peer review process is an important and necessary function of health care organizations, and the benefits it yields are unquestionable. Mandated by the Medicare's Conditions of Participation and the Joint Commission, peer review helps health care providers ensure that their patients receive safe care. Each of the fifty states, including Kentucky, have recognized the importance of the peer review process and passed statutes granting privileged status to information gathered during the peer review process. Kentucky's statute, however, has been rendered ineffective by a line of court cases. Though the language of Kentucky's statute states unambiguously that all materials generated during the peer review process "shall be confidential and privileged and shall not be subject to discover, subpoena, or introduction into evidence, in any civil action in any court,"¹ Sisters of Charity Health Systems, Inc. v. Raikes, the Supreme Court of Kentucky held that this protection does not apply in medical malpractice suits.² Kentucky healthcare providers may be able to reclaim at least some confidentiality and privilege for the type of information typically compiled during peer review through a Patient Safety Organization.

The United States Patient Safety and Quality Improvement Act of 2005³ authorized the creation of Patient Safety Organization ("PSOs") to conduct and coordinate activities designed to improve patient safety and the quality of healthcare delivery. Almost any provider, from large corporate hospital systems to solo family practitioners, can be part of a PSO. According to the American Medical Association, participation in a PSO "enables physicians to learn from the experience of others, participate in redesigning systems that enhance care delivery, and develop resources and processes needed to enhance safer care, mitigate patient harm and increase care efficiency."⁴ Members of PSOs are encouraged to submit any information that tends to promote safety and improve medical care, including safety events, medical errors, root cause analyses, risk assessments and other subjective evaluations of safety events. By reporting this information to the PSO, a provider helps the PSO to develop better patient care policies and procedures that it can disseminate among its members.

Of course, a provider reporting to a PSO also gains the very tangible benefit of privilege and confidentiality for all patient safety work product that should be comparable to the privilege formerly given to information compiled in the peer review process. As defined in the Patient Safety Rule, patient safety work product includes any data, reports, records, memoranda, analyses (such as root cause analyses), or written or oral statements which could improve patient safety, health care quality, or health care outcomes and is assembled or developed by a provider and reported to a PSO. Be aware that medical records, billing and discharge information or other original patient information is not considered to be patient safety work product. Patient safety work product may not be supoenaed or discovered in a lawsuit, administrative action, or disciplinary proceeding against a provider, and may not be admitted as evidence or used in an adverse employment action or for reporting purposes. Thus, belonging to and reporting patient safety information to a PSO will help providers regain some measure of privilege.

To qualify to be a PSO, an organization must meet several requirements. The "primary activity" of the organization, which must consist of at least two providers, must be conducting activities to improve patient safety and the quality of health care services. This must include collecting patient safety work product from providers and utlizing that work product to provide direct feedback and assistance to providers to minimize patient risks. The organization must have an appropriately qualified staff that includes licensed or certified medical professionals. If these standards are met, the PSO must submit a certification that it has policies and procedures in place to perform eight statutory patient safety activities that include collecting and analyzing patient safety work product, developing and disseminating information intended to improve patient safety, and maintaining confidentiality provisions. If all of these requirements are met, the PHO will be listed by the United States Agency for the Healthcare Research and Quality ("ARHQ"). If a provider chooses to join an existing PSO, it is important to make sure that the PSO is listed with ARHQ, as members of unlisted PSOs are not entitled to privilege and confidentiality protections. Once listed, the PSO must develop a patient safety evaluation system, a formal process that allows the PSO to manage and analyze the information reported by its provider members. A patient safety evaluation system must have its own secure physical and electronic space and must clearly set forth its functions, including policies regarding when and how information is reported and how feedback will be communicated between the PSO and its member providers.

Patient safety organizations allow physicians and other providers to increase patient safety and well-being and to potentially reclaim privileged status for certain information provided during peer review-like activities. Because of these benefits, every physician should consider joining or creating a patient safety organization.

Services may be performed by others.

This article does not constitute legal advice.

Endnotes

¹See KRS 311.377(2).

²See Raikes, 984 S.W.2d 464, 469 (Ky. 1999).

³42 U.S.C. § 299b-21, et seq.

⁴American Medical Association, "The physician's guide to patient safety organizations," 2009.