PUBLIC LAW 109–41—JULY 29, 2005
PATIENT SAFETY AND QUALITY
IMPROVEMENT ACT OF 2005
VerDate 14-DEC-2004 11:17 Aug 05, 2005 Jkt 039139 PO 00041 Frm 00001 Fmt 6579 Sfmt 6579 E:\PUBLAW\PUBL041.109 APPS10 PsN: PUBL041
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community
Ask the community for help and clear up your study doubts
University Rankings
Discover the best universities in your country according to Docsity users
Free resources
Our save-the-student-ebooks!
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Confidentiality in Patient Safety: 2005 Act, Study Guides, Projects, Research of Public Health
The Patient Safety and Quality Improvement Act of 2005, focusing on the confidentiality of patient safety work product. The act defines patient safety work product, sets exceptions to confidentiality, and establishes the privileged and confidential nature of such work product. It also includes provisions for disclosures and the application of HIPAA confidentiality regulations.
What you will learn
- What is patient safety work product according to the Act?
- How does the Act affect the application of HIPAA confidentiality regulations to patient safety organizations?
- What are the exceptions to the confidentiality of patient safety work product?
- What privileges apply to patient safety work product?
- Under what circumstances can patient safety work product be disclosed?
Typology: Study Guides, Projects, Research
2021/2022
1 / 12
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Confidentiality in Patient Safety: 2005 Act and more Study Guides, Projects, Research Public Health in PDF only on Docsity!
PUBLIC LAW 109–41—JULY 29, 2005
PATIENT SAFETY AND QUALITY
IMPROVEMENT ACT OF 2005
119 STAT. 424 PUBLIC LAW 109–41—JULY 29, 2005
Public Law 109– 109th Congress An Act
To amend title IX of the Public Health Service Act to provide for the improvement of patient safety and to reduce the incidence of events that adversely effect patient safety.
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE; TABLE OF CONTENTS. (a) SHORT TITLE.—This Act may be cited as the ‘‘Patient Safety and Quality Improvement Act of 2005’’. (b) TABLE OF CONTENTS.—The table of contents for this Act is as follows:
Sec. 1. Short title; table of contents. Sec. 2. Amendments to Public Health Service Act. ‘‘PART C—PATIENT SAFETY IMPROVEMENT ‘‘Sec. 921. Definitions. ‘‘Sec. 922. Privilege and confidentiality protections. ‘‘Sec. 923. Network of patient safety databases. ‘‘Sec. 924. Patient safety organization certification and listing. ‘‘Sec. 925. Technical assistance. ‘‘Sec. 926. Severability. SEC. 2. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT. (a) IN GENERAL.—Title IX of the Public Health Service Act (42 U.S.C. 299 et seq.) is amended— (1) in section 912(c), by inserting ‘‘, in accordance with part C,’’ after ‘‘The Director shall’’; (2) by redesignating part C as part D; (3) by redesignating sections 921 through 928, as sections 931 through 938, respectively; (4) in section 938(1) (as so redesignated), by striking ‘‘921’’ and inserting ‘‘931’’; and (5) by inserting after part B the following:
‘‘PART C—PATIENT SAFETY IMPROVEMENT
‘‘SEC. 921. DEFINITIONS. ‘‘In this part: ‘‘(1) HIPAA CONFIDENTIALITY REGULATIONS.—The term ‘HIPAA confidentiality regulations’ means regulations promul- gated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (Public Law 104–191; 110 Stat. 2033).
42 USC 299b–21.
42 USC 299c–7.
42 USC 299c—299c–7.
42 USC 299b–1.
Patient Safety and Quality Improvement Act of 2005.
July 29, 2005 [S. 544]
119 STAT. 426 PUBLIC LAW 109–41—JULY 29, 2005
‘‘(II) are developed by a patient safety organization for the conduct of patient safety activities; and which could result in improved patient safety, health care quality, or health care outcomes; or ‘‘(ii) which identify or constitute the deliberations or analysis of, or identify the fact of reporting pursuant to, a patient safety evaluation system. ‘‘(B) CLARIFICATION.— ‘‘(i) Information described in subparagraph (A) does not include a patient’s medical record, billing and dis- charge information, or any other original patient or provider record. ‘‘(ii) Information described in subparagraph (A) does not include information that is collected, main- tained, or developed separately, or exists separately, from a patient safety evaluation system. Such separate information or a copy thereof reported to a patient safety organization shall not by reason of its reporting be considered patient safety work product. ‘‘(iii) Nothing in this part shall be construed to limit— ‘‘(I) the discovery of or admissibility of information described in this subparagraph in a criminal, civil, or administrative proceeding; ‘‘(II) the reporting of information described in this subparagraph to a Federal, State, or local governmental agency for public health surveil- lance, investigation, or other public health pur- poses or health oversight purposes; or ‘‘(III) a provider’s recordkeeping obligation with respect to information described in this subparagraph under Federal, State, or local law. ‘‘(8) PROVIDER.—The term ‘provider’ means— ‘‘(A) an individual or entity licensed or otherwise authorized under State law to provide health care services, including— ‘‘(i) a hospital, nursing facility, comprehensive out- patient rehabilitation facility, home health agency, hos- pice program, renal dialysis facility, ambulatory sur- gical center, pharmacy, physician or health care practi- tioner’s office, long term care facility, behavior health residential treatment facility, clinical laboratory, or health center; or ‘‘(ii) a physician, physician assistant, nurse practi- tioner, clinical nurse specialist, certified registered nurse anesthetist, certified nurse midwife, psycholo- gist, certified social worker, registered dietitian or nutrition professional, physical or occupational thera- pist, pharmacist, or other individual health care practi- tioner; or ‘‘(B) any other individual or entity specified in regula- tions promulgated by the Secretary.
PUBLIC LAW 109–41—JULY 29, 2005 119 STAT. 427
‘‘SEC. 922. PRIVILEGE AND CONFIDENTIALITY PROTECTIONS.
‘‘(a) PRIVILEGE.—Notwithstanding any other provision of Fed- eral, State, or local law, and subject to subsection (c), patient safety work product shall be privileged and shall not be— ‘‘(1) subject to a Federal, State, or local civil, criminal, or administrative subpoena or order, including in a Federal, State, or local civil or administrative disciplinary proceeding against a provider; ‘‘(2) subject to discovery in connection with a Federal, State, or local civil, criminal, or administrative proceeding, including in a Federal, State, or local civil or administrative disciplinary proceeding against a provider; ‘‘(3) subject to disclosure pursuant to section 552 of title 5, United States Code (commonly known as the Freedom of Information Act) or any other similar Federal, State, or local law; ‘‘(4) admitted as evidence in any Federal, State, or local governmental civil proceeding, criminal proceeding, administra- tive rulemaking proceeding, or administrative adjudicatory pro- ceeding, including any such proceeding against a provider; or ‘‘(5) admitted in a professional disciplinary proceeding of a professional disciplinary body established or specifically authorized under State law. ‘‘(b) CONFIDENTIALITY OF PATIENT SAFETY WORK PRODUCT.— Notwithstanding any other provision of Federal, State, or local law, and subject to subsection (c), patient safety work product shall be confidential and shall not be disclosed. ‘‘(c) EXCEPTIONS.—Except as provided in subsection (g)(3)— ‘‘(1) EXCEPTIONS FROM PRIVILEGE AND CONFIDENTIALITY.— Subsections (a) and (b) shall not apply to (and shall not be construed to prohibit) one or more of the following disclosures: ‘‘(A) Disclosure of relevant patient safety work product for use in a criminal proceeding, but only after a court makes an in camera determination that such patient safety work product contains evidence of a criminal act and that such patient safety work product is material to the pro- ceeding and not reasonably available from any other source. ‘‘(B) Disclosure of patient safety work product to the extent required to carry out subsection (f)(4)(A). ‘‘(C) Disclosure of identifiable patient safety work product if authorized by each provider identified in such work product. ‘‘(2) EXCEPTIONS FROM CONFIDENTIALITY.—Subsection (b) shall not apply to (and shall not be construed to prohibit) one or more of the following disclosures: ‘‘(A) Disclosure of patient safety work product to carry out patient safety activities. ‘‘(B) Disclosure of nonidentifiable patient safety work product. ‘‘(C) Disclosure of patient safety work product to grantees, contractors, or other entities carrying out research, evaluation, or demonstration projects authorized, funded, certified, or otherwise sanctioned by rule or other means by the Secretary, for the purpose of conducting research to the extent that disclosure of protected health information would be allowed for such purpose under the HIPAA confidentiality regulations.
42 USC 299b–22.
PUBLIC LAW 109–41—JULY 29, 2005 119 STAT. 429
information is patient safety work product unless such information is identified, is not patient safety work product, and is not reasonably available from another source. ‘‘(ii) NONAPPLICATION.—The limitation contained in clause (i) shall not apply in an action against a patient safety organization or with respect to disclosures pursuant to subsection (c)(1). ‘‘(B) P ROVIDERS.—An accrediting body shall not take an accrediting action against a provider based on the good faith participation of the provider in the collection, development, reporting, or maintenance of patient safety work product in accordance with this part. An accrediting body may not require a provider to reveal its communications with any patient safety organization established in accordance with this part. ‘‘(e) REPORTER PROTECTION.— ‘‘(1) IN GENERAL.—A provider may not take an adverse employment action, as described in paragraph (2), against an individual based upon the fact that the individual in good faith reported information— ‘‘(A) to the provider with the intention of having the information reported to a patient safety organization; or ‘‘(B) directly to a patient safety organization. ‘‘(2) ADVERSE EMPLOYMENT ACTION.—For purposes of this subsection, an ‘adverse employment action’ includes— ‘‘(A) loss of employment, the failure to promote an individual, or the failure to provide any other employment- related benefit for which the individual would otherwise be eligible; or ‘‘(B) an adverse evaluation or decision made in relation to accreditation, certification, credentialing, or licensing of the individual. ‘‘(f) ENFORCEMENT.— ‘‘(1) CIVIL MONETARY PENALTY.—Subject to paragraphs (2) and (3), a person who discloses identifiable patient safety work product in knowing or reckless violation of subsection (b) shall be subject to a civil monetary penalty of not more than $10, for each act constituting such violation. ‘‘(2) PROCEDURE.—The provisions of section 1128A of the Social Security Act, other than subsections (a) and (b) and the first sentence of subsection (c)(1), shall apply to civil money penalties under this subsection in the same manner as such provisions apply to a penalty or proceeding under section 1128A of the Social Security Act. ‘‘(3) RELATION TO HIPAA.—Penalties shall not be imposed both under this subsection and under the regulations issued pursuant to section 264(c)(1) of the Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d-2 note) for a single act or omission. ‘‘(4) EQUITABLE RELIEF.— ‘‘(A) IN GENERAL.—Without limiting remedies available to other parties, a civil action may be brought by any aggrieved individual to enjoin any act or practice that violates subsection (e) and to obtain other appropriate equi- table relief (including reinstatement, back pay, and restora- tion of benefits) to redress such violation.
119 STAT. 430 PUBLIC LAW 109–41—JULY 29, 2005
‘‘(B) AGAINST STATE EMPLOYEES.—An entity that is a State or an agency of a State government may not assert the privilege described in subsection (a) unless before the time of the assertion, the entity or, in the case of and with respect to an agency, the State has consented to be subject to an action described in subparagraph (A), and that consent has remained in effect. ‘‘(g) RULE OF CONSTRUCTION.—Nothing in this section shall be construed— ‘‘(1) to limit the application of other Federal, State, or local laws that provide greater privilege or confidentiality protections than the privilege and confidentiality protections provided for in this section; ‘‘(2) to limit, alter, or affect the requirements of Federal, State, or local law pertaining to information that is not privi- leged or confidential under this section; ‘‘(3) except as provided in subsection (i), to alter or affect the implementation of any provision of the HIPAA confiden- tiality regulations or section 1176 of the Social Security Act (or regulations promulgated under such section); ‘‘(4) to limit the authority of any provider, patient safety organization, or other entity to enter into a contract requiring greater confidentiality or delegating authority to make a disclo- sure or use in accordance with this section; ‘‘(5) as preempting or otherwise affecting any State law requiring a provider to report information that is not patient safety work product; or ‘‘(6) to limit, alter, or affect any requirement for reporting to the Food and Drug Administration information regarding the safety of a product or activity regulated by the Food and Drug Administration. ‘‘(h) CLARIFICATION.—Nothing in this part prohibits any person from conducting additional analysis for any purpose regardless of whether such additional analysis involves issues identical to or similar to those for which information was reported to or assessed by a patient safety organization or a patient safety evaluation system. ‘‘(i) CLARIFICATION OF APPLICATION OF HIPAA CONFIDENTIALITY REGULATIONS TO PATIENT SAFETY ORGANIZATIONS.—For purposes of applying the HIPAA confidentiality regulations— ‘‘(1) patient safety organizations shall be treated as busi- ness associates; and ‘‘(2) patient safety activities of such organizations in rela- tion to a provider are deemed to be health care operations (as defined in such regulations) of the provider. ‘‘(j) REPORTS ON STRATEGIES TO IMPROVE PATIENT SAFETY.— ‘‘(1) DRAFT REPORT.—Not later than the date that is 18 months after any network of patient safety databases is oper- ational, the Secretary, in consultation with the Director, shall prepare a draft report on effective strategies for reducing med- ical errors and increasing patient safety. The draft report shall include any measure determined appropriate by the Secretary to encourage the appropriate use of such strategies, including use in any federally funded programs. The Secretary shall make the draft report available for public comment and submit the draft report to the Institute of Medicine for review.
Public information.
119 STAT. 432 PUBLIC LAW 109–41—JULY 29, 2005
‘‘(B) The entity has appropriately qualified staff (whether directly or through contract), including licensed or certified medical professionals. ‘‘(C) The entity, within each 24-month period that begins after the date of the initial listing under subsection (d), has bona fide contracts, each of a reasonable period of time, with more than 1 provider for the purpose of receiving and reviewing patient safety work product. ‘‘(D) The entity is not, and is not a component of, a health insurance issuer (as defined in section 2791(b)(2)). ‘‘(E) The entity shall fully disclose— ‘‘(i) any financial, reporting, or contractual rela- tionship between the entity and any provider that con- tracts with the entity; and ‘‘(ii) if applicable, the fact that the entity is not managed, controlled, and operated independently from any provider that contracts with the entity. ‘‘(F) To the extent practical and appropriate, the entity collects patient safety work product from providers in a standardized manner that permits valid comparisons of similar cases among similar providers. ‘‘(G) The utilization of patient safety work product for the purpose of providing direct feedback and assistance to providers to effectively minimize patient risk. ‘‘(2) ADDITIONAL CRITERIA FOR COMPONENT ORGANIZA- TIONS.—If an entity that seeks to be a patient safety organiza- tion is a component of another organization, the following are additional criteria for the initial and subsequent certification of the entity as a patient safety organization: ‘‘(A) The entity maintains patient safety work product separately from the rest of the organization, and establishes appropriate security measures to maintain the confiden- tiality of the patient safety work product. ‘‘(B) The entity does not make an unauthorized disclo- sure under this part of patient safety work product to the rest of the organization in breach of confidentiality. ‘‘(C) The mission of the entity does not create a conflict of interest with the rest of the organization. ‘‘(c) REVIEW OF CERTIFICATION.— ‘‘(1) IN GENERAL.— ‘‘(A) INITIAL CERTIFICATION.—Upon the submission by an entity of an initial certification under subsection (a)(1), the Secretary shall determine if the certification meets the requirements of subparagraphs (A) and (B) of such subsection. ‘‘(B) SUBSEQUENT CERTIFICATION.—Upon the submis- sion by an entity of a subsequent certification under sub- section (a)(2), the Secretary shall review the certification with respect to requirements of subparagraphs (A) and (B) of such subsection. ‘‘(2) NOTICE OF ACCEPTANCE OR NON-ACCEPTANCE.—If the Secretary determines that— ‘‘(A) an entity’s initial certification meets requirements referred to in paragraph (1)(A), the Secretary shall notify the entity of the acceptance of such certification; or
PUBLIC LAW 109–41—JULY 29, 2005 119 STAT. 433
‘‘(B) an entity’s initial certification does not meet such requirements, the Secretary shall notify the entity that such certification is not accepted and the reasons therefor. ‘‘(3) DISCLOSURES REGARDING RELATIONSHIP TO PRO- VIDERS.—The Secretary shall consider any disclosures under subsection (b)(1)(E) by an entity and shall make public findings on whether the entity can fairly and accurately perform the patient safety activities of a patient safety organization. The Secretary shall take those findings into consideration in deter- mining whether to accept the entity’s initial certification and any subsequent certification submitted under subsection (a) and, based on those findings, may deny, condition, or revoke acceptance of the entity’s certification. ‘‘(d) L ISTING.—The Secretary shall compile and maintain a listing of entities with respect to which there is an acceptance of a certification pursuant to subsection (c)(2)(A) that has not been revoked under subsection (e) or voluntarily relinquished. ‘‘(e) REVOCATION OF ACCEPTANCE OF CERTIFICATION.— ‘‘(1) I N GENERAL.—If, after notice of deficiency, an oppor- tunity for a hearing, and a reasonable opportunity for correc- tion, the Secretary determines that a patient safety organiza- tion does not meet the certification requirements under sub- section (a)(2), including subparagraphs (A) and (B) of such subsection, the Secretary shall revoke the Secretary’s accept- ance of the certification of such organization. ‘‘(2) SUPPLYING CONFIRMATION OF NOTIFICATION TO PRO- VIDERS.—Within 15 days of a revocation under paragraph (1), a patient safety organization shall submit to the Secretary a confirmation that the organization has taken all reasonable actions to notify each provider whose patient safety work product is collected or analyzed by the organization of such revocation. ‘‘(3) P UBLICATION OF DECISION.—If the Secretary revokes the certification of an organization under paragraph (1), the Secretary shall— ‘‘(A) remove the organization from the listing main- tained under subsection (d); and ‘‘(B) publish notice of the revocation in the Federal Register. ‘‘(f) STATUS OF DATA AFTER REMOVAL FROM LISTING.— ‘‘(1) NEW DATA.—With respect to the privilege and confiden- tiality protections described in section 922, data submitted to an entity within 30 days after the entity is removed from the listing under subsection (e)(3)(A) shall have the same status as data submitted while the entity was still listed. ‘‘(2) PROTECTION TO CONTINUE TO APPLY.—If the privilege and confidentiality protections described in section 922 applied to patient safety work product while an entity was listed, or to data described in paragraph (1), such protections shall continue to apply to such work product or data after the entity is removed from the listing under subsection (e)(3)(A). ‘‘(g) DISPOSITION OF WORK PRODUCT AND DATA.—If the Sec- retary removes a patient safety organization from the listing as provided for in subsection (e)(3)(A), with respect to the patient safety work product or data described in subsection (f)(1) that the patient safety organization received from another entity, such former patient safety organization shall—
Federal Register, publication.
Deadline.