7-21-05, Bill Passed Senate by Unanimous Consent
7-27-05, Bill Passed House 428-3
7-29-05, Became Public Law 109-41
One Hundred Ninth Congress
of the
United States of America
AT THE FIRST SESSION
Begun and held at the City of Washington on Tuesday,
the fourth day of January, two thousand and five
An Act
To amend title IX of the Public Health Service Act to provide for
the improvement of patient safety and to reduce the incidence of events that
adversely effect patient safety.
Be it enacted by the Senate and House of Representatives of the United
States of America in Congress assembled,
SECTION 1. SHORT TITLE; TABLE OF CONTENTS.
(a) Short Title- This Act may be cited as the `Patient Safety and Quality
Improvement Act of 2005'.
(b) Table of Contents- The table of contents for this Act is as follows:
Sec. 1. Short title; table of contents.
Sec. 2. Amendments to Public Health Service Act.
`Part C--Patient Safety Improvement
`Sec. 921. Definitions.
`Sec. 922. Privilege and confidentiality protections.
`Sec. 923. Network of patient safety databases.
`Sec. 924. Patient safety organization certification and listing.
`Sec. 925. Technical assistance.
`Sec. 926. Severability.
SEC. 2. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT.
(a) In General- Title IX of the Public Health Service Act (42 U.S.C. 299 et
seq.) is amended--
(1) in section 912(c), by inserting `, in accordance with part C,' after
`The Director shall';
(2) by redesignating part C as part D;
(3) by redesignating sections 921 through 928, as sections 931 through 938,
respectively;
(4) in section 938(1) (as so redesignated), by striking `921' and inserting
`931'; and
(5) by inserting after part B the following:
`PART C--PATIENT SAFETY IMPROVEMENT
`SEC. 921. DEFINITIONS.
`(1) HIPAA CONFIDENTIALITY REGULATIONS- The term `HIPAA confidentiality
regulations' means regulations promulgated under section 264(c) of the Health
Insurance Portability and Accountability Act of 1996 (Public Law 104-191;
110 Stat. 2033).
`(2) IDENTIFIABLE PATIENT SAFETY WORK PRODUCT- The term `identifiable patient
safety work product' means patient safety work product that--
`(A) is presented in a form and manner that allows the identification
of any provider that is a subject of the work product, or any providers
that participate in activities that are a subject of the work product;
`(B) constitutes individually identifiable health information as that
term is defined in the HIPAA confidentiality regulations; or
`(C) is presented in a form and manner that allows the identification
of an individual who reported information in the manner specified in section
922(e).
`(3) NONIDENTIFIABLE PATIENT SAFETY WORK PRODUCT- The term `nonidentifiable
patient safety work product' means patient safety work product that is not
identifiable patient safety work product (as defined in paragraph (2)).
`(4) PATIENT SAFETY ORGANIZATION- The term `patient safety organization'
means a private or public entity or component thereof that is listed by
the Secretary pursuant to section 924(d).
`(5) PATIENT SAFETY ACTIVITIES- The term `patient safety activities' means
the following activities:
`(A) Efforts to improve patient safety and the quality of health care
delivery.
`(B) The collection and analysis of patient safety work product.
`(C) The development and dissemination of information with respect to
improving patient safety, such as recommendations, protocols, or information
regarding best practices.
`(D) The utilization of patient safety work product for the purposes of
encouraging a culture of safety and of providing feedback and assistance
to effectively minimize patient risk.
`(E) The maintenance of procedures to preserve confidentiality with respect
to patient safety work product.
`(F) The provision of appropriate security measures with respect to patient
safety work product.
`(G) The utilization of qualified staff.
`(H) Activities related to the operation of a patient safety evaluation
system and to the provision of feedback to participants in a patient safety
evaluation system.
`(6) PATIENT SAFETY EVALUATION SYSTEM- The term `patient safety evaluation
system' means the collection, management, or analysis of information for
reporting to or by a patient safety organization.
`(7) PATIENT SAFETY WORK PRODUCT-
`(A) IN GENERAL- Except as provided in subparagraph (B), the term `patient
safety work product' means any data, reports, records, memoranda, analyses
(such as root cause analyses), or written or oral statements--
`(I) are assembled or developed by a provider for reporting to a patient
safety organization and are reported to a patient safety organization;
or
`(II) are developed by a patient safety organization for the conduct
of patient safety activities;
and which could result in improved patient safety, health care quality,
or health care outcomes; or
`(ii) which identify or constitute the deliberations or analysis of,
or identify the fact of reporting pursuant to, a patient safety evaluation
system.
`(i) Information described in subparagraph (A) does not include a patient's
medical record, billing and discharge information, or any other original
patient or provider record.
`(ii) Information described in subparagraph (A) does not include information
that is collected, maintained, or developed separately, or exists separately,
from a patient safety evaluation system. Such separate information or
a copy thereof reported to a patient safety organization shall not by
reason of its reporting be considered patient safety work product.
`(iii) Nothing in this part shall be construed to limit--
`(I) the discovery of or admissibility of information described in
this subparagraph in a criminal, civil, or administrative proceeding;
`(II) the reporting of information described in this subparagraph
to a Federal, State, or local governmental agency for public health
surveillance, investigation, or other public health purposes or health
oversight purposes; or
`(III) a provider's recordkeeping obligation with respect to information
described in this subparagraph under Federal, State, or local law.
`(8) PROVIDER- The term `provider' means--
`(A) an individual or entity licensed or otherwise authorized under State
law to provide health care services, including--
`(i) a hospital, nursing facility, comprehensive outpatient rehabilitation
facility, home health agency, hospice program, renal dialysis facility,
ambulatory surgical center, pharmacy, physician or health care practitioner's
office, long term care facility, behavior health residential treatment
facility, clinical laboratory, or health center; or
`(ii) a physician, physician assistant, nurse practitioner, clinical
nurse specialist, certified registered nurse anesthetist, certified
nurse midwife, psychologist, certified social worker, registered dietitian
or nutrition professional, physical or occupational therapist, pharmacist,
or other individual health care practitioner; or
`(B) any other individual or entity specified in regulations promulgated
by the Secretary.
`SEC. 922. PRIVILEGE AND CONFIDENTIALITY PROTECTIONS.
`(a) Privilege- Notwithstanding any other provision of Federal, State, or
local law, and subject to subsection (c), patient safety work product shall
be privileged and shall not be--
`(1) subject to a Federal, State, or local civil, criminal, or administrative
subpoena or order, including in a Federal, State, or local civil or administrative
disciplinary proceeding against a provider;
`(2) subject to discovery in connection with a Federal, State, or local
civil, criminal, or administrative proceeding, including in a Federal, State,
or local civil or administrative disciplinary proceeding against a provider;
`(3) subject to disclosure pursuant to section 552 of title 5, United States
Code (commonly known as the Freedom of Information Act) or any other similar
Federal, State, or local law;
`(4) admitted as evidence in any Federal, State, or local governmental civil
proceeding, criminal proceeding, administrative rulemaking proceeding, or
administrative adjudicatory proceeding, including any such proceeding against
a provider; or
`(5) admitted in a professional disciplinary proceeding of a professional
disciplinary body established or specifically authorized under State law.
`(b) CONFIDENTIALITY OF PATIENT SAFETY WORK PRODUCT- Notwithstanding any other
provision of Federal, State, or local law, and subject to subsection (c),
patient safety work product shall be confidential and shall not be disclosed.
`(c) Exceptions- Except as provided in subsection (g)(3)--
`(1) EXCEPTIONS FROM PRIVILEGE AND CONFIDENTIALITY- Subsections (a) and
(b) shall not apply to (and shall not be construed to prohibit) one or more
of the following disclosures:
`(A) Disclosure of relevant patient safety work product for use in a criminal
proceeding, but only after a court makes an in camera determination that
such patient safety work product contains evidence of a criminal act and
that such patient safety work product is material to the proceeding and
not reasonably available from any other source.
`(B) Disclosure of patient safety work product to the extent required
to carry out subsection (f)(4)(A).
`(C) Disclosure of identifiable patient safety work product if authorized
by each provider identified in such work product.
`(2) EXCEPTIONS FROM CONFIDENTIALITY- Subsection (b) shall not apply to
(and shall not be construed to prohibit) one or more of the following disclosures:
`(A) Disclosure of patient safety work product to carry out patient safety
activities.
`(B) Disclosure of nonidentifiable patient safety work product.
`(C) Disclosure of patient safety work product to grantees, contractors,
or other entities carrying out research, evaluation, or demonstration
projects authorized, funded, certified, or otherwise sanctioned by rule
or other means by the Secretary, for the purpose of conducting research
to the extent that disclosure of protected health information would be
allowed for such purpose under the HIPAA confidentiality regulations.
`(D) Disclosure by a provider to the Food and Drug Administration with
respect to a product or activity regulated by the Food and Drug Administration.
`(E) Voluntary disclosure of patient safety work product by a provider
to an accrediting body that accredits that provider.
`(F) Disclosures that the Secretary may determine, by rule or other means,
are necessary for business operations and are consistent with the goals
of this part.
`(G) Disclosure of patient safety work product to law enforcement authorities
relating to the commission of a crime (or to an event reasonably believed
to be a crime) if the person making the disclosure believes, reasonably
under the circumstances, that the patient safety work product that is
disclosed is necessary for criminal law enforcement purposes.
`(H) With respect to a person other than a patient safety organization,
the disclosure of patient safety work product that does not include materials
that--
`(i) assess the quality of care of an identifiable provider; or
`(ii) describe or pertain to one or more actions or failures to act
by an identifiable provider.
`(3) EXCEPTION FROM PRIVILEGE- Subsection (a) shall not apply to (and shall
not be construed to prohibit) voluntary disclosure of nonidentifiable patient
safety work product.
`(d) Continued Protection of Information After Disclosure-
`(1) IN GENERAL- Patient safety work product that is disclosed under subsection
(c) shall continue to be privileged and confidential as provided for in
subsections (a) and (b), and such disclosure shall not be treated as a waiver
of privilege or confidentiality, and the privileged and confidential nature
of such work product shall also apply to such work product in the possession
or control of a person to whom such work product was disclosed.
`(2) EXCEPTION- Notwithstanding paragraph (1), and subject to paragraph
(3)--
`(A) if patient safety work product is disclosed in a criminal proceeding,
the confidentiality protections provided for in subsection (b) shall no
longer apply to the work product so disclosed; and
`(B) if patient safety work product is disclosed as provided for in subsection
(c)(2)(B) (relating to disclosure of nonidentifiable patient safety work
product), the privilege and confidentiality protections provided for in
subsections (a) and (b) shall no longer apply to such work product.
`(3) CONSTRUCTION- Paragraph (2) shall not be construed as terminating or
limiting the privilege or confidentiality protections provided for in subsection
(a) or (b) with respect to patient safety work product other than the specific
patient safety work product disclosed as provided for in subsection (c).
`(4) LIMITATIONS ON ACTIONS-
`(A) PATIENT SAFETY ORGANIZATIONS-
`(i) IN GENERAL- A patient safety organization shall not be compelled
to disclose information collected or developed under this part whether
or not such information is patient safety work product unless such information
is identified, is not patient safety work product, and is not reasonably
available from another source.
`(ii) NONAPPLICATION- The limitation contained in clause (i) shall not
apply in an action against a patient safety organization or with respect
to disclosures pursuant to subsection (c)(1).
`(B) PROVIDERS- An accrediting body shall not take an accrediting action
against a provider based on the good faith participation of the provider
in the collection, development, reporting, or maintenance of patient safety
work product in accordance with this part. An accrediting body may not require
a provider to reveal its communications with any patient safety organization
established in accordance with this part.
`(e) Reporter Protection-
`(1) IN GENERAL- A provider may not take an adverse employment action, as
described in paragraph (2), against an individual based upon the fact that
the individual in good faith reported information--
`(A) to the provider with the intention of having the information reported
to a patient safety organization; or
`(B) directly to a patient safety organization.
`(2) ADVERSE EMPLOYMENT ACTION- For purposes of this subsection, an `adverse
employment action' includes--
`(A) loss of employment, the failure to promote an individual, or the
failure to provide any other employment-related benefit for which the
individual would otherwise be eligible; or
`(B) an adverse evaluation or decision made in relation to accreditation,
certification, credentialing, or licensing of the individual.
`(1) CIVIL MONETARY PENALTY- Subject to paragraphs (2) and (3), a person
who discloses identifiable patient safety work product in knowing or reckless
violation of subsection (b) shall be subject to a civil monetary penalty
of not more than $10,000 for each act constituting such violation.
`(2) PROCEDURE- The provisions of section 1128A of the Social Security Act,
other than subsections (a) and (b) and the first sentence of subsection
(c)(1), shall apply to civil money penalties under this subsection in the
same manner as such provisions apply to a penalty or proceeding under section
1128A of the Social Security Act.
`(3) RELATION TO HIPAA- Penalties shall not be imposed both under this subsection
and under the regulations issued pursuant to section 264(c)(1) of the Health
Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d-2
note) for a single act or omission.
`(A) IN GENERAL- Without limiting remedies available to other parties,
a civil action may be brought by any aggrieved individual to enjoin any
act or practice that violates subsection (e) and to obtain other appropriate
equitable relief (including reinstatement, back pay, and restoration of
benefits) to redress such violation.
`(B) AGAINST STATE EMPLOYEES- An entity that is a State or an agency of
a State government may not assert the privilege described in subsection
(a) unless before the time of the assertion, the entity or, in the case
of and with respect to an agency, the State has consented to be subject
to an action described in subparagraph (A), and that consent has remained
in effect.
`(g) Rule of Construction- Nothing in this section shall be construed--
`(1) to limit the application of other Federal, State, or local laws that
provide greater privilege or confidentiality protections than the privilege
and confidentiality protections provided for in this section;
`(2) to limit, alter, or affect the requirements of Federal, State, or local
law pertaining to information that is not privileged or confidential under
this section;
`(3) except as provided in subsection (i), to alter or affect the implementation
of any provision of the HIPAA confidentiality regulations or section 1176
of the Social Security Act (or regulations promulgated under such section);
`(4) to limit the authority of any provider, patient safety organization,
or other entity to enter into a contract requiring greater confidentiality
or delegating authority to make a disclosure or use in accordance with this
section;
`(5) as preempting or otherwise affecting any State law requiring a provider
to report information that is not patient safety work product; or
`(6) to limit, alter, or affect any requirement for reporting to the Food
and Drug Administration information regarding the safety of a product or
activity regulated by the Food and Drug Administration.
`(h) CLARIFICATION- Nothing in this part prohibits any person from conducting
additional analysis for any purpose regardless of whether such additional
analysis involves issues identical to or similar to those for which information
was reported to or assessed by a patient safety organization or a patient
safety evaluation system.
`(i) CLARIFICATION OF APPLICATION OF HIPAA CONFIDENTIALITY REGULATIONS TO
PATIENT SAFETY ORGANIZATIONS- For purposes of applying the HIPAA confidentiality
regulations--
`(1) patient safety organizations shall be treated as business associates;
and
`(2) patient safety activities of such organizations in relation to a provider
are deemed to be health care operations (as defined in such regulations)
of the provider.
`(j) Reports on Strategies to Improve Patient Safety-
`(1) DRAFT REPORT- Not later than the date that is 18 months after any network
of patient safety databases is operational, the Secretary, in consultation
with the Director, shall prepare a draft report on effective strategies
for reducing medical errors and increasing patient safety. The draft report
shall include any measure determined appropriate by the Secretary to encourage
the appropriate use of such strategies, including use in any federally funded
programs. The Secretary shall make the draft report available for public
comment and submit the draft report to the Institute of Medicine for review.
`(2) FINAL REPORT- Not later than 1 year after the date described in paragraph
(1), the Secretary shall submit a final report to the Congress.
`SEC. 923. NETWORK OF PATIENT SAFETY DATABASES.
`(a) In General- The Secretary shall facilitate the creation of, and maintain,
a network of patient safety databases that provides an interactive evidence-based
management resource for providers, patient safety organizations, and other
entities. The network of databases shall have the capacity to accept, aggregate
across the network, and analyze nonidentifiable patient safety work product
voluntarily reported by patient safety organizations, providers, or other
entities. The Secretary shall assess the feasibility of providing for a single
point of access to the network for qualified researchers for information aggregated
across the network and, if feasible, provide for implementation.
`(b) Data Standards- The Secretary may determine common formats for the reporting
to and among the network of patient safety databases maintained under subsection
(a) of nonidentifiable patient safety work product, including necessary work
product elements, common and consistent definitions, and a standardized computer
interface for the processing of such work product. To the extent practicable,
such standards shall be consistent with the administrative simplification
provisions of part C of title XI of the Social Security Act.
`(c) Use of Information- Information reported to and among the network of
patient safety databases under subsection (a) shall be used to analyze national
and regional statistics, including trends and patterns of health care errors.
The information resulting from such analyses shall be made available to the
public and included in the annual quality reports prepared under section 913(b)(2).
`SEC. 924. PATIENT SAFETY ORGANIZATION CERTIFICATION AND LISTING.
`(1) INITIAL CERTIFICATION- An entity that seeks to be a patient safety
organization shall submit an initial certification to the Secretary that
the entity--
`(A) has policies and procedures in place to perform each of the patient
safety activities described in section 921(5); and
`(B) upon being listed under subsection (d), will comply with the criteria
described in subsection (b).
`(2) SUBSEQUENT CERTIFICATIONS- An entity that is a patient safety organization
shall submit every 3 years after the date of its initial listing under subsection
(d) a subsequent certification to the Secretary that the entity--
`(A) is performing each of the patient safety activities described in
section 921(5); and
`(B) is complying with the criteria described in subsection (b).
`(1) IN GENERAL- The following are criteria for the initial and subsequent
certification of an entity as a patient safety organization:
`(A) The mission and primary activity of the entity are to conduct activities
that are to improve patient safety and the quality of health care delivery.
`(B) The entity has appropriately qualified staff (whether directly or
through contract), including licensed or certified medical professionals.
`(C) The entity, within each 24-month period that begins after the date
of the initial listing under subsection (d), has bona fide contracts,
each of a reasonable period of time, with more than 1 provider for the
purpose of receiving and reviewing patient safety work product.
`(D) The entity is not, and is not a component of, a health insurance
issuer (as defined in section 2791(b)(2)).
`(E) The entity shall fully disclose--
`(i) any financial, reporting, or contractual relationship between the
entity and any provider that contracts with the entity; and
`(ii) if applicable, the fact that the entity is not managed, controlled,
and operated independently from any provider that contracts with the
entity.
`(F) To the extent practical and appropriate, the entity collects patient
safety work product from providers in a standardized manner that permits
valid comparisons of similar cases among similar providers.
`(G) The utilization of patient safety work product for the purpose of
providing direct feedback and assistance to providers to effectively minimize
patient risk.
`(2) ADDITIONAL CRITERIA FOR COMPONENT ORGANIZATIONS- If an entity that
seeks to be a patient safety organization is a component of another organization,
the following are additional criteria for the initial and subsequent certification
of the entity as a patient safety organization:
`(A) The entity maintains patient safety work product separately from
the rest of the organization, and establishes appropriate security measures
to maintain the confidentiality of the patient safety work product.
`(B) The entity does not make an unauthorized disclosure under this part
of patient safety work product to the rest of the organization in breach
of confidentiality.
`(C) The mission of the entity does not create a conflict of interest
with the rest of the organization.
`(c) REVIEW OF CERTIFICATION-
`(A) INITIAL CERTIFICATION- Upon the submission by an entity of an initial
certification under subsection (a)(1), the Secretary shall determine if
the certification meets the requirements of subparagraphs (A) and (B)
of such subsection.
`(B) SUBSEQUENT CERTIFICATION- Upon the submission by an entity of a subsequent
certification under subsection (a)(2), the Secretary shall review the
certification with respect to requirements of subparagraphs (A) and (B)
of such subsection.
`(2) NOTICE OF ACCEPTANCE OR NON-ACCEPTANCE- If the Secretary determines
that--
`(A) an entity's initial certification meets requirements referred to
in paragraph (1)(A), the Secretary shall notify the entity of the acceptance
of such certification; or
`(B) an entity's initial certification does not meet such requirements,
the Secretary shall notify the entity that such certification is not accepted
and the reasons therefor.
`(3) DISCLOSURES REGARDING RELATIONSHIP TO PROVIDERS- The Secretary shall
consider any disclosures under subsection (b)(1)(E) by an entity and shall
make public findings on whether the entity can fairly and accurately perform
the patient safety activities of a patient safety organization. The Secretary
shall take those findings into consideration in determining whether to accept
the entity's initial certification and any subsequent certification submitted
under subsection (a) and, based on those findings, may deny, condition,
or revoke acceptance of the entity's certification.
`(d) LISTING- The Secretary shall compile and maintain a listing of entities
with respect to which there is an acceptance of a certification pursuant to
subsection (c)(2)(A) that has not been revoked under subsection (e) or voluntarily
relinquished.
`(e) REVOCATION OF ACCEPTANCE OF CERTIFICATION-
`(1) IN GENERAL- If, after notice of deficiency, an opportunity for a hearing,
and a reasonable opportunity for correction, the Secretary determines that
a patient safety organization does not meet the certification requirements
under subsection (a)(2), including subparagraphs (A) and (B) of such subsection,
the Secretary shall revoke the Secretary's acceptance of the certification
of such organization.
`(2) SUPPLYING CONFIRMATION OF NOTIFICATION TO PROVIDERS- Within 15 days
of a revocation under paragraph (1), a patient safety organization shall
submit to the Secretary a confirmation that the organization has taken all
reasonable actions to notify each provider whose patient safety work product
is collected or analyzed by the organization of such revocation.
`(3) PUBLICATION OF DECISION- If the Secretary revokes the certification
of an organization under paragraph (1), the Secretary shall--
`(A) remove the organization from the listing maintained under subsection
(d); and
`(B) publish notice of the revocation in the Federal Register.
`(f) STATUS OF DATA AFTER REMOVAL FROM LISTING-
`(1) NEW DATA- With respect to the privilege and confidentiality protections
described in section 922, data submitted to an entity within 30 days after
the entity is removed from the listing under subsection (e)(3)(A) shall
have the same status as data submitted while the entity was still listed.
`(2) PROTECTION TO CONTINUE TO APPLY- If the privilege and confidentiality
protections described in section 922 applied to patient safety work product
while an entity was listed, or to data described in paragraph (1), such
protections shall continue to apply to such work product or data after the
entity is removed from the listing under subsection (e)(3)(A).
`(g) DISPOSITION OF WORK PRODUCT AND DATA- If the Secretary removes a patient
safety organization from the listing as provided for in subsection (e)(3)(A),
with respect to the patient safety work product or data described in subsection
(f)(1) that the patient safety organization received from another entity,
such former patient safety organization shall--
`(1) with the approval of the other entity and a patient safety organization,
transfer such work product or data to such patient safety organization;
`(2) return such work product or data to the entity that submitted the work
product or data; or
`(3) if returning such work product or data to such entity is not practicable,
destroy such work product or data.
`SEC. 925. TECHNICAL ASSISTANCE.
`The Secretary, acting through the Director, may provide technical assistance
to patient safety organizations, including convening annual meetings for patient
safety organizations to discuss methodology, communication, data collection,
or privacy concerns.
`SEC. 926. SEVERABILITY.
`If any provision of this part is held to be unconstitutional, the remainder
of this part shall not be affected.'.
(b) Authorization of Appropriations- Section 937 of the Public Health Service
Act (as redesignated by subsection (a)) is amended by adding at the end the
following:
`(e) Patient Safety and Quality Improvement- For the purpose of carrying out
part C, there are authorized to be appropriated such sums as may be necessary
for each of the fiscal years 2006 through 2010.'.
(c) GAO Study on Implementation-
(1) STUDY- The Comptroller General of the United States shall conduct a
study on the effectiveness of part C of title IX of the Public Health Service
Act (as added by subsection (a)) in accomplishing the purposes of such part.
(2) REPORT- Not later than February 1, 2010, the Comptroller General shall
submit a report on the study conducted under paragraph (1). Such report
shall include such recommendations for changes in such part as the Comptroller
General deems appropriate.
Speaker of the House of Representatives.
Vice President of the United States and
President of the Senate.
END
