|
OREGON PATIENT SAFETY REPORTING PROGRAM:
Hospital Participation
Hospital Participation
| - |
| LEGAL SERVICES BULLETIN | |
|||
| ||||
OREGON PATIENT SAFETY REPORTING PROGRAM: Hospital Participation |
||||
The Oregon Patient Safety Reporting Program is a voluntary reporting program in which health care providers, including hospitals, long term care facilities, pharmacies and others, report serious adverse events, root cause analysis and action plans to the Oregon Patient Safety Commission. The Oregon Legislative Assembly enacted the program in 2003 and on January 31, 2006, the Commission approved the final administrative rules necessary to implement hospital reporting under the program.
The Commission is now actively soliciting participation in the hospital portion of the Patient Safety Reporting Program. This Legal Services Bulletin is intended to help you resolve any legal questions you may have as you evaluate your hospital’s participation in the program. OAHHS also will be issuing Guidelines for Participation in the very near future. These guidelines will discuss general compliance requirements and suggest particular actions. Look for these to be posted on both the OAHHS quality site at www.orhospitalquality.org and the main association site at www.oahhs.org.
Questions:
What agreement must I enter into to participate?
Hospitals apply for participation in the Oregon Patient Safety Reporting Program by completing the Commission’s registration form and submitting the applicable annual fee. The registration form must include the name of a designated contact person.
In agreeing to participate a hospital must affirm that it is willing to fully share requested data with the Commission. This statement must be co-signed by the hospital’s Chief Executive Officer, Chairperson of the Board of Directors, and the Director of Quality Management, or their equivalents. Upon enrolling in the Oregon Patient Safety Reporting Program, a hospital also must have adopted policies and procedures describing patient safety activities, including how it triages adverse events; how it investigates adverse events, including root cause analysis protocols; and how it provides notice of adverse events to a patient and/or family member. The Hospital Participant must provide copies to the Commission upon request. (OAR 325-010-0005)
Is this agreement legally binding?
It is expected that the participation agreement will require participation for a minimum of one year. If a hospital wishes to withdraw, however, we do not believe the Commission can legally prevent that action. The program is voluntary. The fee paid for participation, however, is not refundable. And, see the next question on consequences if your hospital does not comply with the terms of participation.
What are the consequences if my hospital does not fully comply with the terms of participation?
The Commission may deny, suspend or revoke a hospital’s participation if the Commission finds that there has been a substantial failure to comply with the provisions of participation. If the Commission believes a hospital is not meeting its participation requirements, the Commission must provide the Hospital Participant with a written notice explaining why. The Hospital Participant will have 30 calendar days to respond and come into compliance. (OAR 325-010-0015)
“Substantial failure” is not defined in the Commission’s administrative rules and how it will be applied remains to be seen. The Commission is committed to strong hospital participation, however, so likely will work with a hospital in achieving the participation it requires rather than immediately suspending or revoking a hospital’s enrollment. If a hospital wishes to contest a denial, suspension or revocation of the hospital’s participation, the hospital may do so pursuant to a formal contested care proceeding under OAR 183.310 to 183.470. (OAR 325-010-0015)
The Commission will publish through press releases those hospitals that are participating in the program and a hospital that either chooses not to participate or is terminated from the program will be absent from the list. OAR 325-010-0005. The Commission also has a website that likely will list participants.
Is my hospital pharmacy considered part of the hospital or will it report separately when pharmacies are phased into the program?
Hospital pharmacies are considered part of the hospital. (OAR 325-010-0001)
Hospitals report “serious adverse events”. What events are included?
A reportable serious adverse event is any unanticipated, usually preventable consequence of patient care that results in patient death or serious physical injury, including the events described in Appendix A. (OAR 325-010-0001)
Appendix A, which is attached with this Legal Services Bulletin, lists those events that are reportable. The list is based on the National Quality Forum “27 nevers”. In addition to this list, however, the Appendix includes “any other unanticipated, usually preventable consequence of patient care that results in patient death or serious physical injury.” This means that even if an event is not specifically listed in the Appendix but nonetheless was unanticipated, preventable and resulted in patient death or serious physical injury is reportable. OAHHS has objected to this “catch all” category as overly broad and ambiguous. The Commission’s point of view is that they are creating a learning tool. The more your report, the more useful the tool. The results will not be used against you. We believe the Commission is open to ongoing dialogue with hospitals about the program and hope this topic may be revisited.
What if the event resulted from a reasonable difference in clinical judgment rather than an actual error; is that reportable?
This event likely is not reportable although there is no clear “black line” answer. When evaluating whether to report, consider whether the clinical judgment at issue deviates from the established medical literature or standard. If so, err on the side of reporting. Also, when in doubt call the Commission and ask.
What if a patient leaves the hospital but then several days later suffers a serious adverse event at home; is that reportable?
No, the event must occur inside the walls of the hospital.
When has an event caused “serious physical injury”
The Commission does not define “serious physical injury.” OAHHS objected to this omission because without it hospitals will be left with insufficient guidance regarding what is reportable. For example, did a patient fall that resulted in significant bruising to an older patient cause “serious physical injury”? The Commission has committed to taking on this issue and publishing further guidelines. In the meantime, the Commission encourages participating hospitals to call and inquire whether a particular incident is reportable.
How do I comply with the requirement to notify the patient in writing of an adverse event and what is my legal risk?
After a serious adverse event has occurred, the hospital must provide written notification to each affected patient, and when the hospital deems it appropriate to the patient’s personal representative. Notification must be timely and should be consistent with the hospital’s internal communication and disclosure policies. Notice provided under this subsection may not be construed as an admission of liability in a civil action. (OAR 325-010-0045)
This requirement breaks down as follows. Hospitals must:
Hospitals may rely on existing communication and disclosure policies in crafting its notice. OAHHS has worked with the Oregon Medical Association, however, in developing a model notice that we believe meets the letter and spirit of the law. This notice is attached with this Legal Services Bulletin. The notice is intended to be sent to the patient or personal representative after an in person conversation at the hospital. Note that the model notice is not officially adopted by the Commission. Hospitals should feel free to use it as they wish, changing language as they deem appropriate.
The rules do not define “timely.” Hospitals should adopt policies and procedures providing for when this notice will be given. “Timely” likely will differ depending upon such factors as the medical status of the patient.
Hospitals should determine who will communicate with the patient about an adverse event. Face to face conversations likely will be done by the patient’s physician while the written notice may come from the hospital administrator.
Hospitals also should review existing policies and procedures regarding personal representatives and add this written notice to the list of possible disclosures to personal representatives.
Note that this notification requirement only applies when a reportable serious adverse event has occurred. Near misses are not included.
Finally, remember that the written notice cannot be construed as an admission of guilt in a civil proceeding.
What is my risk that my hospital will be identified with an adverse event?
Commission administrative rules require the Commission to maintain the confidentiality of all patient safety data that identifies or could be reasonably used to identify a hospital or an individual who is receiving or has received health care from the hospital. Pursuant to ORS 442.820(4), meetings or portions of meetings where the Oregon Patient Safety Commission Board of Directors, or subcommittees or advisory committees consider information that identifies a participant or patient are not subject to the Oregon Public Meetings Law, ORS 192.610 to 192.690 (OAR 325-010-0055). This means that any Commission review or evaluation of data that identifies a hospital or any individual patient or will be done in a confidential setting. Hospitals have expressed concern that the Commission will discuss data that, while technically de-identified, because of circumstances or other publicity could only be associated with one hospital or clinician. The Commission has committed to only discussing such cases in a confidential setting.
In addition, every member of the Board of Directors signs a confidentiality agreement to ensure that they understand and acknowledge their responsibility to maintain the confidentiality of patient safety data. That pledge makes it clear that failure to comply may result in a Commissioner being held personally liable for unauthorized release of information.
What other confidentiality protections apply?
Oregon law provides that patient safety data reported to the Oregon Patient Safety Commission and information developed pursuant to the auditing and oversight functions of the Commission may not be disclosed to, subject to subpoena by or used by any state agency for purposes of any enforcement or regulatory action in relation to a participant. (See Sec. 5, Chapter 686 Oregon Laws 2003)
Further, reports or other information developed and disseminated by the program may not contain or reveal the name of or other identifiable information with respect to a particular participant providing information to the commission, or to any individual identified in the report or information, and upon whose patient safety data, patient safety activities and reports the commission has relied in developing and disseminating information pursuant to this section. (See, Sec. 4, Chapter 686 Oregon Laws 2003)
These sections refer to “patient safety data”. That term is defined to include: means oral communication or written reports, data, records, memoranda, analyses, deliberative work, statements, root cause analyses or action plans that are collected or developed to improve patient safety or health care quality that:
These confidentiality protections cover a hospital employee agent, employee, consultant, representative, volunteer or medical staff member of the entity. (OAR 325-010-0001)
Remember that while patient safety data is protected from disclosure, state agencies, litigants and others continue to have the same access to the patient records as they always have. (See, Sec. 5, Chapter 686 Oregon Laws 2003) A hospital cannot protect this information from disclosure by calling it patient safety data.
Should I be worried about committing a violation of the HIPAA privacy regulations?
We believe hospitals are protected from significant risk of a HIPAA privacy violation because the Patient Safety Commission likely qualifies as a public health authority. As such, hospitals may disclose patient information to it without patient authorization. Nonetheless, hospitals should take several precautions. First, it is advisable to insert language in the Event Form that the hospital is submitting this data to the Patient Safety Commission in its role as a public health authority. Second, only submit information that is minimally necessary to meet the requirements of the form and do not submit identifiable patient information if it is not necessary for valuable and complete review of the incident.
OAHHS hopes this information is helpful to you. Remember that this Legal Services Bulletin is intended to provide general guidance only and cannot substitute for formal legal advice that must be engaged by individual hospitals.
If you have questions or concerns, please feel free to contact Gwen Dayton, Executive Vice President and General Counsel at gdayton@oahhs.org or (503) 636-2204. A full copy of the Commission’s administrative rules is available at http://egov.oregon.gov/DHS/ph/pscommission
| Return to Legal Bulletins |