Healthcare is a closely regulated industry in the U.S. From the Health Insurance Portability and Accountability Act (HIPAA) to the Patient Protection and Affordable Care Act (ACA), many laws, rules, regulations and other compliance measures govern the way healthcare providers and payers interact with each other and with their patients.
As a healthcare leader, another key law to understand is the Patient Safety and Quality Improvement Act (PSQIA), which is designed to facilitate the confidential gathering of information about patient safety events. While not as high-profile as either HIPAA or ACA, it is an important pillar of the healthcare system and one that can potentially benefit patients, providers and payers through the reduction of medical errors.
An Introduction to PSQIA: What You Should Know About This Statute
When it was signed into law in 2005, PSQIA served as a relatively quick response to a landmark 1999 report from the Institute of Medicine (IOM; now the Health and Medicine Division of the National Academies) entitled “To Err is Human: Building a Safer Health System.” That report had identified the considerable costs ― mostly important in terms of lives lost but also in the form of higher healthcare expenses ― of the many types of medical error.
According to the IOM, between 44,000 and 98,000 people were dying each year in the 1990s from preventable medical errors. The nation’s hospitals were also facing up to $29 billion in additional annual costs, before even factoring in the losses in staff morale and the diminished trust from patients and communities.
In response, PSQIA created a framework for establishing patient safety organizations (PSOs) that could collect and analyze confidential patient information from healthcare providers. The Agency for Healthcare Research and Quality (AHRQ), a part of the U.S. Department of Health and Human Services (HHS), stated that the overarching goal of PSQIA is to “encourage a culture of safety in healthcare organizations.”
To that end, PSQIA allows for:
- An AHRQ-designated list of PSOs with demonstrated capabilities in the identification and reduction (through interventions) of risks to patient safety. PSOs
- More detailed reporting on, and deeper PSO analysis of, a wide range of patient safety events, including near-miss situations in which a patient was not harmed but only by virtue of chance.
- An environment in which healthcare providers, thanks to the confidentiality provisions and legal protections of PSQIA, can anonymously share patient safety information without the risk of increased liability to their operations.
- Federal implementation via the Patient Safety and Quality Improvement Final Rule, better known as simply the Patient Safety Rule, which enables physicians, clinics, hospitals, and other providers to voluntarily relay patient information to PSOs.
The voluntary dimension of PSQIA is key. Organizations are not required to send information to PSOs as part of a PSQIA-covered initiative. PSOs themselves are also not federally funded entities. The AHRQ oversees PSOs for the main purposes of maintaining a working list of them and handling official certification. The Office of Civil Rights (OCR) within HHS also works on PSO listing and certification while overseeing the confidentiality requirements built into the statute.
Implementation of PSQIA began in January 2009 under the Patient Safety Rule. Information collected under the auspices of PSQIA has confidentiality protections as well as federal privilege. PSOs are considered HIPAA business associates according to the HIPAA Privacy Rule if they collect and analyze information on behalf of HIPAA-covered entities.
Accordingly, all of the requirements of the HIPAA Privacy Rule apply to PSOs and providers participating in the voluntary reporting frameworks of PSQIA. The noncompliance penalties associated with the HIPAA Privacy Rule follow a tiered system. As such, they vary widely depending on the circumstances of the incident in question, including whether it was a product of willful neglect and if there was a reasonable expectation that the involved entities could have known about and avoided the violation. Monetary penalties may apply.
When organizations apply to become PSOs, they must fulfill specific eligibility requirements under the Patient Safety Rule, show that they will be able to comply with its mandates, develop corresponding policies and procedures, and complete the certification process. For the purposes of PSQIA, a PSO can be a nonprofit organization, an educational institution or any other entity with the primary mission of improving healthcare delivery quality. The AHRQ has noted that some types of organizations, such as insurance issuers and accreditation or licensure bodies, are ineligible to become PSOs.
How a Healthcare MBA Prepares Candidates for The Current Regulatory Environment
Earning a healthcare-focused Master of Business Administration (HCMBA) can be a gateway to new professional opportunities in healthcare leadership. The George Washington University (GW) offers a fully online HCMBA program that combines a comprehensive core in the economic, financial and administrative dimensions of healthcare with extensive options for customizing the curriculum.
The HCMBA’s core courses deepen student understanding of management topics in healthcare and provide additional background in domains such as business ethics and public policy. Beyond the core, students have the opportunity to explore coursework in patient safety systems, regulatory affairs, and similar subjects relevant to the administration of PSQIA and other healthcare statutes. Healthcare electives, general electives, graduate certificates, and study abroad opportunities give students flexible options to develop the knowledge and expertise necessary for succeeding in today’s regulatory environment.
Whether you are a clinician, entrepreneur, administrator, or health services professional, the HCMBA lets you acquire new skills while sharpening older ones. Its 100 percent online format provides a convenient and self-directed track toward a recognized professional degree from an accredited institution, free from the time-consuming constraints of traditional in-class education. Graduates are prepared to navigate a complex healthcare system in which PSQIA, HIPAA, PPACA, and other regulations are central to the work of multiple professionals.
To Err is Human: Building a Safer Health System
Become a PSO
Understanding Patient Safety Confidentiality
Improving Patient Safety
Patient Safety and Quality Improvement Act of 2005
S.544 – Patient Safety and Quality Improvement Act of 2005
The Patient Safety Rule
The Patient Safety and Quality Improvement Act of 2005: Developing an Error Reporting System to Improve Patient Safety
Summary of The HIPAA Privacy Rule