[Congressional Bills 108th Congress]
[From the U.S. Government Publishing Office]
[S. 720 Reported in Senate (RS)]






                                                       Calendar No. 387
108th CONGRESS
  1st Session
                                 S. 720

                          [Report No. 108-196]

 To amend title IX of the Public Health Service Act to provide for the 
  improvement of patient safety and to reduce the incidence of events 
                 that adversely effect patient safety.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 26, 2003

Mr. Jeffords (for himself, Mr. Frist, Mr. Breaux, Mr. Gregg, Mr. Enzi, 
Mr. Hagel, and Mr. Smith) introduced the following bill; which was read 
 twice and referred to the Committee on Health, Education, Labor, and 
                                Pensions

                           November 17, 2003

                Reported by Mr. Gregg, with an amendment
 [Strike out all after the enacting clause and insert the part printed 
                               in italic]

_______________________________________________________________________

                                 A BILL


 
 To amend title IX of the Public Health Service Act to provide for the 
  improvement of patient safety and to reduce the incidence of events 
                 that adversely effect patient safety.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

<DELETED>SECTION 1. SHORT TITLE.</DELETED>

<DELETED>    This Act may be cited as the ``Patient Safety and Quality 
Improvement Act''.</DELETED>

<DELETED>SEC. 2. FINDINGS AND PURPOSES.</DELETED>

<DELETED>    (a) Findings.--Congress makes the following 
findings:</DELETED>
        <DELETED>    (1) In 1999, the Institute of Medicine released a 
        report entitled To Err is Human that described medical errors 
        as the eighth leading cause of death in the United States, with 
        as many as 98,000 people dying as a result of medical errors 
        each year.</DELETED>
        <DELETED>    (2) To address these deaths and injuries due to 
        medical errors, the health care system must identify and learn 
        from such errors so that systems of care can be 
        improved.</DELETED>
        <DELETED>    (3) In their report, the Institute of Medicine 
        called on Congress to provide legal protections with respect to 
        information reported for the purposes of quality improvement 
        and patient safety.</DELETED>
        <DELETED>    (4) The Health, Education, Labor, and Pensions 
        Committee of the Senate held 4 hearings in the 106th Congress 
        and 1 hearing in the 107th Congress on patient safety where 
        experts in the field supported the recommendation of the 
        Institute of Medicine for congressional action.</DELETED>
        <DELETED>    (5) Myriad public and private patient safety 
        initiatives have begun. The Quality Interagency Coordination 
        Taskforce has recommended steps to improve patient safety that 
        may be taken by each Federal agency involved in health care and 
        activities relating to these steps are ongoing.</DELETED>
        <DELETED>    (6) The research on patient safety unequivocally 
        calls for a learning environment, rather than a punitive 
        environment, in order to improve patient safety.</DELETED>
        <DELETED>    (7) Voluntary data gathering systems are more 
        supportive than mandatory systems in creating the learning 
        environment referred to in paragraph (5) as stated in the 
        Institute of Medicine's report.</DELETED>
        <DELETED>    (8) Promising patient safety reporting systems 
        have been established throughout the United States and the best 
        ways to structure and use these systems are currently being 
        determined, largely through projects funded by the Agency for 
        Healthcare Research and Quality.</DELETED>
        <DELETED>    (9) The Department of Health and Human Services 
        has initiated several patient safety projects. The Joint 
        Commission on Accreditation of Healthcare Organizations issued 
        a patient safety standard that went into effect on July 1, 
        2001, and the peer review organizations are conducting ongoing 
        studies of clinical performance measurement of care delivered 
        to beneficiaries under the medicare program under title XVIII 
        of the Social Security Act.</DELETED>
        <DELETED>    (10) Many organizations currently collecting 
        patient safety data have expressed a need for legal protections 
        that will allow them to review protected information so that 
        they may collaborate in the development and implementation of 
        patient safety improvement strategies. Currently, the State 
        peer review protections provide inadequate conditions to allow 
        the sharing of information to promote patient safety.</DELETED>
        <DELETED>    (11) In 2001, the Institute of Medicine released a 
        report entitled Crossing the Quality Chasm that found that the 
        United States health care system does not consistently deliver 
        high quality care to patients.</DELETED>
<DELETED>    (b) Purposes.--It is the purpose of this Act to--
</DELETED>
        <DELETED>    (1) encourage a culture of safety and quality in 
        the United States health care system by providing for legal 
        protection of information reported voluntarily for the purposes 
        of quality improvement and patient safety; and</DELETED>
        <DELETED>    (2) ensure accountability by raising standards and 
        expectations for continuous quality improvements in patient 
        safety through the actions of the Secretary of Health and Human 
        Services.</DELETED>

<DELETED>SEC. 3. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT.</DELETED>

<DELETED>    Title IX of the Public Health Service Act (42 U.S.C. 299 
et seq.) is amended--</DELETED>
        <DELETED>    (1) in section 912(c), by inserting ``, in 
        accordance with part C,'' after ``The Director 
        shall'';</DELETED>
        <DELETED>    (2) by redesignating part C as part D;</DELETED>
        <DELETED>    (3) by redesignating sections 921 through 928, as 
        sections 931 through 938, respectively;</DELETED>
        <DELETED>    (4) in section 938(1) (as so redesignated), by 
        striking ``921'' and inserting ``931''; and</DELETED>
        <DELETED>    (5) by inserting after part B the 
        following:</DELETED>

        <DELETED>``PART C--PATIENT SAFETY IMPROVEMENT</DELETED>

<DELETED>``SEC. 921. DEFINITIONS.</DELETED>

<DELETED>    ``In this part:</DELETED>
        <DELETED>    ``(1) Non-identifiable information.--The term 
        `non-identifiable information' means information that is 
        presented in a form and manner that prevents the identification 
        of any provider, patient, and the reporter of patient safety 
        data.</DELETED>
        <DELETED>    ``(2) Patient safety data.--The term `patient 
        safety data' means--</DELETED>
                <DELETED>    ``(A) any data, reports, records, 
                memoranda, analyses, deliberative work, statements, 
                root cause analyses, or quality improvement processes 
                that could result in improved patient safety or health 
                care quality, that are--</DELETED>
                        <DELETED>    ``(i) collected or developed by a 
                        provider for the purpose of reporting to a 
                        patient safety organization;</DELETED>
                        <DELETED>    ``(ii) reported to a patient 
                        safety organization for patient safety or 
                        quality improvement processes;</DELETED>
                        <DELETED>    ``(iii) requested by a patient 
                        safety organization (including the contents of 
                        such request);</DELETED>
                        <DELETED>    ``(iv) reported to a provider by a 
                        patient safety organization;</DELETED>
                        <DELETED>    ``(v) collected or developed by a 
                        patient safety organization; or</DELETED>
                        <DELETED>    ``(vi) reported among patient 
                        safety organizations, after obtaining 
                        authorization; or</DELETED>
                <DELETED>    ``(B) information related to corrective 
                actions taken in response to patient safety 
                data;</DELETED>
        <DELETED>for the purpose of improving patient safety, health 
        care quality, or health care outcomes.</DELETED>
        <DELETED>    ``(3) Patient safety organization.--The term 
        `patient safety organization' means a private or public 
        organization or component thereof that performs the following 
        activities (which are deemed to be necessary for the proper 
        management and administration of such organization or component 
        thereof):</DELETED>
                <DELETED>    ``(A) The conduct, as its primary 
                activity, of efforts to improve patient safety and the 
                quality of health care delivery.</DELETED>
                <DELETED>    ``(B) The collection and analysis of 
                patient safety data that are voluntarily submitted by a 
                provider.</DELETED>
                <DELETED>    ``(C) The development and dissemination of 
                information to providers with respect to improving 
                patient safety, such as recommendations, protocols, or 
                information regarding best practices.</DELETED>
                <DELETED>    ``(D) The utilization of patient safety 
                data to carry out activities under this paragraph and 
                for the purposes of encouraging a culture of safety and 
                of providing direct feedback and assistance to 
                providers to effectively minimize patient 
                risk.</DELETED>
                <DELETED>    ``(E) The maintenance of confidentiality 
                with respect to individually identifiable health 
                information.</DELETED>
                <DELETED>    ``(F) The provision of appropriate 
                security measures with respect to patient safety 
                data.</DELETED>
                <DELETED>    ``(G) The certification to the Agency that 
                the patient safety organization satisfies the criteria 
                of this paragraph for the period in which the 
                organization is carrying out such duties.</DELETED>
        <DELETED>    ``(4) Provider.--The term `provider' means--
        </DELETED>
                <DELETED>    ``(A) a provider of services (as defined 
                in section 1861(u) of the Social Security Act) and a 
                person furnishing any medical or other health care 
                services (as defined in section 1861(s)(1) and (2) of 
                such Act) through, or under the authority of, such a 
                provider of services;</DELETED>
                <DELETED>    ``(B) a physician (as defined in section 
                1861(r) of such Act);</DELETED>
                <DELETED>    ``(C) any other person, including a 
                pharmacist, who is engaged in the delivery of medical 
                or other health services (as defined in section 
                1861(s)(1) and (2) of such Act) in a State and who is 
                required by State law or regulation to be licensed or 
                certified by the State to engage in the delivery of 
                such services in the State;</DELETED>
                <DELETED>    ``(D) a renal dialysis facility, 
                ambulatory surgical center, pharmacy, physician or 
                health care practitioner's office, long term care 
                facility, behavioral health residential treatment 
                facility, or clinical laboratory; or</DELETED>
                <DELETED>    ``(E) any other person or entity specified 
                in regulations by the Secretary after public notice and 
                comment.</DELETED>

<DELETED>``SEC. 922. CONFIDENTIALITY AND PEER REVIEW 
              PROTECTIONS.</DELETED>

<DELETED>    ``(a) In General.--Notwithstanding any other provision of 
law, and subject to this section, patient safety data shall be 
privileged and confidential.</DELETED>
<DELETED>    ``(b) Scope of Privilege.--Subject to the provisions of 
subsection (c), patient safety data to which subsection (a) applies 
shall not be--</DELETED>
        <DELETED>    ``(1) subject to a civil, criminal, or 
        administrative subpoena;</DELETED>
        <DELETED>    ``(2) subject to discovery in connection with a 
        civil, criminal, or administrative proceeding;</DELETED>
        <DELETED>    ``(3) disclosed pursuant to section 552 of title 
        5, United States Code (commonly known as the Freedom of 
        Information Act) or any other similar Federal or State 
        law;</DELETED>
        <DELETED>    ``(4) admitted as evidence or otherwise disclosed 
        in any civil, criminal, or administrative proceeding; 
        or</DELETED>
        <DELETED>    ``(5) utilized in an adverse employment action or 
        in the evaluation of decisions made in relation to 
        accreditation, certification, credentialing or licensing of an 
        individual, that is based on such individual's participation in 
        the development, collection, reporting, or storage of patient 
        safety data in accordance with this part.</DELETED>
<DELETED>    ``(c) Disclosure Requirements.--Nothing in this section 
shall be construed to prohibit one or more of the following disclosures 
(which are deemed to be necessary for the proper management and 
administration of the patient safety organization):</DELETED>
        <DELETED>    ``(1) Disclosures by a provider in complying with 
        authorized requests for the provision of information to which 
        subsection (a) applies (such as a patient's medical record or 
        other relevant information) that is in the control of such a 
        provider and that has been developed, maintained, or exists 
        separately from the process by which the provider collects or 
        develops information for reporting to a patient safety 
        organization.</DELETED>
        <DELETED>    ``(2) Disclosures by a provider or patient safety 
        organization of patient safety data as part of a disciplinary 
        proceeding relating to a provider, or a criminal proceeding, if 
        such a disclosure of such patient safety data is--</DELETED>
                <DELETED>    ``(A) material to the 
                proceeding;</DELETED>
                <DELETED>    ``(B) within the public interest; 
                and</DELETED>
                <DELETED>    ``(C) not available from any other 
                source.</DELETED>
        <DELETED>    ``(3) Disclosures by a provider or patient safety 
        organization of relevant information to the Food and Drug 
        Administration, or to a person that is subject to the 
        jurisdiction of such Administration, with respect to an 
        Administration-regulated product or activity for which that 
        entity has responsibility, for the purposes of activities 
        related to the quality, safety, or effectiveness of such 
        Administration-regulated product or activity, subject to 
        section 520(c) of the Federal Food, Drug, and Cosmetic 
        Act.</DELETED>
        <DELETED>    ``(4) Disclosures by a provider or patient safety 
        organization of information to which subsection (a) applies to 
        carry out activities described in paragraph (2)(A) (i) through 
        (vi) or (3) of section 921.</DELETED>
<DELETED>    ``(d) Transfer of Information.--The transfer of any 
patient safety data by a provider to a patient safety organization 
shall not be treated as a waiver of any privilege or protection 
established under this part or established under State law.</DELETED>
<DELETED>    ``(e) Penalty.--Except as provided in subsection (c) and 
as otherwise provided for in this section, it shall be unlawful for any 
person to disclose any patient safety data described in subsection (a). 
Any person violating the provisions of this section shall, upon 
conviction, be fined in accordance with section 934(d).</DELETED>
<DELETED>    ``(f) No Limitation of Other Privileges.--Nothing in this 
section shall be construed to limit other privileges that are available 
under Federal or State laws that provide greater peer review or 
confidentiality protections than the peer review and confidentiality 
protections provided for in this section.</DELETED>
<DELETED>    ``(g) Rule of Construction.--Nothing in this section shall 
be construed to alter or affect the implementation of any provision of 
section 264(c) of the Health Insurance Portability and Accountability 
Act of 1996 (Public Law 104-191; 110 Stat. 2033) or any regulation 
promulgated under such section.</DELETED>

<DELETED>``SEC. 923. NATIONAL DATABASE.</DELETED>

<DELETED>    ``(a) Authority.--</DELETED>
        <DELETED>    ``(1) In general.--In conducting activities under 
        this part, the Secretary may provide for the establishment and 
        maintenance of a database to receive relevant non-identifiable 
        patient safety data, or may designate entities to collect 
        relevant non-identifiable patient safety data, that is 
        voluntarily reported by patient safety organizations upon the 
        request of the Secretary.</DELETED>
        <DELETED>    ``(2) Use of data.--Data reported to any database 
        established or designated under paragraph (1) shall be used to 
        analyze regional variations and national statistics related to 
        patient safety and health care quality. The information 
        resulting from such analyses may be included in the annual 
        quality reports prepared under section 913(b)(2).</DELETED>
<DELETED>    ``(b) Standards.--In developing or designating a database 
under subsection (a)(1), the Secretary may determine common formats for 
the voluntary reporting of non-identifiable patient safety data, 
including necessary data elements, common and consistent definitions, 
and a standardized computer interface for the processing of such data. 
To the extent practicable, such standards shall be consistent with the 
administrative simplification provisions of part C of title XI of the 
Social Security Act.</DELETED>
<DELETED>    ``(c) Confidentiality.--Any non-identifiable patient 
safety data that is transferred to the database under this section 
shall be privileged and confidential.</DELETED>

<DELETED>``SEC. 924. TECHNICAL ASSISTANCE.</DELETED>

<DELETED>    ``The Secretary, acting through the Director, may provide 
technical assistance to patient safety organizations. Such assistance 
shall include annual meetings for patient safety organizations to 
discuss methodology, communication, data collection, or privacy 
concerns.</DELETED>

<DELETED>``SEC. 925. PROMOTING THE INTEGRATION OF HEALTH CARE 
              INFORMATION TECHNOLOGY SYSTEMS.</DELETED>

<DELETED>    ``(a) Development.--Not later than 36 months after the 
date of enactment of the Patient Safety and Quality Improvement Act, 
the Secretary shall develop or adopt voluntary national standards that 
promote the integration of health care information technology 
systems.</DELETED>
<DELETED>    ``(b) Updates.--The Secretary shall provide for the 
ongoing review and periodic updating of the standards developed under 
subsection (a).</DELETED>
<DELETED>    ``(c) Dissemination.--The Secretary shall provide for the 
dissemination of the standards developed and updated under this 
section.</DELETED>

<DELETED>``SEC. 926. AUTHORIZATION OF APPROPRIATIONS.</DELETED>

<DELETED>    ``There is authorized to be appropriated such sums as may 
be necessary to carry out this part.''.</DELETED>

<DELETED>SEC. 4. STUDIES AND REPORTS.</DELETED>

<DELETED>    (a) Medical Technologies and Therapies.--</DELETED>
        <DELETED>    (1) In general.--The Secretary of Health and Human 
        Services shall enter into a contract with an appropriate 
        research organization for the conduct of a study to assess the 
        impact of medical technologies and therapies on patient safety, 
        patient benefit, health care quality, and the costs of care as 
        well as productivity growth. Such study shall determine--
        </DELETED>
                <DELETED>    (A) the extent to which the current health 
                care system's use of labor versus the use of technology 
                has contributed to increases in the share of the gross 
                domestic product that is devoted to health care and the 
                impact of medical technologies and therapies on such 
                increases;</DELETED>
                <DELETED>    (B) the extent to which early and 
                appropriate introduction and integration of innovative 
                medical technologies and therapies may affect the 
                overall productivity and quality of the health care 
                delivery systems of the United States; and</DELETED>
                <DELETED>    (C) the relationship of such medical 
                technologies and therapies to patient safety, patient 
                benefit, health care quality, and cost of 
                care.</DELETED>
        <DELETED>    (2) Report.--Not later than 18 months after the 
        date of enactment of this Act, the Secretary of Health and 
        Human Services shall prepare and submit to the appropriate 
        committees of Congress a report containing the results of the 
        study conducted under paragraph (1).</DELETED>
<DELETED>    (b) State Laws Relating to Patient Safety Peer Review 
Systems.--</DELETED>
        <DELETED>    (1) Survey.--The Attorney General shall conduct a 
        survey of State laws that relate to patient safety data peer 
        review systems, including laws that establish an evidentiary 
        privilege applicable to data developed by such systems, and 
        shall review the manner in which such laws have been 
        interpreted by the courts.</DELETED>
        <DELETED>    (2) Report.--Not later than 9 months after the 
        date of enactment of this Act, the Attorney General shall 
        prepare and submit to the Committee on Health, Education, 
        Labor, and Pensions of the Senate and the Committee on Energy 
        and Commerce of the House of Representatives, a report 
        concerning the results of the survey conducted under paragraph 
        (1).</DELETED>

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Patient Safety and Quality 
Improvement Act of 2003''.

SEC. 2. FINDINGS AND PURPOSES.

    (a) Findings.--Congress makes the following findings:
            (1) In 1999, the Institute of Medicine released a report 
        entitled To Err is Human that described medical errors as the 
        eighth leading cause of death in the United States, with as 
        many as 98,000 people dying as a result of medical errors each 
        year.
            (2) To address these deaths and injuries due to medical 
        errors, the health care system must identify and learn from 
        such errors so that systems of care can be improved.
            (3) In their report, the Institute of Medicine called on 
        Congress to provide legal protections with respect to 
        information reported for the purposes of quality improvement 
        and patient safety.
            (4) The Health, Education, Labor, and Pensions Committee of 
        the Senate held 4 hearings in the 106th Congress and 1 hearing 
        in the 107th Congress on patient safety where experts in the 
        field supported the recommendation of the Institute of Medicine 
        for congressional action.
            (5) Myriad public and private patient safety initiatives 
        have begun. The Quality Interagency Coordination Taskforce has 
        recommended steps to improve patient safety that may be taken 
        by each Federal agency involved in health care and activities 
        relating to these steps are ongoing.
            (6) The research on patient safety unequivocally calls for 
        a learning environment, rather than a punitive environment, in 
        order to improve patient safety.
            (7) Voluntary data gathering systems are more supportive 
        than mandatory systems in creating the learning environment 
        referred to in paragraph (6) as stated in the Institute of 
        Medicine's report.
            (8) Promising patient safety reporting systems have been 
        established throughout the United States and the best ways to 
        structure and use these systems are currently being determined, 
        largely through projects funded by the Agency for Healthcare 
        Research and Quality.
            (9) Many organizations currently collecting patient safety 
        data have expressed a need for legal protections that will 
        allow them to review protected information and collaborate in 
        the development and implementation of patient safety 
        improvement strategies. Currently, the State peer review 
        protections are inadequate to allow the sharing of information 
        to promote patient safety.
    (b) Purposes.--It is the purpose of this Act to--
            (1) encourage a culture of safety and quality in the United 
        States health care system by providing for legal protection of 
        information reported voluntarily for the purposes of quality 
        improvement and patient safety; and
            (2) ensure accountability by raising standards and 
        expectations for continuous quality improvements in patient 
        safety.

SEC. 3. AMENDMENTS TO PUBLIC HEALTH SERVICE ACT.

    Title IX of the Public Health Service Act (42 U.S.C. 299 et seq.) 
is amended--
            (1) in section 912(c), by inserting ``, in accordance with 
        part C,'' after ``The Director shall'';
            (2) by redesignating part C as part D;
            (3) by redesignating sections 921 through 928, as sections 
        931 through 938, respectively;
            (4) in 934(d) (as so redesignated), by striking the second 
        sentence and inserting the following: ``Penalties provided for 
        under this section shall be imposed and collected by the 
        Secretary using the administrative and procedural processes 
        used to impose and collect civil money penalties under section 
        1128A of the Social Security Act (other than subsections (a) 
        and (b), the second sentence of subsection (f), and subsections 
        (i), (m), and (n)), unless the Secretary determines that a 
        modification of procedures would be more suitable or reasonable 
        to carry out this subsection and provides for such modification 
        by regulation.'';
            (5) in section 938(1) (as so redesignated), by striking 
        ``921'' and inserting ``931''; and
            (6) by inserting after part B the following:

                  ``PART C--PATIENT SAFETY IMPROVEMENT

``SEC. 921. DEFINITIONS.

    ``In this part:
            ``(1) Non-identifiable information.--
                    ``(A) In general.--The term `non-identifiable 
                information' means information that is presented in a 
                form and manner that prevents the identification of a 
                provider, a patient, or a reporter of patient safety 
                data.
                    ``(B) Identifiability of patient.--For purposes of 
                subparagraph (A), the term `presented in a form and 
                manner that prevents the identification of a patient' 
                means, with respect to information that has been 
                subject to rules promulgated pursuant to section 264(c) 
                of the Health Insurance Portability and Accountability 
                Act of 1996 (42 U.S.C. 1320d-2 note), that the 
                information has been de-identified so that it is no 
                longer individually identifiable health information as 
                defined in such rules.
            ``(2) Patient safety data.--
                    ``(A) In general.--The term `patient safety data' 
                means--
                            ``(i) any data, reports, records, 
                        memoranda, analyses (such as root cause 
                        analyses), or statements that could result in 
                        improved patient safety or health care quality 
                        or health care outcomes, that are--
                                    ``(I) collected or developed by a 
                                provider for reporting to a patient 
                                safety organization, provided that they 
                                are reported to the patient safety 
                                organization within a reasonable period 
                                of time;
                                    ``(II) requested by a patient 
                                safety organization (including the 
                                contents of such request);
                                    ``(III) reported to a provider by a 
                                patient safety organization; or
                                    ``(IV) collected from a provider or 
                                patient safety organization or 
                                developed by a patient safety 
                                organization; or
                            ``(ii) any deliberative work or process or 
                        oral communications with respect to any patient 
                        safety data described in clause (i).
                    ``(B) Limitation.--The term `patient safety data' 
                shall not include information (including a patient's 
                medical record) that is collected or developed 
                separately from and that exists separately from patient 
                safety data. Such separate information or a copy 
                thereof submitted to a patient safety organization 
                shall not itself be considered as patient safety data.
            ``(3) Patient safety organization.--The term `patient 
        safety organization' means a private or public organization or 
        component thereof that performs all of the following activities 
        (which are deemed to be necessary for the proper management and 
        administration of such organization or component thereof), and 
        that is currently listed by the Secretary as a patient safety 
        organization pursuant to section 924(c):
                    ``(A) The conduct, as its primary activity, of 
                efforts to improve patient safety and the quality of 
                health care delivery.
                    ``(B) The collection and analysis of patient safety 
                data that are submitted by more than one provider.
                    ``(C) The development and dissemination of 
                information to providers with respect to improving 
                patient safety, such as recommendations, protocols, or 
                information regarding best practices.
                    ``(D) The utilization of patient safety data for 
                the purposes of encouraging a culture of safety and of 
                providing direct feedback and assistance to providers 
                to effectively minimize patient risk.
                    ``(E) The maintenance of a process to preserve 
                confidentiality with respect to the information that is 
                not non-identifiable.
                    ``(F) The provision of appropriate security 
                measures with respect to patient safety data.
                    ``(G) The submittal to the Secretary of a 
                certification pursuant to section 924.
            ``(4) Provider.--The term `provider' means--
                    ``(A) a person licensed or otherwise authorized 
                under State law to provide health care services, 
                including--
                            ``(i) a hospital, nursing facility, 
                        comprehensive outpatient rehabilitation 
                        facility, home health agency, hospice program, 
                        renal dialysis facility, ambulatory surgical 
                        center, pharmacy, physician or health care 
                        practitioner's office, long term care facility, 
                        behavior health residential treatment facility, 
                        clinical laboratory, or health center; or
                            ``(ii) a physician, physician assistant, 
                        nurse practitioner, clinical nurse specialist, 
                        certified registered nurse anesthetist, 
                        certified nurse midwife, psychologist, 
                        certified social worker, registered dietitian 
                        or nutrition professional, physical or 
                        occupational therapist, pharmacist, or other 
                        individual health care practitioner; or
                    ``(B) any other person specified in regulations 
                promulgated by the Secretary.

``SEC. 922. PRIVILEGE AND CONFIDENTIALITY PROTECTIONS.

    ``(a) Privilege.--Notwithstanding any other provision of Federal, 
State, or local law, patient safety data shall be privileged and, 
subject to the provisions of subsection (c), shall not be--
            ``(1) subject to a Federal, State, or local civil, 
        criminal, or administrative subpoena;
            ``(2) subject to discovery in connection with a Federal, 
        State, or local civil, criminal, or administrative proceeding;
            ``(3) disclosed pursuant to section 552 of title 5, United 
        States Code (commonly known as the Freedom of Information Act) 
        or any other similar Federal, State, or local law;
            ``(4) admitted as evidence or otherwise disclosed in any 
        Federal, State, or local civil, criminal, or administrative 
        proceeding; or
            ``(5) utilized in a disciplinary proceeding against a 
        provider.
    ``(b) Confidentiality.--Notwithstanding any other provision of 
Federal, State, or local law, and subject to the provisions of 
subsections (c) and (d), patient safety data shall be confidential and 
shall not be disclosed.
    ``(c) Exceptions to Privilege and Confidentiality.--Nothing in this 
section shall be construed to prohibit one or more of the following 
uses or disclosures:
            ``(1) Disclosure by a provider or patient safety 
        organization of relevant patient safety data for use in a 
        criminal proceeding only after a court makes an in camera 
        determination that such patient safety data contains evidence 
        of an intentional act to directly harm the patient.
            ``(2) Voluntary disclosure by a provider or patient safety 
        organization of information to the Food and Drug 
        Administration, or to a person that is subject to the 
        jurisdiction of the Food and Drug Administration, with respect 
        to a Food and Drug Administration-regulated product or activity 
        for which that entity has responsibility, for the purposes of 
        activities related to the quality, safety, or effectiveness of 
        a Food and Drug Administration-regulated product or activity or 
        a Food and Drug Administration proceeding.
            ``(3) Voluntary disclosure of non-identifiable patient 
        safety data by a provider or a patient safety organization.
            ``(4) Voluntary disclosure by a provider of patient safety 
        data to the Centers for Disease Control and Prevention for 
        public health surveillance, investigation, or other public 
        health activities.
    ``(d) Protected Disclosure and Use of Information.--Nothing in this 
section shall be construed to prohibit one or more of the following 
uses or disclosures:
            ``(1) Disclosure by a provider or patient safety 
        organization of information to which subsections (a) or (b) 
        applies to carry out activities described in paragraph (2) or 
        (3) of section 921.
            ``(2) Use or disclosure by a provider or patient safety 
        organization of patient safety data in connection with 
        providing treatment, improving patient safety, health care 
        quality or administrative efficiency, or any other customary 
        activity of the provider or in obtaining payment.
            ``(3) Disclosure of patient safety data among patient 
        safety organizations.
            ``(4) Disclosure of patient safety data by a provider or 
        patient safety organization to grantees or contractors carrying 
        out patient safety research, evaluation, or demonstration 
        projects authorized by the Director.
            ``(5) Disclosure of patient safety data by a provider to an 
        accrediting body that accredits that provider.
    ``(e) Continued Protection of Information.--Patient safety data 
used or disclosed in accordance with subsection (d) shall continue to 
be privileged and confidential in accordance with subsections (a) and 
(b) and shall not be disclosed--
            ``(1) by an entity that possessed such information before 
        such use or disclosure; or
            ``(2) by an entity to which the information was disclosed;
unless such additional disclosure is permitted under subsection (d).
    ``(f) Limitation on Actions.--
            ``(1) Patient safety organizations.--Except as provided in 
        subsection (c), no action may be brought or process served 
        against a patient safety organization to compel disclosure of 
        information collected or developed under this part whether or 
        not such information is patient safety data.
            ``(2) Providers.--An accrediting body shall not take an 
        accrediting action against a provider based on the good faith 
        participation of the provider in the collection, development, 
        reporting, or maintenance of patient safety data in accordance 
        with this part. An accrediting body may not require a provider 
        to reveal its communications with any patient safety 
        organization established in accordance with this part.
    ``(g) Disclosure or Use of Information.--
            ``(1) In general.--Except with respect to the specific 
        patient safety data that is used or disclosed, the disclosure 
        or use of any patient safety data in accordance with subsection 
        (c) or (d) shall not be treated as a waiver of any privilege or 
        protection established under this part.
            ``(2) Inadvertent disclosure or use.--The inadvertent 
        disclosure or use of patient safety data shall not waive any 
        privilege or protection established under this part with 
        respect to such data.
    ``(h) Reporter Protection.--
            ``(1) In general.--A provider may not take an adverse 
        employment action, as described in paragraph (2), against an 
        individual based upon the fact that the individual in good 
        faith reported information--
                    ``(A) to the provider with the intention of having 
                the information reported to a patient safety 
                organization; or
                    ``(B) directly to a patient safety organization.
            ``(2) Adverse employment action.--For purposes of this 
        subsection, an `adverse employment action' includes--
                    ``(A) loss of employment, the failure to promote an 
                individual, or the failure to provide any other 
                employment-related benefit for which the individual 
                would otherwise be eligible; or
                    ``(B) an adverse evaluation or decision made in 
                relation to accreditation, certification, 
                credentialing, or licensing of the individual.
    ``(i) Enforcement.--
            ``(1) Prohibition.--Except as provided in subsections (c) 
        and (d) and as otherwise provided for in this section, it shall 
        be unlawful for any person to negligently or intentionally 
        disclose any patient safety data described in subsection (a) 
        and any such person shall, upon adjudication, be assessed in 
        accordance with section 934(d).
            ``(2) Relation to hipaa.--The penalty provided for under 
        paragraph (1) shall not apply if the defendant would otherwise 
        be subject to a penalty under the regulations promulgated under 
        section 264(c) of the Health Insurance Portability and 
        Accountability Act of 1996 (42 U.S.C. 1320d-2 note) or under 
        section 1176 of the Social Security Act (42 U.S.C. 1320d-5) for 
        the same disclosure.
            ``(3) Equitable relief.--Without limiting remedies 
        available to other parties, a civil action may be brought by 
        any aggrieved individual to enjoin any act or practice that 
        violates subsection (h) and to obtain other appropriate 
        equitable relief (including reinstatement, back pay, and 
        restoration of benefits) to redress such violation.
            ``(4) Actions against state employees.--Notwithstanding 
        subsection (a), with respect to a State employer, the privilege 
        described in such subsection shall not apply to such employer 
        unless the employer consents, in advance, to be subject to a 
        civil action under paragraph (3).
    ``(j) Rule of Construction.--Nothing in this section shall be 
construed to--
            ``(1) limit other privileges that are available under 
        Federal, State, or local laws that provide greater 
        confidentiality protections or privileges than the privilege 
        and confidentiality protections provided for in this section;
            ``(2) limit, alter, or affect the requirements of Federal, 
        State, or local law pertaining to patient-related data that is 
        not privileged or confidential under this section;
            ``(3) alter or affect the implementation of any provision 
        of section 264(c) of the Health Insurance Portability and 
        Accountability Act of 1996 (Public Law 104-191; 110 Stat. 
        2033), section 1176 of the Social Security Act (42 U.S.C. 
        1320d-5), or any regulation promulgated under such sections;
            ``(4) limit the authority of any provider, patient safety 
        organization, or other person to enter into a contract 
        requiring greater confidentiality or delegating authority to 
        make a disclosure or use in accordance with subsection (c) or 
        (d); and
            ``(5) prohibit a provider from reporting crime to law 
        enforcement authorities.

``SEC. 923. PATIENT SAFETY NETWORK OF DATABASES.

    ``(a) In General.--The Secretary shall maintain a patient safety 
network of databases that provides an interactive evidence-based 
management resource for providers, patient safety organizations, and 
other persons. The network of databases shall have the capacity to 
accept, aggregate, and analyze nonidentifiable patient safety data 
voluntarily reported by patient safety organizations, providers, or 
other persons.
    ``(b) Network of Database Standards.--The Secretary may determine 
common formats for the reporting to the patient safety network of 
databases maintained under subsection (a) of nonidentifiable patient 
safety data, including necessary data elements, common and consistent 
definitions, and a standardized computer interface for the processing 
of such data. To the extent practicable, such standards shall be 
consistent with the administrative simplification provisions of part C 
of title XI of the Social Security Act.

``SEC. 924. PATIENT SAFETY ORGANIZATION CERTIFICATION AND LISTING.

    ``(a) Certification.--
            ``(1) Initial certification.--Except as provided in 
        paragraph (2), an entity that seeks to be a patient safety 
        organization shall submit an initial certification to the 
        Secretary that the entity intends to perform the activities 
described in subparagraphs (A) through (F) of section 921(3).
            ``(2) Delayed certification of collection from more than 
        one provider.--An entity that seeks to be a patient safety 
        organization may--
                    ``(A) submit an initial certification that it 
                intends to perform the activities described in 
                subparagraph (A) through (F) of section 921(3) other 
                than the activities described in subparagraph (B) of 
                such section; and
                    ``(B) within 2 years of submitting the initial 
                certification under subparagraph (A), submit a 
                supplemental certification that it performs the 
                activities described in section 921(3)(B).
            ``(3) Expiration and renewal.--
                    ``(A) Expiration.--An initial certification under 
                paragraph (1) or (2)(A) shall expire on the date that 
                is 3 years after it is submitted.
                    ``(B) Renewal.--
                            ``(i) In general.--An entity that seeks to 
                        remain a patient safety organization after the 
                        expiration of an initial certification under 
                        paragraph (1) or (2)(A) shall, within the 3-
                        year period described in subparagraph (A), 
                        submit a renewal certification to the Secretary 
                        that the entity satisfies the criteria 
                        described in subparagraph (A) through (F) of 
                        section 921(3).
                            ``(ii) Term of renewal.--A renewal 
                        certification under clause (i) shall expire on 
                        the date that is 3 years after that date on 
                        which it is submitted, and may be renewed in 
                        the same manner as an initial certification.
    ``(b) Acceptance of Certification.--Upon the submission by an 
organization of an initial certification pursuant to subsection (a)(1) 
or (a)(2)(A), a supplemental certification pursuant to subsection 
(a)(2)(B), or a renewal certification pursuant to subsection (a)(3)(B), 
the Secretary shall review such certification and--
            ``(1) if such certification meets the requirements of 
        subsection (a)(1) or (a)(2)(A), (a)(2)(B), or (a)(3)(B), as 
        applicable, the Secretary shall notify the organization that 
        such certification is accepted; or
            ``(2) if such certification does not meet such 
        requirements, as applicable, the Secretary shall notify the 
        organization that such certification is not accepted and the 
        reasons therefore.
    ``(c) Listing.--
            ``(1) In general.--Except as otherwise provided in this 
        subsection, the Secretary shall compile and maintain a current 
        listing of patient safety organizations with respect to which 
        the Secretary has accepted a certification pursuant to 
        subsection (b).
            ``(2) Removal from listing.--The Secretary shall remove 
        from the listing under paragraph (1)--
                    ``(A) an entity with respect to which the Secretary 
                has accepted an initial certification pursuant to 
                subsection (a)(2)(A) and which does not submit a 
                supplemental certification pursuant to subsection 
                (a)(2)(B) that is accepted by the Secretary;
                    ``(B) an entity whose certification expires and 
                which does not submit a renewal application that is 
                accepted by the Secretary; and
                    ``(C) an entity with respect to which the Secretary 
                revokes the Secretary's acceptance of the entity's 
                certification, pursuant to subsection (d).
    ``(d) Revocation of Acceptance.--
            ``(1) In general.--Except as provided in paragraph (2), if 
        the Secretary determines that a patient safety organization 
        does not perform any activity described in subparagraph (A) 
        through (F) of section 921(3), the Secretary may, after notice 
        and an opportunity for a hearing, revoke the Secretary's 
        acceptance of the certification of such organization.
            ``(2) Delayed certification of collection from more than 
        one provider.--A revocation under paragraph (1) may not be 
        based on a determination that the organization does not perform 
        the activity described in section 921(3)(B) if--
                    ``(A) the listing of the organization is based on 
                its submittal of an initial certification under 
                subsection (a)(2)(A);
                    ``(B) the organization has not submitted a 
                supplemental certification under subsection (a)(2)(B); 
                and
                    ``(C) the 2-year period described in subsection 
                (a)(2)(B) has not expired.
    ``(e) Notification of Revocation or Removal From Listing.--
            ``(1) Supplying confirmation of notification to 
        providers.--Within 15 days of a revocation under subsection 
        (d)(1), a patient safety organization shall submit to the 
        Secretary a confirmation that the organization has taken all 
        reasonable actions to notify each provider whose patient safety 
        data is collected or analyzed by the organization of such 
        revocation.
            ``(2) Publication.--Upon the revocation of an acceptance of 
        an organization's certification under subsection (d)(1), or 
        upon the removal of an organization from the listing under 
        subsection (c)(2), the Secretary shall publish notice of the 
        revocation or removal in the Federal Register.
    ``(f) Status of Data After Removal From Listing.--
            ``(1) New data.--With respect to the privilege and 
        confidentiality protections described in section 922, data 
        submitted to an organization within 30 days after the 
        organization is removed from the listing under subsection 
        (c)(2) shall have the same status as data submitted while the 
        organization was still listed.
            ``(2) Protection to continue to apply.--If the privilege 
        and confidentiality protections described in section 922 
        applied to data while an organization was listed, or during the 
        30-day period described in paragraph (1), such protections 
        shall continue to apply to such data after the organization is 
        removed from the listing under subsection (c)(2).
    ``(g) Disposition of Data.--If the Secretary revokes the acceptance 
of an organization's certification under subsection (d)(1) and removes 
the organization from the listing as provided for in subsection (c)(2), 
with respect to the patient safety data that the organization received 
from providers, the organization shall--
            ``(1) with the approval of the provider and another patient 
        safety organization, transfer such data to such other 
        organization;
            ``(2) return such data to the provider of that patient 
        safety data; or
            ``(3) if returning such data to the provider is not 
        practicable, destroy such data.

``SEC. 925. TECHNICAL ASSISTANCE.

    ``The Secretary, acting through the Director, may provide technical 
assistance to patient safety organizations, including annual meetings 
for patient safety organizations to discuss methodology, communication, 
data collection, or privacy concerns.

``SEC. 926. PROMOTING THE INTEROPERABILITY OF HEALTH CARE INFORMATION 
              TECHNOLOGY SYSTEMS.

    ``(a) Development.--Not later than 36 months after the date of 
enactment of the Patient Safety and Quality Improvement Act of 2003, 
the Secretary shall develop or adopt voluntary national standards that 
promote the electronic exchange of health care information.
    ``(b) Updates.--The Secretary shall provide for the ongoing review 
and periodic updating of the standards developed under subsection (a).
    ``(c) Dissemination.--The Secretary shall provide for the 
dissemination of the standards developed and updated under this 
section.

``SEC. 927. AUTHORIZATION OF APPROPRIATIONS.

    ``There is authorized to be appropriated such sums as may be 
necessary to carry out this part.''.

SEC. 4. STUDIES AND REPORTS.

    (a) In General.--The Secretary of Health and Human Services shall 
enter into a contract (based upon a competitive contracting process) 
with an appropriate research organization for the conduct of a study to 
assess the impact of medical technologies and therapies on patient 
safety, patient benefit, health care quality, and the costs of care as 
well as productivity growth. Such study shall examine--
            (1) the extent to which factors, such as the use of labor 
        and technological advances, have contributed to increases in 
        the share of the gross domestic product that is devoted to 
        health care and the impact of medical technologies and 
        therapies on such increases;
            (2) the extent to which early and appropriate introduction 
        and integration of innovative medical technologies and 
        therapies may affect the overall productivity and quality of 
        the health care delivery systems of the United States; and
            (3) the relationship of such medical technologies and 
        therapies to patient safety, patient benefit, health care 
        quality, and cost of care.
    (b) Report.--Not later than 18 months after the date of enactment 
of this Act, the Secretary of Health and Human Services shall prepare 
and submit to the appropriate committees of Congress a report 
containing the results of the study conducted under subsection (a).




                                                       Calendar No. 387

108th CONGRESS

  1st Session

                                 S. 720

                          [Report No. 108-196]

_______________________________________________________________________

                                 A BILL

 To amend title IX of the Public Health Service Act to provide for the 
  improvement of patient safety and to reduce the incidence of events 
                 that adversely effect patient safety.

_______________________________________________________________________

                           November 17, 2003

                       Reported with an amendment