Attachment B -- Excerpts from the Notice of Proposed Rulemaking

PATIENT SAFETY & QUALITY IMPROVEMENT ACT OF 2005: NPRM

Sections 3.102 and 3.112

(The entire NPRM, proposed text and explanatory preamble language, can be accessed at www.pso.ahrq.gov )

§ 3.102 Process and requirements for initial and continued listing of PSOs.

(a) Eligibility and process for initial and continued listing.

(1) Submission of Certification. Any entity, except as specified in paragraph (a)(2) of this section, may request from the Secretary an initial or continued listing as a PSO by submitting a completed certification form that meets the requirements of this section, in accordance with the submission requirements at § 3.112. An individual with authority to make commitments on behalf of the entity seeking listing will be required to acknowledge each of the certification requirements, attest that the entity meets each requirement, provide contact information for the entity, and certify that the PSO will promptly notify the Secretary during its period of listing if it can no longer comply with any of the criteria in this section.

(2) Restrictions on certain entities. Entities that may not seek listing as a PSO include: health insurance issuers or components of health insurance issuers. Any other entity, public or private, that conducts regulatory oversight of health care providers, such as accreditation or licensure, may not seek listing, except that a component of such an entity may seek listing as a component PSO. An applicant completing the required certification forms described in paragraph (a)(1) of this section will be required to attest that the entity is not subject to the restrictions of this paragraph.

(b) Fifteen general PSO certification requirements. The certifications submitted to the Secretary in accordance with paragraph (a)(1) of this section must conform to the following 15 requirements:

(1) Required certification regarding eight patient safety activities. An entity seeking initial listing as a PSO must certify that it has written policies and procedures in place to perform each of the eight patient safety activities, defined in § 3.20. Such policies and procedures will provide for compliance with the confidentiality provisions of Subpart C and the appropriate security measures required by § 3.106 of this subpart. A PSO seeking continued listing must certify that it is performing, and will continue to perform, each of the patient safety activities, and is and will continue to comply with Subpart C and the security requirements referenced in the preceding sentence. .

(2) Required certification regarding seven PSO criteria. In its initial certification submission, an entity must also certify that it will comply with the additional seven requirements in paragraphs (b)(2)(i) through (b)(2)(vii) of this section. A PSO seeking continued listing must certify that it is complying with, and will continue to comply with, the requirements of this paragraph.

(i) The mission and primary activity of a PSO must be to conduct activities that are to improve patient safety and the quality of health care delivery.

(ii) The PSO must have appropriately qualified workforce members, including licensed or certified medical professionals.

(iii) The PSO, within the 24-month period that begins on the date of its initial listing as a PSO, and within each sequential 24-month period thereafter, must have entered into 2 bona fide contracts, each of a reasonable period of time, each with a different provider for the purpose of receiving and reviewing patient safety work product.

(iv)The PSO is not a health insurance issuer, and is not a component of a health insurance issuer.

(v) The PSO must make disclosures to the Secretary as required under § 3.102(d), in accordance with § 3.112 of this subpart.

(vi)To the extent practical and appropriate, the PSO must collect patient safety work product from providers in a standardized manner that permits valid comparisons of similar cases among similar providers.

(vii) The PSO must utilize patient safety work product for the purpose of providing direct feedback and assistance to providers to effectively minimize patient risk.

(c) Additional certifications required of component organizations. In addition to meeting the 15 general PSO certification requirements of paragraph (b) of this section, an entity seeking initial listing that is a component of another organization or enterprise must certify that it will comply with the requirements of paragraphs (c)(1) through (c)(3) of this section. A component PSO seeking continued listing must certify that it is complying with, and will continue to comply with, the requirements of this paragraph.

(1) Separation of patient safety work product.

(i) A component PSO must:

(A) maintain patient safety work product separately from the rest of the parent organization(s) of which it is a part; and

(B) not have a shared information system that could permit access to its patient safety work product to an individual(s) in, or unit(s) of, the rest of the parent organization(s) of which it is a part.

(ii) Notwithstanding the requirements of paragraph (c)(1)(i) of this section, a component PSO may provide access to identifiable patient safety work product to an individual(s) in, or a unit(s) of, the rest of the parent organization(s) of which it is a part if the component PSO enters into a written agreement with such individuals or units that requires that:

(A) the component PSO will only provide access to identifiable patient safety work product to enable such individuals or units to assist the component PSO in its conduct of patient safety activities, and

(B) such individuals or units that receive access to identifiable patient safety work product pursuant to such written agreement will only use or disclose such information as specified by the component PSO to assist the component PSO in its conduct of patient safety activities, will take appropriate security measures to prevent unauthorized disclosures and will comply with the other certifications the component has made pursuant to paragraphs (c)(2) and (c)(3) of this section regarding unauthorized disclosures and conflicts with the mission of the component PSO.

(2) Nondisclosure of patient safety work product. A component PSO must require that members of its workforce and any other contractor staff, or individuals in, or units of, its parent organization(s) that receive access in accordance with paragraph (c)(1)(ii) of this section to its identifiable patient safety work product, not be engaged in work for the parent organization(s) of which it is a part, if the work could be informed or influenced by such individuals’ knowledge of identifiable patient safety work product, except for individuals whose other work for the rest of the parent organization(s) is solely the provision of clinical care.

(3) No conflict of interest. The pursuit of the mission of a component PSO must not create a conflict of interest with the rest of the parent organization(s) of which it is a part.

(d) Required notifications. PSOs must meet the following notification requirements:

(1) Notification regarding PSO compliance with the minimum contract requirement. No later than 45 calendar days prior to the last day of the applicable 24-month assessment period, specified in paragraph (b)(2)(iii) of this section, the Secretary must receive from a PSO a certification that states whether it has met the requirement of that paragraph regarding two bona fide contracts, in accordance with § 3.112 of this subpart.

(2) Notification regarding a PSO’s relationships with its contracting providers. A PSO must submit to the Secretary a disclosure statement, in accordance with § 3.112 of this subpart, regarding its relationships with each provider with which the PSO has a contract pursuant to the Patient Safety Act if the circumstances described in either paragraph (d)(2)(i) or (d)(2)(ii) of this section are applicable. The Secretary must receive a disclosure statement within 45 days of the date on which a PSO enters a contract with a provider if the circumstances are met on the date the contract is entered. During the contract period, if a PSO subsequently enters one or more relationships with a contracting provider that create the circumstances described in paragraph (d)(2)(i) of this section or a provider exerts any control over the PSO of the type described in paragraph (d)(2)(ii) of this section, the Secretary must receive a disclosure statement from the PSO within 45 days of the date that the PSO entered each new relationship or of the date on which the provider imposed control of the type described in paragraph (d)(2)(ii).

(i) Taking into account all relationships that the PSO has with the provider, other than the bona fide contract entered into pursuant to the Patient Safety Act, the PSO must fully disclose any other contractual, financial, or reporting relationships described below that it has with that provider.

(A) Contractual relationships which are not limited to relationships based on formal contracts but also encompass relationships based on any oral or written agreement or any arrangement that imposes responsibilities on the PSO.

(B) Financial relationships including any direct or indirect ownership or investment relationship between the PSO and the contracting provider, shared or common financial interests or direct or indirect compensation arrangement, whether in cash or in-kind. 

(C) Reporting relationships including any relationship that gives the provider access to information or control, directly or indirectly, over the work of the PSO that is not available to other contracting providers.

(ii) Taking into account all relationships that the PSO has with the provider, the PSO must fully disclose if it is not independently managed or controlled, or if it does not operate independently from, the contracting provider. In particular, the PSO must further disclose whether the contracting provider has exercised or imposed any type of management control that could limit the PSO’s ability to fairly and accurately perform patient safety activities and fully describe such control(s).

(iii) PSOs may also describe or include in their disclosure statements, as applicable, any agreements, stipulations, or procedural safeguards that have been created to protect the ability of the PSO to operate independently or information that indicates the limited impact or insignificance of its financial, reporting, or contractual relationships with a contracting provider

§ 3.112 Submissions and forms.

(a) Forms referred to in this subpart may be obtained on the AHRQ PSO website or a comparable future form of public notice or by requesting them in writing by email at [email protected], or by mail from the Agency for Healthcare Research and Quality, CQuIPS, PSO Liaison, 540 Gaither Road, Rockville, MD 20850. A form (including any required attachments) must be submitted in accordance with the accompanying instructions.

(b) Information submitted to AHRQ in writing, but not required to be on a form, and requests for information from AHRQ, may be submitted by mail or other delivery to the Agency for Healthcare Research and Quality, CQuIPS, PSO Liaison, 540 Gaither Road, Rockville, MD 20850, by facsimile at (301) 427-1341, or by email at [email protected].

(c) If a submission to the Secretary is incomplete or additional information is needed to allow a determination to be made under this subpart, the submitter will be notified if any additional information is required.