Your browser doesn't support JavaScript. Please upgrade to a modern browser or enable JavaScript in your existing browser.
Skip Navigation U.S. Department of Health and Human Services www.hhs.gov
Agency for Healthcare Research Quality www.ahrq.gov
AHRQ Home | Questions? | Contact Us | Site Map | What's New | Browse | InformaciĆ³n en espaƱol | E-mail UpdatesE-mail Updates
www.ahrq.gov

Patient Safety and Quality

Study discusses the legal aspects of providers sharing information on medical errors

Several health care institutions in the United States have formed patient safety consortia to share information and analyze data on medical errors. Lessons learned regarding effective safety practices are disseminated to the consortia members to improve patient safety in their facilities. However, this exchange of information about medical errors may make health care institutions vulnerable in legal proceedings. In a recent paper, supported in part by the Agency for Healthcare Research and Quality (HS11905 and HS11521), researchers discuss legislation that could help address these concerns and the liability issues of the Health Insurance Portability and Accountability Act (HIPAA).

The authors suggest that Federal and State legislation could be extended to include protection for data and discussions related to safety and quality improvement used internally by health care organizations. At present, only Federal research protection under the Agency for Healthcare Research and Quality (AHRQ) appears sufficient, and then only if the information exchange is confined to the intended safety efforts. Without AHRQ protection, discovery rules and privilege laws could likely allow such information to be used in lawsuits.

HIPAA privacy rules, which ensure patient confidentiality, also create issues of liability. To avoid the need to obtain authorization from all patients whose clinical information is used or disclosed in the safety consortia, both consortia members and the information repository must ensure that all appropriate identity markers and indicators are removed from patient records so that patients cannot be identified. It is equally important to remove identifiers of providers and institutions in data submitted to the repository or shared among consortium members.

See "Learning from others: Legal aspects of sharing patient safety data using provider consortia," by Bryan A. Liang, M.D., Ph.D., J.D., Matthew B. Weinger, M.D., and Steven Suydam, M.D., J.D., in the June 2005 Journal of Patient Safety 1(2), pp. 83-89.

Return to Contents
Proceed to Next Article