Vila Health: Creating a Safety Plan

Vila Health: Creating a Safety Plan
Introduction
Review the Vila Health scenario and complete the interviews with staff at Vila
Health Skilled Nursing Facility (SNF). After completing the scenario, you will
update the patient safety plan for the SNF and present it to the executive team.
The safety plan will include meeting accrediting body requirements as well as
regulatory obligations. The plan must be based on evidenced-based best
practices and include tools, approaches, and mechanisms for reporting, tracking,
and reducing patient safety incidents.
Instructions
After reviewing the Vila Health scenario, present your findings to the executive
team at Vila Health by creating a 15–20 slide PowerPoint presentation. To be
successful in this assignment, ensure you complete the following steps:
•
•
•
•
•
•
•
Research the health care organization’s (Vila Health SNF) safety plan and
propose recommendations to ensure the successes of their best practices.
Assess and propose how to link health care safety goals to those of the
organizational strategic plan in order to create and sustain an organizationwide safety culture.
Analyze evidence-based practices within the organization’s health care safety
program, including falls prevention, medication errors, or others.
Establish protocols to identify and monitor patients who qualify for being at
risk for falls, readmission, suicide, or others.
Develop mechanisms to coordinate and integrate risk management
approaches into the organization’s health care safety strategy.
Create mechanisms and tools as monitors for patients identified for being at
risk.
Create ongoing evaluation procedures that provide continuous safe, quality
patient care, and sustained compliance with evidence-based practices,
professional standards, and regulations.
Submission Requirements
Your presentation should meet the following requirements:
•
•
•
•
Length: 15–20 slide PowerPoint presentation, excluding the cover slide
and references list. Include slide numbers, headings, and running headers.
References: 3–5 current peer-reviewed references.
Format: Use current APA style and formatting, for citations and references.
Font and font size: Fonts and styles used should be consistent throughout
the presentation, including headings.
Review the scoring guide to ensure you understand the grading criteria for this
assignment. Submit your PowerPoint presentation as an attachment to the
assignment area.
Book Reference:
•
Rozovsky, F. A., & Woods, J. R., Jr. (Ed.). (2011). The handbook of patient safety
compliance: A practical guide for health care organizations. San Francisco, CA:
Jossey-Bass. ISBN: 9781118086995.
• Review Chapter 3, “Medical Error Reduction Initiatives Among
Accreditation and Standard-Setting Organizations,” pages 34–44.
• Read Chapter 11, “Medical Error Reporting: Maintaining
Confidentiality in the Face of Litigation,” pages 183–218.
CHAPTER ELEVEN
MEDICAL ERROR REPORTING: Maintaining Confidentiality in the Face of Litigation
Frederick Robinson
Lara E. Parkin
According to a recent survey by the University of Colorado Health Sciences Center, just 32 percent of
physicians nationwide support the creation of a national agency to address the problem of medical
errors (Robinson and others, 2002). Nearly all physicians agree, however, that fear of malpractice
lawsuits is a barrier to error reporting, and about 90 percent say that greater legal safeguards are
necessary for a mandatory reporting system to be successful. At the same time, a recent study has
revealed that adverse drug events represented 6.3 percent of one medical insurer’s malpractice claims
and that 73 percent of these events were deemed preventable (Rothschild and others, 2002).
In the case of medical error reporting, there are grounds for concern that sharing data on medical errors
with the government or an accrediting agency will waive any privilege that may have protected that
information from discovery. Under Rule 26(b)(1) of the Federal Rules of Civil Procedure, and similar
state rules, parties may obtain discovery regarding any matter “not privileged.” Privileges recognized in
discovery include the marital communications privilege, the attorney-client privilege, the attorney–work
product privilege, and in most states, the physician-patient privilege. Generally, privileges are waived
when the holder of the privilege shares privileged information with a third party (see, for example,
United States v. AT&T, 1980). This chapter will explore the ways in which evidentiary privileges may
attach to medical error reports and related records, including peer review documents, and will examine
other mechanisms through which medical records can be kept confidential in the face of litigation.
Evidentiary Protections at the State Level
State-specific rules regarding what can and cannot be used as evidence in litigation are found in state
laws regarding medical error and adverse-event reporting, state freedom of information acts, and state
laws defining physician-patient privilege and giving protection to peer review information.
Medical Error and Adverse-Event Reporting
A number of states now require the reporting of medical errors and adverse events and offer this
information some protection from discovery.
Requirements for Reporting Medical Errors and Adverse Events. According to the National Academy for
State Health Policy (Rosenthal, Riley, and Booth, 2000), fifteen states require health care providers to
report medical errors: Colorado, Florida, Kansas, Massachusetts, Nebraska, New Jersey, New York, Ohio,
Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, and Washington. In August
of 2002, Nevada joined these states when its governor signed a medical error reporting requirement
into law as part of a medical liability reform package. Some of the remaining states, however, have not
codified their requirements. And some states and the District of Columbia encourage but do not require
health care providers to report medical errors and adverse events. These states include Georgia, New
Mexico, North Carolina, Oregon, and Wyoming. Health care providers in this latter group of states can
avoid disclosure of medical error data simply by refusing to participate in the voluntary state data
collection efforts.
Protection from Discovery. Of the states that have codified their reporting requirements, several also
protect medical error report information from discovery, through language that is part of the reporting
requirement statute or regulation. For example, the reports and records collected under the Kansas
statute are not subject to discovery, subpoena, or “other means of legal compulsion” and are not
admissible in any civil legal action other than a disciplinary proceeding by the appropriate state licensing
agency (Kan. Stat. Ann. § 65-4925, 2004). Similarly, Florida protects adverse incident reports from
discovery or admission in “any civil or administrative action, except in disciplinary proceedings by the
agency or appropriate regulatory board” (Fla. Stat. § 395.0197[13], 2004). Interestingly, these statutes
do not appear to prohibit the use of medical error and adverse event reports in criminal proceedings.
A somewhat more restrictive approach has been taken by the state of Washington, which not only
protects the reports but also does not allow any person who was present at a committee meeting where
medical error reports were discussed to testify in any civil action regarding the content of the reports or
the proceedings of the committee. An individual, however, may testify to any matter about which he
has independent firsthand knowledge. Again, privileges in criminal proceedings are not discussed in the
Washington rule (Wash. Rev. Code § 70.41.200[3], 2004). Similarly restrictive is the Colorado statute,
which presumably does not apply only to civil actions because it is worded broadly to include all legal
actions. This statute protects medical error reports from “subpoena, search warrant, discovery
proceedings, or otherwise.” Colorado law does, however, make investigation summaries available to the
public. These summaries list complaints against health care facilities and the conclusions reached by the
health department. The summaries do not identify the patient or the health care professional named in
the full report (Colo. Rev. Stat. § 25-1-124[4]-[6], 2004).
Other states do not provide such comprehensive protection. For example, Pennsylvania generally
protects medical error reports from disclosure “unless otherwise ordered by a court for good cause
shown” (28 Pa. Code § 51.3[i], 2004). The rest of the states that mandate reporting of medical errors do
not specifically protect medical error data from discovery. Nonetheless, this information may be
protected under a state freedom of information act or by physician-patient privilege, as discussed later
in this chapter.
Example of State Medical Error Reporting Laws.
Colorado (Colo. Rev. Stat. § 25-1-124, 2004). Colorado health care facilities must report to the
Department of Public Health and Environment any occurrence that results in the death of a patient from
an unexplained cause or other suspicious circumstance. Licensed health care facilities also must report
certain serious injuries; patients who are missing for more than eight hours; physical, sexual, or verbal
abuse of a patient; patient neglect; misappropriation of patient property; diversion of patient drugs; and
the malfunction or intentional or accidental misuse of patient care equipment. Colorado’s purpose
behind collecting this information is to make it available to the public to aid individuals in the “difficult
task of choosing a health care facility.” To that end, after redacting patient identifying information,
Colorado will publicly release investigation summaries, complaints against particular facilities, and a
listing of deficiency citations issued against each health care facility.
Florida (Fla. Stat. § 395.0197, 2004). Licensed health care facilities in Florida are required to notify the
state Agency for Health Care Administration of adverse events. Adverse events include death, brain or
spinal injury, the performance of a surgical procedure on the wrong patient, the performance of the
wrong surgical procedure on a patient, and the performance of a wrong-site surgical procedure on a
patient. Facilities must report serious patient injuries of a volatile nature within twenty-four hours,
individual serious adverse incidents within fifteen days, and all incidents identified throughout the year
in an annual report. Florida will use this information to ensure proper care at its licensed facilities and
may initiate disciplinary action against a facility or health care provider based on these reports.
Furthermore, Florida will publish an annual report summarizing adverse incidents, malpractice claims,
and disciplinary actions. The law provides no specific privilege.
Kansas (Kan. Stat. Ann. § 65-4921 et seq., 2004). In Kansas, reportable incidents include any act by a
health care provider that is below the applicable standard of care and that has a reasonable probability
of causing injury to the patient or that may be grounds for disciplinary action by the appropriate
licensing agency. If the reportable incident occurs in a medical care facility, the report shall be made to
the facility’s risk manager, who will refer the report to the appropriate peer review committee. The peer
review committee will investigate and take appropriate action. The committee must report to the
appropriate state licensing agency any finding that the health care provider acted below the applicable
standard of care.
Massachusetts (105 Code of Mass. Regs. § 130.331, 2004). Hospitals must report serious incidents and
accidents to the Department of Public Health immediately, by telephone. Serious incidents and
accidents include fire, suicide, serious criminal acts, strikes by hospital employees, and serious physical
injury to patients resulting from accidents or unknown causes. Hospitals must file written reports on
other serious incidents with the department within one week of the occurrence of the incident. The
regulations do not specify what the department will do with the reports or whether these reports are
protected from discovery.
New York (N.Y. Pub. Health Law, § 2805-l, 2004). After conducting an investigation, which should take no
more than thirty days, the hospital has twenty-four hours to provide the Department of Health with a
copy of an incident report. Incidents subject to investigation and reporting include patient deaths and
impairments due to causes other than those related to the natural course of illness, fires, medical
equipment malfunction, and poisoning. Other incidents, including strikes, natural disasters, and
emergencies, need to be reported but not investigated.
Pennsylvania (28 Pa. Code. § 51.3, 2004). Health care facilities must report to the Department of Health
events that seriously compromise quality and patient safety. Such events include deaths due to injuries,
suicide, or unusual circumstances; deaths due to malnutrition, dehydration, or sepsis; deaths or serious
injuries due to a medication error; surgery performed on the wrong patient or body part; and
complaints of patient abuse. The Department of Health will use the information only to enforce its
responsibilities and will not publish or release the information except pursuant to a court order.
South Carolina (61-16 S.C. Code of Regs. § 206.2, 2004). In order to meet licensing requirements, South
Carolina hospitals and institutional general infirmaries must keep accident and incident reports. Incident
reports include medication errors and adverse drug reactions. Hospitals must report incidents that
result in death or serious injury to the Department of Health Licensing within ten days of their
occurrence.
Tennessee (Tenn. Rules § 1200-8-1-.11, 2004). Hospitals must report incidents of an unusual nature to
the Tennessee Department of Human Services. Such incidents include a fire in a hospital, the burning of
a patient, suspected patient abuse, or an accident that causes injury to a patient. The incident will be
investigated first within the hospital, which will then forward the incident report to the department
within five working days of the incident.
Washington (Wash. Rev. Code § 70.41.200, 2004). Every hospital must maintain a quality improvement
program that includes the maintenance and collection of information concerning “negative health care
outcomes and incidents injurious to patients.” The state Health Department, in conjunction with its
licensing responsibilities, will review and audit the records of the quality improvement committee.
These records are specifically protected from discovery by the statute.
JCAHO Reporting Requirements: Often Complementing or Replacing State Requirements
As of February 2001, forty-six states had incorporated Joint Commission on Accreditation of Healthcare
Organizations (JCAHO) accreditation standards into their hospital licensing requirements. The only states
that had not done so were Hawaii, Kentucky, New Jersey, and Oklahoma. Some states look to JCAHO
accreditation of other facilities as well for appropriate standards. These facilities include ambulatory
care centers (eighteen states), behavioral health centers (forty-five states), home care agencies (twenty
states), laboratories (twenty-eight states), long-term care facilities (fourteen states), and health care
networks (twenty-one states).
The states that have incorporated JCAHO accreditation standards, have done so to varying degrees. For
example, under the Texas Health & Safety Code (§ 222.024), a hospital licensed by the Texas
Department of Health is not subject to annual licensing inspections as long as the hospital maintains
JCAHO accreditation. In contrast, Pennsylvania gives credit for JCAHO inspections but does not rely
exclusively on them. Pennsylvania requires its hospitals to be surveyed and licensed every two years,
whereas JCAHO conducts voluntary accreditation surveys only every three years. Furthermore, JCAHO
surveys do not cover certain standards specific to Pennsylvania regulations. Therefore, for those
hospitals that participate in JCAHO surveys, the Pennsylvania Department of Health conducts residual
surveys, taking into account JCAHO results and surveying the remaining requirements.
To maintain JCAHO accreditation, medical facilities must comply with the JCAHO sentinel event policy.
This policy, implemented in 1996, is designed to help health care organizations identify sentinel events
and take action to prevent their recurrence. A sentinel event, reviewable by JCAHO, is “an unexpected
occurrence involving death or serious physical or psychological injury, or the risk thereof.” Such events
are called sentinel because they signal the need for immediate investigation and response. JCAHO
encourages but does not require health care organizations to report sentinel events to JCAHO. In the
absence of voluntary reporting, JCAHO may become aware of a sentinel event by some other means,
such as communication from a patient, family member, or employee of the organization or through the
media. In any case, if JCAHO becomes aware of a reviewable sentinel event, JCAHO expects the
organization to prepare and submit a “thorough and credible” root cause analysis. A root cause analysis
focuses primarily on systems and processes, not individual performance. The root cause analysis leads to
an action plan, under which the organization implements steps to reduce future risks and monitors the
effectiveness of those improvements. The organization must complete the necessary documents within
forty-five days of a sentinel event of which JCAHO is aware. JCAHO then will review the analysis and
action plan to determine whether they are acceptable. If the submission is not acceptable, the
organization is at risk of being placed on accreditation watch by the JCAHO Accreditation Committee
and ultimately could lose its accreditation.
JCAHO is not a governmental entity but a private accrediting body. Thus the protection that may be
offered to medical records by state freedom of information acts (discussed later in this chapter) does
not apply to information that medical organizations share with JCAHO. Arguably, sharing this
information with JCAHO destroys any applicable state law privilege. Most states have not addressed the
protection of medical information shared with JCAHO from legal discovery. Louisiana, however, has
specifically addressed this data protection issue. A Louisiana statute protects medical information
including records, notes, data, studies, and proceedings of hospital committees, peer review
committees, and nationally recognized improvement agencies or commissions (La. Rev. Stat. §
13:3715.3, 2004). The Louisiana statute goes so far as to mention JCAHO as an organization whose
records are exempt from discovery or court subpoenas. Because, however, statutory protection for
JCAHO records is the exception rather than the rule, JCAHO itself has taken precautions to keep
information confidential.
JCAHO believes that concerns about the disclosure of personal health care information seriously
threaten the quality of health care. Therefore JCAHO keeps information received or developed during
the accreditation process confidential. This includes compliance information, sentinel event reports,
root cause analyses, and accreditation committee minutes and agenda materials. Under normal
procedures, handling of any submitted root cause analysis and action plan is restricted to specially
trained staff in accordance with procedures designed to protect the confidentiality of the documents. In
fact the original root cause analysis is always returned to the medical facility and any copies are
shredded. Also, once the action plan has been implemented to JCAHO’s satisfaction, the action plan is
returned to the organization.
To further confidentiality and promote compliance, JCAHO gives medical facilities a choice of method for
sentinel event reporting. Each method offers an increasing degree of confidentiality protection for
organizations that are uncomfortable with the prospect of giving JCAHO sensitive and potentially
discoverable information. Alternative 1 permits the organization to schedule an appointment for an
organizational representative to bring the root cause analysis and other sentinel event–related
documents to JCAHO headquarters for review and to take all these documents away when he or she
leaves. In this way organizational representatives have a level of comfort that their documents have not
been circulated or copied to unknown persons. Alternative 2 permits the organization to request an onsite review of the root cause analysis and other sentinel event–related documents. Upon receiving such
a request, JCAHO will schedule a surveyor to visit the organization for the purpose of reviewing the root
cause analysis and related documents. No copies of these documents will be retained by JCAHO.
Alternative 3 permits the organization to request an on-site visit by a JCAHO surveyor who will conduct
interviews and review relevant documentation about the findings of the root cause analysis without
actually reviewing the root cause analysis. The surveyor will, however, review the action plan resulting
from the root cause analysis and conduct on-site interviews. As in Alternative 2, no copy of the root
cause analysis or action plan will be retained by JCAHO. Finally, Alternative 4 provides the ultimate in
confidentiality. The chief executive officer of the organization electing Alternative 4 is asked to sign an
affirmation statement indicating that he or she has, on behalf of the organization:
Considered the relevant statutes, existing protective privileges, and case law in reaching the conclusion
to proceed with Alternative 4
Considered the other alternatives for sharing sentinel event–related information with JCAHO, and has
concluded that the use of any of these other alternatives may waive existing confidentiality protections
for this information
Determined that the organization has completed a thorough and credible root cause analysis for the
event under review
Upon receiving a request under Alternative 4, JCAHO will schedule a surveyor to visit the organization.
The on-site review process will involve interviews with the organization leaders and staff, a review of
otherwise discoverable factual information about the sentinel event (including medical records), and a
review of other relevant documentation. The surveyor will not review the root cause analysis or the
resulting action plan. JCAHO may request additional information from the organization if its
accreditation committee finds that the results of the on-site review are inconclusive in determining the
acceptability of the organization’s response to the sentinel event.
Freedom of Information Acts and Access to Medical Error Reports
State freedom of information acts may affect the confidentiality and privilege of medical error reports;
however, some states exempt medical records from disclosure under freedom of information acts.
How Freedom of Information Acts May Compromise Confidentiality and Privilege. Generally, freedom of
information or open records acts allow citizens to request any public information that a governmental
entity keeps. For example, in Vermont any “person may inspect or copy any public record or document
of a public agency, on any day other than a Saturday, Sunday or a legal holiday” (1 Vt. Stat. Ann. § 316,
2001). In Alabama every “citizen has a right to inspect and take a copy of any public writing of [the]
state” (Ala. Code § 36-12-40, 2001). In Hawaii, “government records are open to public inspection unless
access is restricted or closed by law” (Haw. Rev. Stat. § 92F-11, 2000). Arguably, “government records”
could include information gathered by the state under a medical error reporting system. Therefore a
citizen conceivably could walk into the state Health Department and request the medical error reports
from a particular hospital or concerning a particular group of patients.
Protections from Disclosure Under Freedom of Information Acts. Fortunately, however, this scenario is
not generally possible. Although the grant of access to public documents is typically broad, most of
these statutes include long lists of exclusions from the general rule. Commonly excluded from public
access are medical records.
States exempt medical records from disclosure under freedom of information acts in different ways.
Approximately half the states specifically exempt medical records from disclosure. Some states do this
by defining a public record in such a way as to exclude medical records. Others exempt medical records
through a separate exemption provision. However, most of these statutes still permit disclosure in the
face of a court order. Other states protect medical records by instructing the record custodian to engage
in a balancing test, weighing the privacy expectations of the individuals named in the records with the
public’s right to know. The record custodian does not consider the institution’s expectation of privacy in
the records. A minority of states discuss exemption in terms of other evidentiary privileges. In other
words, if the information in the records is protected by the physician-patient or peer review privilege of
that state, the record itself is protected from disclosure. A few states do not discuss the protection of
personal information in their freedom of information acts. In these states an analysis of whether sharing
the information in the medical records violates the privilege between a physician and a patient is
necessary.
Table 11.1 lists the states that have a freedom of information act, or an equivalent law, and the type of
protection from disclosure offered to medical records under the statute. Although medical records may
find protection under a state’s physician-patient privilege (discussed later in this chapter), the scope of
this table is solely the protection offered under each state’s freedom of information act. States with
mandatory reporting requirements are listed in bold type.
Physician-Patient Privilege
In the common law, no privilege between physicians and patients is recognized, and this is the rule in
the absence of a statute. In 1828, New York became the first state to enact the privilege by statute,
owing to a belief that people might be discouraged from obtaining medical help if they feared their
communications to a physician might be publicly disclosed (Williams v. Roosevelt Hospital, 1985).
Indeed, every state has enacted a law making certain communications between health professionals and
patients privileged. This privilege, being statutory, can be modified or withdrawn. Although all states
have some form of privilege, some of these laws are applicable only to psychiatrists or psychotherapists.
The states that grant this privilege only to psychotherapist-patient communications are Alabama (Ala.
Rules of Evid. 503, 1995), Connecticut (Conn. Gen. Stat. Ann. § 52-146, 1989), Florida (Fla. Stat. § 90.503,
1992), Georgia (Ga. Code Ann. § 24-9-21, 1995), Kentucky (Ky. Rules of Evid. 507, 1992), Maryland (9
Md. Code Ann. § 109, 2000), Massachusetts (Mass. Gen. Laws § 233:20B, 1995), South Carolina (S.C.
Code Ann. § 19-11-95, 1995), Tennessee (Tenn. Code § 24-1-207, 2000), and West Virginia (W. Va. Code
§ 27-3-1, 2001). Most states limit these privileges to civil proceedings. No state allows the patient to
claim the privilege where the patient’s physical or mental condition is an element of the claim or
defense. Most states’ definition of physician is broad enough to include licensed psychiatrists but not
counselors. A physician is commonly defined as one who is licensed to “practice medicine” (see, for
example, Kan. Stat. § 60-427[2], 1992).
TABLE 11.1. STATES WITH A FREEDOM OF INFORMATION (OR EQUIVALENT) ACT.
State Specific Protection of Medical Records by Exemption Clause? Medical Records Excluded from
the Definition of a Public Record?
Protection Granted Through Balancing of Privacy and Disclosure
Interests?
Alabama
N
N
Maybe—judicial precedent
Alaska Y
N
N/A
Arizona N
N
Maybe—judicial precedent
Arkansas
Y
N
N/A
California
Y—if an invasion of personal privacy
Colorado
Y
Connecticut
Y—if an invasion of personal privacy
Delaware
N
District of Columbia
N
N
N/A
N
N/A
N/A
Y—if disclosure constitutes an invasion of personal privacy
N/A
Y—if clearly an unwarranted invasion of personal privacy
N
N/A
Florida Y—if the medical record of an agency employee or if furnished subject to housing assistance
program
N
N/A
Georgia Y—if an invasion of personal privacy
N
N/A
Hawaii N
N
If disclosure is an unwarranted invasion of personal privacy
Idaho N
N
N
Illinois Y—if a government agency provided services
N
N/A
Indiana Y
N
N/A
Iowa
Y
N
N/A
Kansas Y
N
N/A
Kentucky
N
N
If disclosure is a clearly unwarranted invasion of personal privacy
Louisiana
N
N
N
Maine N
N
N
Maryland
Y
N
N/A
Massachusetts N
Y
N/A
Michigan
Y
N
N/A
Minnesota
N
N
N
Missouri
N
N
N
Montana
N
public disclosure
N
Where the individual privacy interest clearly exceeds the merits of
Nebraska
N
N
N
Nevada N
N
N
New Hampshire Y
N
N/A
New Jersey
N
N
N
New Mexico
Y—if the individual is confined to an institution N
N/A
New York
Y
N
N/A
North Carolina N
N
N
North Dakota
clinic N
Y—if the record concerns a public employee or state university student at a university
N
Ohio
N
Y
N/A
Oklahoma
N
N
Oregon N
N
If public disclosure constitutes an unreasonable invasion of privacy
Pennsylvania
N
N
N
Rhode Island
N
Y
N/A
South Carolina N
Y
N/A
South Dakota
N
N
N
Tennessee
Y
N
N/A
N
Texas Only if the record is considered confidential by law
Vermont
N
N
Virginia Y
N
N/A
Washington
Y
N
West Virginia
Y—if an unreasonable invasion of privacy
Wisconsin
N
N
N
N
N
N/A
N
N/A
N
In most cases where a physician-patient privilege exists, that privilege has been held to apply to hospital
records (American Jurisprudence, 2004). For example, in Payne v. Howard (1977) the District of
Columbia District Court held that a dentist need not comply with a request for discovery of third-party
patient medical records. In Payne, the plaintiff sued his dentist for malpractice. In an effort to prove his
case, the plaintiff requested the medical records of other patients for whom the dentist had provided
the same treatment. The issue was whether those medical records were discoverable. The Payne court
held they were not. The court held that because communications between a doctor and his patient were
privileged under District of Columbia law, the medical records, which “necessarily reflect
communications made by patients to defendant … in confidence,” fell “squarely within the bounds of
the statutory protection.” Therefore the plaintiff was not allowed to review the third-party patient
records.
In other cases, however, courts have held that with the proper precautions, third-party medical
information is discoverable. In Cochran v. St. Paul Fire and Marine Ins. Co. (1995), the district court
found that medication incident reports, kept by a hospital, were discoverable where the names of the
nonparty patients were deleted from the reports. In this malpractice action for injuries sustained after
an intravenous delivery of medication, the plaintiff requested redacted copies of “medication incident
reports.” The defendant claimed that the reports were protected under the privilege set forth in
Arkansas Rule of Evidence 503, dealing with patient privileges. The court disagreed, finding that the
medication incident reports were discoverable in redacted form. Specifically, the Cochran court
reasoned that the “defendant’s concern regarding the patient privilege is removed by the phrasing of
plaintiff ’s document request. Plaintiff requests only redacted copies which omit the patient’s name.” As
a result the plaintiff was able to review the medication incident reports. Using similar reasoning the
Florida Supreme Court held in Amente v. Newman (1995) that the patient’s right to privacy in his or her
medical records was satisfied by the trial judge’s requirement that all identifying information be
redacted from the medical records. In Amente, the plaintiff sued her doctor for malpractice because her
child was injured during delivery. Because the plaintiff was morbidly obese, her contention was that the
delivery required special precautions. Therefore she sought the medical records of other obese obstetric
patients to see whether the physician used a different delivery method with those patients. The issue
was whether the release of those medical records invaded the third-party patients’ constitutional right
to privacy. The court held that it did not. In Amente, the plaintiff specifically requested that all patient
identifying information be redacted from the medical records before production. That precaution was
enough in the court’s opinion to protect the privacy of the other patients, who were not parties to the
suit. Thus the plaintiff was able to review the medical records after the patient identifying information
was redacted. In his concurrence, Justice Overton cautioned that although redaction of patient names
may have been enough to protect privacy in this instance, in other circumstances, “such as where the
doctor serves a more sparsely populated area, more information may have to be redacted from the
records to ensure absolute anonymity.”
Although most jurisdictions apply the physician-patient privilege to medical records, some do not.
Several jurisdictions extend protection only to testimony that reveals confidential medical information.
For example, the Iowa Supreme Court found that the “mental health professional–patient privilege” did
not bar disclosure of patient records because the privilege in Iowa is “limited to disclosure of
confidential communication by the giving of testimony” (McMaster v. Board of Psychology Examiners,
1993). Although the McMaster court found the state privilege statute inapplicable, it also found that the
constitutional right to privacy should extend to medical records and protected the records from
disclosure on that basis.
In fact a constitutional right to privacy often factors into state court analyses. In Berger v. Lutheran
General Hospital (2001), the plaintiff alleged that the hospital’s negligence in treating her leg injury
ultimately resulted in an amputation that would not otherwise have been necessary. In the course of
litigation the plaintiff filed an emergency motion to bar ex parte communication between the hospital’s
counsel and those members of its medical staff, agents, and employees who provided health care to
plaintiff but were not named as defendants. One of the plaintiff ’s arguments was that such
intercompany disclosures violated her right to privacy under the Illinois constitution because “there is
nothing [plaintiff], or any patient, could do to keep her doctors and nurses from talking to hospital
counsel or risk management about any care they ever provided to her.” The court, however, found no
violation of the plaintiff ’s right to privacy. In its analysis the court reasoned that only unreasonable
invasions of privacy are barred by the Illinois constitution. The court found it significant that in the
modern hospital setting, health care services are provided by a wide array of hospital personnel.
Therefore the court concluded that “a hospital patient could not reasonably expect a member of the
hospital’s medical staff, or the hospital’s agents and employees, to refrain from discussing [within the
limited community of the hospital organization] the medical care provided to the patient.” Because the
hospital’s internal disclosure of medical records was not, in the court’s view, an unreasonable invasion
of privacy, the court denied plaintiff ’s emergency motion.
It is important to remember that as illustrated in Cochran and Amente, regardless of whether the
physician-patient privilege applies to medical records, the medical care providers in question had no
privacy interest in the medical records. The privilege in these cases belonged to the patients alone, and
only patient information was required to be redacted from the records. Generally, physicians can claim
the privilege but only on behalf of the patient. In fact the Cochran court refused the defendant’s request
that the names of the health professionals involved in the cases be redacted from the medication
incident reports. Some states specifically address this concept in their privilege statutes. For example,
the Nevada statute states, “The person who was the doctor may claim the privilege but only on behalf of
the patient” (Nev. Rev. Stat. § 49.235[2], 2004). New Mexico (N.M. R. Evid. § 11-504[C], 2004), South
Dakota (S.D. Code § 19-13-8, 2004), and Texas (Tex. Rules of Evid. 509[d][2], 2004), among others, use
similar wording in their privilege statutes. Therefore a hospital’s release of medical error data to
governmental or accrediting agencies cannot, in theory, waive an evidentiary privilege held by a patient.
It is likely, however, that patients at many institutions unknowingly sign away their privilege by
authorizing, upon their admittance to the medical institution, the sharing of medical records under
these circumstances. In Mississippi such a waiver is implied by statute (Miss. Code § 13-1-21[2], 2004).
Indeed, a close reading of one’s particular state privilege statute is required, because some state courts
have held that statutory privileges, such as the physician-patient privilege, can be waived only in the
manner specified by the statute. For example, in Nielson v. Bryson (1970), the plaintiff contended that
under the Oregon statute, “consent to examine medical records is not deemed to have been given by
the mere filing of an action for personal injuries, but only if and when a patient, as a party to the action,
‘offers himself as a witness.’” The Supreme Court of Oregon agreed. Specifically, the court found that an
“accelerated waiver” of the physician-patient privilege, where courts refuse to docket personal injury
cases until the plaintiff has agreed to waive the privilege for pretrial discovery, goes against the
legislative intent of the Oregon statute.
Table 11.2 summarizes the status of physician-patient privilege in the states as of November 30, 2001.
Protection of Peer Review Information
Many states require that individual hospitals provide peer review of the professional practices within
the hospital for the purpose of improving the quality of care and reducing medical errors. States
developed peer review statutes in response to the enactment of the federal Health Care Quality
Improvement Act of 1986 (HCQIA), in which Congress sought to curtail the occurrence of medical
malpractice by inhibiting the state-to-state movement of physicians who failed to disclose their prior
damaging or incompetent acts. Nearly all of the fifty states have enacted peer review statutes in keeping
with the HCQIA, but subtle differences exist in the information that each state deems confidential, and
the statutes are usually strictly construed.
TABLE 11.2. PHYSICIAN-PATIENT PRIVILEGE BY STATE, NOVEMBER 30, 2001.
State Physician Privilege?
Psychotherapist Privilege?
Privilege Specifically Limited to Civil
Proceedings? Specifically Allowed to Invoke on Behalf of Patient?
Alabama
N
Y
Does not apply for criminal insanity defense
Y
Alaska Y
Y
Only psychotherapist privilege applies in criminal proceeding
Arizona Y
N
Y
N
Arkansas
Y
Y
N
Y
California
Y
N
Y
Y
Colorado
Y
Y
N
N
Connecticut
N
Y
N
N
Delaware
Y
Y
N—but not applicable to child abuse proceedings
District of Columbia
Y
Y
Florida N
Y
N
Y
Georgia N
Y
N
N
Hawaii Y
N
N
Y
Idaho Y
N
Y
N
Illinois Y
Y
N—but not applicable to murder cases N
Indiana Y
N
N
N
Iowa
Y
Y
N
N
Kansas Y
N
Limited to civil actions and misdemeanors
Kentucky
N
Y
N
N
Louisiana
Y
Y
N
Y
Maine Y
Y
N
Y
N—but not applicable to murder cases N
N
Y
Y
Maryland
N
Y
N
N
Massachusetts N
Y
N
N
Michigan
Y
N
N
N
Minnesota
Y
Y
N
N
Mississippi
Y
N
N
N
Missouri
Y
Y
N
N
Montana
Y
Y
N
N
Nebraska
Y
Y
N
Y
Nevada Y
Y
N
Y
New Hampshire Y
N
N
N
New Jersey
Y
Y
N
N
New Mexico
Y
Y
N
Y
New York
Y
Y
N
N
North Carolina Y
Y
N
N
North Dakota
Y
Y
N
Y
Ohio
Y
N
N
N
Oklahoma
Y
Y
N
Oregon Y
Y
Y
Y
Pennsylvania
Y
Y
N
N
Rhode Island
Y
N
N
N
South Carolina N
Y
N
N
South Dakota
Y
Y
N
Y
Tennessee
N
Y
N
N
Texas Y
Y
Y
Y
Utah
Y
N
Y
N
Vermont
Y
Y
N
Virginia Y
Y
N
N
Washington
Y
N
Y
N
West Virginia
N
Y
N
N
Y
N
Wisconsin
Y
Y
N—but not applicable to murder or child abuse cases
Wyoming
Y
N
N
Y
N
Peer Review Privilege of Committees. State statutes usually assign the peer review confidentiality
privilege to committees. Routinely protected committees include medical staff committees, such as
committees that review morbidity and mortality, executive committees that review performance, and
multidisciplinary committees that evaluate a hospital’s quality of care (see, for example, Wall v. Ohio
Permanente Medical Group, 1997; Mulder v. VanKersen, 1994; Santa Rosa Memorial Hospital v.
Superior Court, 1985). Some states grant confidentiality to peer review committees composed of the
entire medical staff (Corrigan v. Methodist Hospital, 1995). Other states require that the committee for
which the privilege is sought operate pursuant to bylaws approved by the hospital board (Suwannee
County Hospital Corp. v. Meeks, 1985). In University of Texas Health Science Center v. Jordan (1985), the
work of a quality of care review committee established by a medical school pursuant to its bylaws was
found to be privileged.
The immunity enjoyed by committee members as a group does not necessarily extend to an individual
committee member acting independently, and committees that do not evaluate patient care are not
entitled to the peer review privilege. Further, any portion of committee work that does not pertain to
patient care can be isolated and made discoverable. In fact, in State ex rel. St. John’s Mercy Medical
Center v. Hoester (1986), the court held that “records of meetings, conferences, or consultations may
not be shielded from discovery in medical malpractice actions merely by labeling them as meetings of
peer review committees.” Missouri’s peer review statute establishes privilege for the work of groups of
health care professionals that focuses on the quality and utilization of health care. Meetings for any
other purpose or of other groups may be relevant but are not protected from discovery. The records of
licensure board committees also often fall outside state peer review privilege. In some cases the
committee does not satisfy the definition of a medical review committee, as in Kutner v. Davenport
(1987). In other cases the records are discoverable due to a party’s interest in obtaining the records,
which were public records at common law (Beck v. Bluestein, 1984).
Peer Review Privilege of Documents. Typically, statutory privilege is assigned to documents that are
produced primarily or solely for use during the peer review process. Documents that are available and
sought from original sources, however, remain discoverable. Many state statutes recognize as an
original source the testimony of a peer review committee member who possesses personal knowledge
not obtained in the peer review process, but courts often will bar testimony by a witness whose
knowledge could derive from both personal and peer review experience (Fox v. Kramer, 1999).
Committee minutes, records, and guidelines are generally privileged. For example, in Kappas v. Chestnut
Lodge (1983), transcripts of hospital staff conferences held to discuss a particular patient were excluded
from evidence as files of a “medical review committee,” under Maryland’s peer review statute (Md.
Code Ann., Health Occ. § 14-601, 1981). Likewise, in Ekstrom v. Temple (1990) the hospital’s infection
control guidelines were held to be privileged under the Illinois Medical Studies Act.
The assignment of privilege to documents created by committees that serve purposes in addition to
peer review varies from state to state. For example, in Santa Rosa Memorial Hospital v. Superior Court
(1985) the court held that a hospital’s infection control committee was a medical staff committee and
that its records qualified for protection from discovery, even though a majority of its members were not
physicians. Somewhat differently, in Sakosko v. Memorial Hospital (1988), the court considered
pathology reports and an infection control physician’s consultation report privileged even though they
were prepared not for a peer review committee but for a hospital’s environmental services infection
control committee. The court reasoned that the committee worked on quality control and medical study
that improve patient care. In contrast the court in Babcock v. Bridgeport Hospital (1999) found that
documents created by a peer review infection control committee were not afforded peer review
privilege because they were not created primarily for peer review committee proceedings.
Incident reports in some states also are protected by peer review privilege. In Community Hospital of
Indianapolis v. Medtronic (1992) the court protected employee-generated incident reports filed with the
hospital’s quality assurance department for review by the director and in-house counsel. Likewise, in
Dorris v. Detroit Osteopathic Hospital Corp. (1999) the privilege was extended to investigatory
documents related to incident reports. In contrast, incident reports were not privileged in Chicago Trust
Co. v. Cook County Hospital (1998) because the hospital failed to show that a peer review committee
had requested them. Similarly, in John C. Lincoln Hospital and Health Center v. Superior Court (1989),
the hospital’s incident reports were filed not only in relation to quality of care but also in relation to
issues not related to patient care and so were found to constitute raw data not covered by the peer
review privilege.
Peer Review Statutes. In view of the differences in the state statutes and in the judicial interpretation of
each statute, a careful examination of the forum state’s statute and relevant case law is crucial. For each
state’s peer review statute, Table 11.3 lists the areas in which careful assessment of pertinent case law
is particularly warranted.
TABLE 11.3. AREAS TO ANALYZE IN STATE PEER REVIEW STATUTES.
State
Areas for Analysis
Alabama
Shareholder MDs of private corporation do not qualify as medical staff under statute.
Alaska None found.
Arizona Incident reports are not privileged. Peer review documents, including identity of panel members
and list of documents, are privileged. Records of hospital action against defendant MDs not privileged.
Arkansas
Information about revocation of defendant MD privileges is absolutely privileged.
Incident reports prepared according to policy and procedures are not privileged, even if also used in
peer review.
California
Peer review committee, including infection control committees, need not be made up
only of physicians to be privileged. Documents generated in subsequent investigation are not privileged.
Statements made by nondefendants to peer review committee are not privileged.
Colorado
Assess hospital bylaws and operating procedures for committee’s source of authority,
composition, and function to determine peer review committee privilege.
Connecticut
Records of peer review proceedings, findings, and deliberations privileged if initiated at
hospital request or at established committee meetings.
Delaware
Privilege extends to suits brought in another forum when the underlying transaction
took place in Delaware.
District of Columbia
The key to the discoverability of materials contained in a peer review body’s
report is that they not owe their existence to the peer review investigation. Peer review compilations or
summaries of documents that are individually available from other sources are privileged.
Florida Date, place, and existence of peer review records are privileged. Privilege extends to depositions
of defendant MDs whose knowledge was gained in peer review proceeding.
Georgia Committee peer review function and purpose evaluated to determine privilege. Peer review
records incorporated into reports to governmental agencies retain privilege.
Hawaii Per peer review privilege; expert not required to provide documentation or testimony regarding
peer review summary.
Idaho Where peer review privilege protects board proceedings during which a defendant MD sought a
second opinion, court enjoins the plaintiff from arguing noncompliance with second opinion standard of
care.
Illinois No privilege for work by individual unless bylaws confer authority to act for committee.
Infection control committee is privileged. Guidelines for peer review generated outside the committee
are privileged. No privilege for information about the existence, date, and participants at meetings
about care unless information is the substance of peer review materials. Responses to quality issues are
not privileged if not generated by oversight committee.
Indiana Modification of MD staff privileges as a result of peer review proceedings is outside the scope of
peer review privilege.
Iowa An expert who generated peer review documents can give opinion testimony that is not reliant
on peer review records.
Kansas “Disciplinary action form” is subject to balancing test of privilege versus plaintiffs’ right to
access. Documents from investigation subsequent to peer review are not privileged.
Kentucky
Relevant information (such as complaints) is not privileged simply because placed in
peer review file; must be generated by peer review investigation to be privileged.
Louisiana
Hospital infection rate records relevant to case are not entirely privileged. Patient care
evaluations by MD quality assurance committee members are privileged.
Maine Information gathered during peer review and disclosed to a consulting MD retains privilege as
part and parcel of peer review process.
Maryland
Information about staff privilege reduction due to unprofessional conduct is privileged
in civil action except when the physician disputes the disciplinary action. Peer review privilege is
determined by balancing hospital’s need for discovery of physician’s confidential peer review committee
files and interest of federal antitrust laws in preserving free competition.
Massachusetts Outside consultant’s information to and conversations with peer review committee are
peer review proceedings and so privileged. Incident reports that are necessary to comply with risk
management and quality assurance programs are privileged. Peer review privilege turns on the purpose
for which information is generated, not information content.
Michigan
Privilege turns on hospital’s bylaws, rules, and regulations that define peer review
committee as functioning for purpose of improvement and self-analysis.
Minnesota
Confidentiality provision can encompass all documents in peer review files, including
those available from other sources. Provider data exception permits provider access to record of
limitations placed on provider’s staff privilege.
Mississippi
Peer review committee records and transcripts of proceedings are privileged. Material
otherwise discoverable from original sources and factual data available to the committee but not
generated by or collected for the use of the committee is discoverable.
Missouri
Peer review proceedings, findings, and deliberations are privileged. Privilege applies
only to groups duly appointed and designated with quality assurance purpose.
Montana
staff.
Privilege applies to records of professional training, supervision, or discipline of medical
Nebraska
Peer review privilege waivable by patient and subject to court order in extraordinary
circumstances. Incident reports are not privileged when prepared per standing directive.
Nevada Occurrence reports are not necessarily covered by privilege. Only documents derived directly
from peer review process are privileged.
New Hampshire Federal Protection and Advocacy for Mentally Ill Individuals Act found not to preempt
state law, which provides that records of an ambulatory care clinic’s quality assurance program shall be
confidential and privileged.
New Jersey
No privilege against discovery, but peer review committees are protected for actions,
recommendations, or statements that they make.
New Mexico Privilege applies to information and opinions generated exclusively for peer review.
Morbidity and mortality review records are confidential as “self-critical analysis.” Trial court shall compel
production of confidential information that is critical to the cause of action or defense.
New York
Peer review statutes inapplicable to a malpractice action brought under the Federal Tort
Claims Act. Retrospective “complication reports” are discoverable. Verbal or written statements made
by a party during peer review proceeding are redacted for discovery.
North Carolina Peer review privilege extended to committees formed pursuant to bylaws for evaluation
of quality, cost, medical necessity, or credentialing, but board of trustees is not privileged. Committee
must identify existing documents and their custodians.
North Dakota No privilege for peer review records obtained from another, original source. No privilege
for testimony by peer review committee member if member’s knowledge was obtained outside of peer
review participation.
Ohio Privilege extends to documents of utilization review and quality assurance committees of
hospital, to members and employees of such committees, and to hospital morbidity and mortality
conference reports in a physician’s action alleging abuse of peer review process.
Oklahoma
Statements presented during peer review but based on speaker’s personal knowledge
are subject to disclosure.
Oregon Hospital disciplinary committee transcripts and testimony are not admissible into evidence.
Pennsylvania Documents used in determination of staff privileges are confidential records of peer
review committee. Incident reports prepared for peer review are privileged. Incident reports prepared
for patient records are not privileged because they are subject to the “original source” exception.
Rhode Island
Infection control committee records are privileged as peer review records.
South Carolina Medical expert testimony based on information obtained independently of peer review
is not privileged. MD applications for staff privileges and supporting documentation are privileged.
South Dakota Communication by or to peer review committee about ethical or professional practice is
privileged from civil or criminal, but not administrative, discovery.
Tennessee
Privilege turns not on whether committee performed a function but on whether the
information was sent to peer review in furtherance of the function.
Texas Quality and competence functions and actions of committee determine qualification of
committee and its documents for privilege. Board of medical examiners privilege cannot be waived by
party. Incident reports with affidavit proving peer review use are privileged; incident reports created in
ordinary course of business are discoverable. Telephone logs about peer review are privileged.
Utah Only documents prepared specifically for quality review purposes are privileged, not documents
that might or could be used in the review process.
Vermont
Testimony by peer review participants about peer review process is admissible when
not dependent on inadmissible peer review material.
Virginia Medical malpractice committee is entitled to depose medical malpractice peer review member
concerning deliberative process. Peer review privilege does not belong to the physician who is the
subject of peer review and may not be unilaterally waived by the physician.
Washington
Guidelines, JCAHO standards, bylaws, and committee function identify privileged peer
review committee, which must be regularly constituted and have duty of concurrent review and
evaluation of quality of care. Information generated outside of review committee meetings otherwise
available from original sources is not privileged. Incident reports filed pursuant to lawsuit are not
privileged.
West Virginia Material otherwise available from original sources not privileged. Hospital committee
that determines staff privileges or credentials is a privileged review organization.
Wisconsin
JCAHO site surveys are equivalent to peer review and privileged. Materials about a
health care provider created by peer review are privileged. Records merely presented or produced for
review or evaluation are discoverable. In determining whether records are discoverable, identify
persons preparing record and determine function. Hospital governing bodies are not privileged.
Wyoming
Privileged peer review can be performed by medical staff, medical society, or other
outside MD organization.
Evidentiary Protections at the Federal Level
Various federal laws and regulations require medical error and adverse-event reporting and also provide
some protection for such information and for medical records.
Medical Error and Adverse-Event Reporting Requirements and Protections
The CDC and the FDA manage several systems for both mandatory and voluntary adverse-event
reporting.
CDC National Nosocomial Infections Surveillance System. The National Nosocomial Infections
Surveillance (NNIS) system of the Centers for Disease Control and Prevention (CDC) is a voluntary
reporting system, started cooperatively by the CDC and participating acute care hospitals in order to
create a national database of hospital-associated infections. According to the CDC’s Web site (CDC,
2003), the database is used to “describe the epidemiology of these infections, describe antimicrobial
resistance trends in hospitals,” and “produce hospital-associated infection rates to use for comparison
purposes.” The data are also used to track progress nationally in reducing infections in hospitalized,
high-risk patients and are used by both participating and nonparticipating hospitals to emulate the most
promising methods for detecting problems and monitoring prevention and control efforts. CDC assures
participating hospitals that any information that would permit identification of any individual or
institution will be held in strict confidence. The CDC Web site explains that trained infection control
personnel use standardized definitions and surveillance protocols to ensure that the data are uniformly
collected. This explanation tends to show that the data will be statistically useful. However, the Web site
does not explain how data will be protected. Nonetheless, under the federal Freedom of Information
Act (discussed later in this chapter), it is unlikely that any data could be obtained for the purpose of legal
discovery. If medical data can be obtained under the Freedom of Information Act at all, they are likely to
be redacted, with identifying characteristics removed. At the beginning of 2000, approximately 315
hospitals were participating in the NNIS system.
FDA Center for Devices and Radiological Health: Manufacturer and User Facility Device Experience
(MAUDE) Database. The Food and Drug Administration (FDA), under the authority of the Safe Medical
Devices Act of 1990, requires medical device user facilities, such as hospitals, ambulatory surgical
facilities, nursing homes, outpatient diagnostic facilities and outpatient treatment facilities, and medical
device manufacturers and importers to report certain medical device events (Public Law 101-629; 21
C.F.R. 803, 1990). Specifically, the FDA requires these entities to report medical device malfunctions and
deaths or serious injuries caused by medical devices. The purpose behind the FDA medical device report
(MDR) requirement is to protect public health by ensuring that devices are not adulterated or
misbranded and that they are safe and effective for their intended use.
The FDA, in accordance with its own regulations, makes MDR data available for public disclosure (21
C.F.R. § 803.9). However, FDA regulations are careful to protect not only the identity of individual
patients but also the identity of reporting medical device user facilities. Before disclosing any
information the FDA will delete trade secret or confidential commercial information, personal medical
and similar information, and the names of third parties who voluntarily submit an MDR. Similarly, except
in limited situations, the FDA will not disclose the name of the device user facility that makes a report.
The FDA will, however, according to the regulations, release otherwise confidential information
pursuant to a final court order or as necessary in court proceedings.
Nonetheless, courts have limited discovery of MDRs in litigation. The court of appeals in York v.
American Medical Systems (1998) found that the plain language of the FDA provisions does not permit
automatic disclosure of personal information. According to the York court, even though the regulations
permit disclosure during FDA proceedings or other court proceedings, the FDA is required to take
precautions to ensure that it discloses no more information than is necessary under the circumstances.
Furthermore, under the regulations, disclosure is permitted under a court order only when both the
manufacturer and the party experiencing the adverse event are involved in the litigation. Therefore, “it
follows that only parties involved in the York litigation may petition the court for a court order requiring
American Medical Systems to disclose its MDRs relating to the York litigation, not MDRs relating to
parties not involved in York’s case.” In making its decision the York court found that American Medical
Systems had a key policy concern on its side. “The entire reporting scheme of the FDA is based on
confidential reporting by manufacturers, physicians and patients. To encourage voluntary reporting, it is
necessary to ensure reporters that their information will be kept in confidence and not cavalierly
disclosed in various litigation.” Therefore the York court reasoned that requiring the plaintiff to
demonstrate severe hardship before MDRs are produced is reasonable. Because the plaintiff failed to
demonstrate severe hardship, the court upheld the protective order.
FDA Center for Biologics Evaluation and Research: Biological Product Deviation Reporting System. The
FDA Center for Biologics Evaluation and Research, Biological Product Deviation Reporting (BPDR) system
requires licensed manufacturers of all biological products, unlicensed registered blood establishments,
and transfusion services to report any event associated with biologics that represents a deviation in
manufacturing (21 C.F.R. §§ 600.14, 606.171, 2004). Biologics include blood, blood components, and
source plasma. A deviation in manufacturing is any event that may effect the safety, purity, or potency
of a distributed product. FDA regulations require that the reports be submitted as soon as possible, but
not more than forty-five days from the date the manufacturer acquires information on a reportable
event. The regulations do not address the confidentiality of this information. However, as discussed
later in this chapter, this information is not likely to be released under the federal Freedom of
Information Act.
MedWatch. Through its MedWatch program, the FDA conducts postmarketing surveillance of medical
products to identify safety concerns and take necessary action. MedWatch is a voluntary medical
products reporting program. Health care professionals and consumers directly report adverse events
involving medical products and product problems, including medical product errors, to this confidential
and protected passive surveillance system. All reports undergo triage and are transferred to the
appropriate FDA center for evaluation and entry into the appropriate FDA database. FDA centers that
use this information include the Center for Drug Evaluation and Research (CDER), the Center for
Biologics Evaluation and Research (CBER), the Center for Food Safety and Applied Nutrition (CFSAN), and
the Center for Devices and Radiological Health (CDRH).
Ultimately, the program has four goals. First, MedWatch seeks to increase awareness of drug- and
device-induced disease. Second, MedWatch looks for ways to clarify what information should and
should not be reported to the FDA. Third, MedWatch endeavors to make reporting adverse events
easier by operating a single reporting system through which health care providers can alert the FDA to
problems with medical products. Finally, MedWatch seeks to provide regular feedback to the health
care community about medical product safety issues.
A key point to remember about MedWatch is that the FDA does not want reports of all adverse
reactions and especially not the ones listed as possible side effects on a product’s label. According to
MedWatch director Dianne Kennedy, “All drugs have side effects. If we were to get reports of all adverse
reactions, we’d be overwhelmed, making it difficult for us to focus on the issues with the most public
health impact” (Henkel, 1998). Therefore the incidents reported to MedWatch should fall in one of the
following categories: death, life-threatening hazard, hospitalization, disability, birth defect, miscarriage,
or a condition that needs intervention to prevent permanent damage. It is not necessary, however, to
prove conclusively before one makes a report that the medical product caused the adverse reaction
(Henkel, 1998).
Patient Safety Task Force. The Department of Health and Human Services established the Patient Safety
Task Force to coordinate and integrate data collection on medical errors and adverse events, coordinate
research and analysis efforts, and promote collaboration on reducing injuries that result from medical
errors. HHS hopes that the activities of the Patient Safety Task Force will contribute to HHS’s efforts to
reduce medical errors by 50 percent in five years. The task force is made up of representatives of four
agencies: the Agency for Healthcare Research and Quality (AHRQ), the Centers for Disease Control and
Prevention, the Food and Drug Administration, and the Centers for Medicare & Medicaid Services. The
task force met in April 2001 to discuss such topics as collaboration between agencies, confidentiality
issues, minimizing data burdens, and a proposed system for data collection. Julie Gerberding, then head
of the hospital infections program at the CDC, presented the proposed federal Patient Safety Data
System. The task force contracted with MEDSTAT, a health information company, to make
recommendations regarding the best method for integrating information from the various agencies. In
the end the task force will collect two types of data. First, AHRQ will support a series of demonstration
projects to identify the causes of errors and to develop evidence-based systems for reducing errors and
mitigating potential harm when they do occur. Second, data from the existing FDA and CDC reporting
systems will be incorporated into the coordinated system. According to HHS, maintaining confidentiality
of individual patients and providers in the reported information should be paramount.
Statutory and Regulatory Protection of Medical Records
The information in medical records is protected by a number of federal rules, regulations, and laws.
Further protection may be forthcoming under a proposed Patient Safety Improvement Act.
Federal Rule of Evidence 501. According to the Federal Rules of Evidence, Rule 501, privileges are
governed by courts’ interpretation of the common law “in the light of reason and experience.” Because
nondisclosure of information to the courts is seen as a negative action, it must be justified by some
balancing good. The best illustration of this is found in Wigmore’s criteria (1961, § 2285, p. 527) for
protecting privileged communications:
The communications must originate in a confidence that they will not be disclosed.
This element of confidentiality must be essential to the full and satisfactory maintenance of the relation
between the parties.
The relation must be one which in the opinion of the community ought to be sedulously fostered.
The injury that would inure to the relation by the disclosure of the communications must be greater
than the benefit thereby gained for the correct disposal of the litigation.
For example, the privilege for confidential marital communications is justified not because it is bad for
courts to pry into marital secrets but because the revelation of such secrets is likely to have a
destructive impact on marriages. There is no privilege for physician-patient communications under
federal law, however. Arguably, this is because confidentiality is not required for a patient to show a
doctor his or her symptoms when sick. Physical examination of a patient involves no communication
that is endangered by a lack of confidentiality. A patient has certain symptoms whether or not that
patient decides to disclose them, and the doctor is in a position to view the symptoms firsthand.
However, as is discussed later, the courts have recognized a psychotherapist-patient privilege, ostensibly
because that relationship does depend on open, verbal communication for effective diagnosis and
treatment.
Federal Rule of Civil Procedure 26(c). On the subject of the duty to disclose during discovery, Federal
Rule of Civil Procedure (FRCP) 26(c) states that “the court in the district where the deposition is to be
taken may make any order which justice requires to protect a party or person from annoyance,
embarrassment, oppression, or undue burden or expense, including … that the disclosure or discovery
not be had.” Before the court will issue a protective order for medical records on the basis that their
disclosure would constitute embarrassment or oppression, however, FRCP 26(c) requires that the
movant confer with the other affected parties in a good faith effort to resolve the discovery dispute
without the need for court intervention. In fact, protective orders in litigation are often obtained by
agreement between the parties. “Frequently these take the form of ‘umbrella’ protective orders that
authorize any person producing information to designate that which is confidential as protected under
the order” (Wright, Miller, and others, 1998). For example, in Reproductive Services v. Walker (1978),
the U.S. Supreme Court endorsed such an agreement between the parties, fashioned to keep the
identities of abortion clinic patients confidential. After approving the agreement between the parties,
the Walker Court dissolved its stay on discovery entered in a prior proceeding. Such orders have had
semiofficial endorsement since the Judicial Conference of the United States adopted the Handbook of
Procedures for the Trial of Protracted Cases in 1960.
Privacy Act of 1974. Congress enacted the Privacy Act in order to protect the privacy of personal and
financial data maintained in federal information systems (Kimberlin v. Dept. of Justice, 1986). The
Privacy Act binds only federal agencies and covers only records in the possession and control of federal
agencies (5 U.S.C. § 552a, 2000). The Privacy Act works to keep personal information from being
disclosed without the individual’s consent. Specifically, the Act protects medical history that contains an
individual’s name, identifying number or symbol, or other identifying particular assigned to the
individual. The Act forbids any federal agency to disclose such information unless, among other things, a
valid need to know exists, a routine use exception applies, or disclosure is made pursuant to a court
order. Under the routine use exception to the Privacy Act, records that would otherwise be protected
from disclosure may be discovered. Courts have defined routine use as the use of a record compatible
with its collection purpose (Kimberlin v. Dept. of Justice, 1986). Routine uses of medical records might
include the release of records to a billing contractor or to a laboratory or for other treatment or
administrative uses. Legal discovery, however, is not normally compatible with the collection purpose of
medical data. In fact, a Veterans Administration regulation authorizing the disclosure of information
pursuant to grand jury subpoenas as “routine use” was held invalid (Doe v. Stephens, 1988).
Freedom of Information Act. The federal Freedom of Information Act (FOIA) works to allow “public
access to official information unnecessarily shielded from the public view” (Parton v. U.S. Department of
Justice, 1984). The idea behind the FOIA is that requiring agencies to adhere to a philosophy of full
disclosure will help ensure an informed citizenry, “vital to the functioning of a democratic society” (U.S.
Department of Justice v. Tax Analysts, 1988). Consistent with this purpose, the strong presumption in
favor of disclosure, along with the plain language of the FOIA, places the burden on the agency to justify
the withholding of any requested documents (U.S. Department of State v. Ray, 1991).
The FOIA does not, however, provide carte blanche to citizens seeking information. It also lists types of
documents that are specifically exempt from disclosure, including “personnel and medical files and
similar files the disclosure of which would constitute a clearly unwarranted invasion of privacy” (5 U.S.C.
§ 552[b][6], 2000). Courts have interpreted this to mean that to fall under this exemption, the files must
be personnel, medical, or similar files and the disclosure must be an unwarranted invasion of privacy.
Determining whether an invasion of privacy is unwarranted requires a balancing of private rights with
public interests. An important point for the present analysis is that the courts have found no public
interest in using the FOIA as a discovery tool in private litigation (see, for example, Roberts v.
Department of Health and Human Services, 1988).
In Roberts the plaintiff requested medical questionnaires from the Department of Health and Human
Services under the FOIA. HHS provided the questionnaires but redacted the names from the
questionnaires. The issue for the district court was whether the plaintiff could compel HHS to release
the names under FOIA. The court found that the plaintiff could not. Balancing private and public
interests, the court found that there was almost no burden on the right to privacy because the
questionnaires were, at best, “rudimentary” medical records. However, the court found no public
interest that would be served by releasing the names because the plaintiff was “attempting to use the
FOIA as a discovery tool in private litigation, a purpose for which it was never intended.” Another
example of a case in which the court balanced interests in applying this exemption is U.S. Department of
State v. Ray (1991). In Ray, the Supreme Court found that immigration records could be released only
after the State Department redacted personal information. In response to the plaintiff ’s FOIA request,
the Department of State produced twenty-five documents containing information about Haitian
nationals who had attempted to immigrate illegally to the United States. The State Department deleted
the names from seventeen of the documents. The issue for the Court was whether these deletions were
authorized by the FOIA exemption. The Court held that the redactions were proper because, as the
Court had repeatedly held, “the text of the exemption requires the Court to balance the individual’s
right of privacy against the basic policy of opening agency action to the light of public scrutiny.” When
making these determinations, a court must “evaluate both the public benefit and the potential invasion
of privacy by looking at the nature of the information requested and the uses to which it could be put if
released to any members of the public” (Painting Industry of Hawaii v. Department of the Air Force,
1994).
Other Federal Statutes. Several other federal statutes provide protection of confidential medical
information. Although these statutes do not specifically address information gathered as a function of
medical error reporting, there may conceivably be overlap between information collected by a medical
error reporting program and information protected by the following statutes.
The Social Security Act protects medical information under the Medicare Choice program guidelines (42
U.S.C. § 1395w-22[h], 2000). Under this statute the Medicare Choice organization is required to
establish procedures “to safeguard the privacy of any individually identifiable enrollee information.” This
provision does not ensure the information will be safe from legal discovery once sent to the federal
government; however, it does help ensure that the Medicare Choice organization will not accidentally
disclose sensitive information to a third party, thereby destroying any privilege or confidentiality that
may exist from other sources. This provision applies only to Medicare+Choice organizations and does
not give organizations any guidance for achieving confidentiality.
The Social Security Act goes one step further in protecting substance abuse and mental health records
(42 U.S.C. § 290dd-2, 2000). It protects data relating to “the identity, diagnosis, prognosis, or treatment
of any patient, which are maintained in connection with the performance of any program or activity
relating to substance abuse education, prevention, training, treatment, rehabilitation, or research,
which is conducted, regulated, or directly or indirectly assisted by any department or agency of the
United States.” This section specifically requires that no such information be used “to initiate or
substantiate any criminal charges against a patient or to conduct any investigation of a patient.” The
information, however, may be released pursuant to a court order for good cause.
Under the Food, Drug, and Cosmetic Act, medical information regarding drug abuse prevention and
control studies may be granted even stricter protection (21 U.S.C. § 872, 2000). This statute permits the
attorney general to authorize persons engaged in such research to withhold the names and other
identifying characteristics of research subjects: “Persons who obtain this authorization may not be
compelled in any Federal, State or local civil, criminal, administrative, legislative or other proceeding to
identify the subjects of research for which such authorization was obtained.” This protection, however,
does not apply when there is no authorization by the attorney general. A similar but broader protection
is granted to research subjects under the Social Security Act. With the authorization of the secretary of
HHS, researchers may withhold names and other identifying characteristics of any research subjects (42
U.S.C. § 241[d], 2000). Researchers with authorization from the secretary cannot be compelled to
divulge the names of research subjects or other identifying characteristics in any federal, state, or local
civil or criminal proceeding.
Finally, the Veterans Health Administration protects confidential data relating to specific treatments or
disorders (38 U.S.C. § 7332, 2000). Records containing the identity or treatment data of any patient
relating to drug abuse, alcoholism, HIV infection, or sickle cell anemia are to be kept confidential. The
section does allow disclosure of HIV status to the spouse or sexual partner of the patient under specific
circumstances. Otherwise the statute provides protection except as authorized by court order. It also
provides that no record may be used to initiate or substantiate any criminal charges against or to
conduct any investigation of a patient or subject.
Health Insurance Portability and Accountability Act (HIPAA) Regulations. The HHS recently issued
regulations intended to protect the privacy and confidentiality of medical records (45 C.F.R. Part 164,
2003). These regulations apply to covered entities, a term that includes health plans, health care
clearinghouses, and health care providers who conduct certain financial and administrative transactions
electronically. However, the regulations do not apply only to electronic transmissions. The final rules
extend coverage to all medical record and other identifiable health information maintained or disclosed
by a covered entity in any form, whether communicated electronically, on paper, or orally. The general
rule is that the use or disclosure of protected health information (PHI) requires the patient’s permission,
except as permitted in the privacy regulations. Specifically, the rules permit use and disclosure in four
circumstances. First, PHI can be released to the individual about whom the information was generated.
Second, PHI can be released pursuant to a written consent for treatment, payment, or health care
operations. Third, an individual may provide written consent to have his information released for any
other purpose. Fourth, the rules establish certain exceptions under which PHI can be released, including
emergency care situations and situations in which the care provider attempts but fails to obtain consent
(45 C.F.R. §164.506[a]).
The rules also allow the covered entity the unlimited right to use and disclose deidentified information,
that is, information that does not identify the individual or that the covered entity has no reasonable
basis to believe can be used to identify the individual. A covered entity meets this standard either by
making a statistical determination that the information is deidentified or by meeting a safe harbor
provided in the rules.
Federal Peer Review Organization Regulations. Peer review organization (PRO) review of items or
services provided to Medicare beneficiaries determines whether the provided services are reasonable
and medically necessary, whether the care provided is complete and adequate, and whether the quality
of services meets professionally recognized standards of health care. PRO review of Medicare services is
governed by the Social Security Act and the regulations promulgated under that Act. Specifically, 42
C.F.R. Part 480 (2003) governs the acquisition, protection, and disclosure of PRO information. Generally,
a PRO must disclose information in its possession to the identified patient if the patient requests the
information in writing and all other patient and practitioner identifiers have been removed (42 C.F.R. §
480.132[a]). Before disclosing, the PRO must seek the advice of the practitioner who treated the patient
regarding the appropriateness of direct disclosure (42 C.F.R. § 480.132[a][2]). The PRO need not disclose
information to the patient if it believes that such a disclosure could harm the patient (42 C.F.R. §
480.132[c]). With its disclosure of confidential information to the patient, the PRO must include a
written statement informing the recipient that the information may not be redisclosed (42 C.F.R. §
480.104[a][2]). A PRO may make a disclosure to the public of its interpretations and generalizations
regarding the quality of health care, even where that disclosure identifies a particular institution (42
C.F.R. § 480.141). Such disclosures are, however, governed by the requirements of 42 C.F.R. §§ 480.104
and 480.105. These regulations provide that the PRO must disclose the information only in the format in
which the PRO uses the information and that the PRO must give the institution thirty days notice of its
intent to disclose the information.
Protection Offered by Proposed Legislation. In 2002, a bill was introduced into Congress that directly
addressed medical error management and reduction. Whether or not this bill ultimately passes, it
signals the direction in which Congress may be headed. The Patient Safety Improvement Act of 2002 (HR
4889) would designate patient safety data as privileged and confidential. That designation would apply
to information, such as medical records and other primary health care information, that is collected and
developed for the purpose of improving patient safety and health care quality and reported to a patient
safety organization such as a peer review organization or a quality committee. This privilege, however,
would not apply to information merely by reason of its inclusion in reported patient safety data.
Information available from sources other than a report made to a patient safety organization may be
discovered or admitted in civil or administrative proceedings if discoverable under state law.
Furthermore this privilege would not apply to records of a patient’s medical diagnosis and treatment,
data disclosed to the FDA, or disclosures of nonidentifiable patient safety data by the patient safety
organization to a patient safety database.
Common Law Protection
The extent to which physician-patient and psychotherapist-patient privileges exist have been
determined largely by the courts.
Physician-Patient Privilege. The federal courts do not recognize a physician-patient privilege, although
confidentiality between a patient and a physician has in some cases been deemed a constitutionally
protected zone of privacy. The U.S. Supreme Court has used an intermediate scrutiny test to balance the
“public and private interests” in the confidentiality of these communications (Whalen v. Roe, 1977). The
Court did not, however, go so far as to establish an absolute privacy interest in confidential medical
records information. In fact there is a hearsay exception to the Federal Rules of Evidence for medical
records.
The issue in Whalen was whether the state of New York could record, in a centralized computer file, the
names and addresses of all persons who obtained, pursuant to a legal prescription, certain drugs,
including cocaine, methadone, and amphetamines, for which there is both a lawful and an unlawful
market. Although the appellees offered some evidence that tended to show that persons in need of
treatment with these drugs will sometimes decline such treatment out of fear of being labeled a drug
addict, the Court found that the public benefit outweighed any burden on privacy. It is important that in
this case, public disclosure of the identity of patients was expressly prohibited by the statute at issue,
the New York State Controlled Substance Act of 1972 (N.Y. Pub. Health Law § 3300 et seq., 1976). The
Court therefore found that it did not need to address “any question which might be presented by the
unwarranted disclosure of accumulated personal data—whether intentional or unintentional.” Lower
courts have applied this same balancing test in deciding to permit disclosure of medical records. For
example, in In re Krynecki (1993) the court of appeals ordered disclosure. In Krynecki a physician
objected to a grand jury subpoena for medical records of 120 patients on the grounds that releasing the
records would violate patients’ privacy. The court recognized the potential burden on privacy but did
not agree such a burden was present in this case. The court made its determination on the premise that
the “confidentiality of the grand jury process sufficiently offset that concern.”
Psychotherapist-Patient Privilege. Although there is no physician-patient privilege recognized at
common law, in Jaffee v. Redmond (1996) the Supreme Court recognized a psychotherapist-patient
privilege. In Jaffee, the petitioner requested notes from the respondent’s psychotherapist sessions
during discovery. The respondent, a former police officer who had shot the petitioner’s decedent, in the
line of duty, refused to disclose the notes. The issue for the Court was whether it is appropriate for
federal courts to recognize a “psychotherapist privilege” under Rule 501 of the Federal Rules of
Evidence. The Court held that a psychotherapist privilege should apply to prevent disclosure of the notes
in this case. The Court reasoned that like the “spousal and attorney-client privileges, the
psychotherapist-patient privilege is ‘rooted in the imperative need for confidence and trust.’” The Court
differentiated treatment by a physician that often is accomplished on the basis of a purely physical
examination and psychotherapy that depends on the patient’s being able to “make a frank and
complete disclosure of facts, emotions, memories and fears.” The Court went even further, rejecting the
balancing component used by lower courts, because making confidentiality contingent on whether a
trial judge felt the privacy interest outweighed the public interest effectively eviscerated the privilege. In
other words, the participants to the confidential conversation “must be able to predict with some
degree of certainty whether particular discussions will be protected.”
Conclusion
There are grounds for concern that sharing medical error data with the government or an accrediting
agency will waive any privilege that may have previously protected that information from discovery. As
described in the chapter the states and the federal government have various ways in which to protect
medical error data. Judging from the actions of some states and the federal government, legislatures are
finding it increasingly important to protect such data to promote reporting and to foster improved
patient safety.
References
Amente v. Newman, 653 So. 2d 1030 (Fla. 1995).
American Jurisprudence, s.v. “Second Witnesses,” vol. 81, § 474, 2004.
Babcock v. Bridgeport Hospital, 742 A.2d 822 (Conn. 1999).
Beck v. Bluestein, 476 A.2d 842 (N.J. Sup. Ct. App. Div. 1984).
Berger v. Lutheran General Hospital, 2001 Ill. LEXIS 1423 (Oct. 18, 2001).
Centers for Disease Control and Prevention. “About NNIS.”
[http://www.cdc.gov/ncidod/hip/NNIS/@nnis.htm]. Sept. 2003.
Chicago Trust Co. v. Cook County Hospital, 698 N.E.2d 641 (Ill. App. Ct. 1998).
Cochran v. St. Paul Fire and Marine Insurance Co., 909 F. Supp. 641 (W.D. Ark. 1995).
Community Hospital of Indianapolis v. Medtronic, 594 N.E.2d 448 (Ind. App. 1st Dist. 1992).
Corrigan v. Methodist Hospital, 885 F. Supp. 127 (E.D. Pa. 1995).
Doe v. Stephens, 851 F.2d 1457 (D.C. Cir. 1988).
Dorris v. Detroit Osteopathic Hospital Corp., 594 N.W.2d 455 (Mich. 1999).
Ekstrom v. Temple, 553 N.E.2d 424 (2d Dist. 1990).
Fox v. Kramer, 70 Cal. App. 4th 177, 82 Cal. Rptr. 2d 513 (6th Dist. 1999).
Henkel, J. “MedWatch: FDA’s ‘Heads Up’ on Medical Product Safety.” FDA Consumer, 1998, 32(6), 10–
12, 15.
In re Krynecki, 1993 U.S. App. LEXIS 21759 (7th Cir.), cert. denied, 510 U.S. 1118 (1994).
Jaffee v. Redmond, 518 U.S. 1 (1996).
John C. Lincoln Hospital and Health Center v. Superior Court, 768 P.2d 188 (Ariz. Ct. App. 1989).
Kappas v. Chestnut Lodge, Inc., 709 F.2d 878 (4th Cir. 1983).
Kimberlin v. U.S. Department of Justice, 788 F.2d 434 (7th Cir. 1986).
Kutner v. Davenport, 360 S.E.2d 586 (Ga. 1987).
McMaster v. Board of Psychology Examiners, 509 N.W. 2d 754, 757 (Iowa 1993), cert. denied, 114 S. Ct.
2165 (1994).
Mulder v. VanKersen, 637 N.E.2d 1335 (Ind. Ct. App. 1994).
Nielson v. Bryson, 477 P.2d 714 (Ore. 1970).
Painting Industry of Hawaii v. Department of the Air Force, 26 F.3d 1479 (9th Cir. 1994).
Parton v. U.S. Department of Justice, 727 F.2d 774 (8th Cir. 1984).
Payne v. Howard, 75 F.R.D. 465 (D. D.C. 1977).
Reproductive Services v. Walker, 439 U.S. 1307, 1308–1309 (1978).
Roberts v. Department of Health and Human Services, 1988 U.S. Dist. LEXIS 10162 (E.D. Pa).
Robinson, A. R., and others. “Physician and Public Opinions on Quality of Health Care and the Problem of
Medical Errors.” Archives of Internal Medicine, Oct. 28, 2002, 162, 2186–2190.
Rosenthal, J., Riley, T., and Booth, M. State Reporting of Medical Errors and Adverse Events: Results of a
50-State Survey. Portland, Maine: National Academy for State Health Policy, 2000.
Rothschild, J. M., and others. “Analysis of Medication-Related Malpractice Claims: Causes,
Preventability, and Costs.” Archives of Internal Medicine, Nov. 25, 2002, 162, 2414–2420.
Sakosko v. Memorial Hospital, 167 Ill. App. 3d 842, 118 Ill. Dec. 818, 522 N.E.2d 273 (5th Dist. 1988).
Santa Rosa Memorial Hospital v. Superior Court, 174 Cal. App. 3d 711, 220 Cal. Rptr. 236 (1st Dist. 1985).
State ex rel. St. John’s Mercy Medical Center v. Hoester, 708 S.W.2d 796 (E.D. Mo. Ct. App. 1986).
Suwannee County Hospital Corporation v. Meeks, 472 So.2d 1305 (Fla. Dist. Ct. App. 1985).
United States v. AT&T, 642 F.2d 1285, 1299 (D.C. Cir. 1980).
U.S. Department of Justice v. Tax Analysts, 492 U.S. 136 (1988).
U.S. Department of State v. Ray, 502 U.S. 164 (1991).
University of Texas Health Science Center v. Jordan, 686 S.W.2d 652 (Tex. App. 1985).
Wall v. Ohio Permanente Medical Group, Inc., 695 N.E.2d 1233 (Ohio Ct. App. 1997).
Whalen v. Roe, 429 U.S. 589 (1977).
Wigmore, J. H. Evidence in Trials at Common Law. Vol. 8 (rev. by J. T. McNaughton). Boston: Little,
Brown, 1961.
Williams v. Roosevelt Hospital, 66 N.Y.2d 391, 395 (N.Y. 1985).
Wright, C. A., Miller, A. R., and others. Federal Practice and Procedure: Civil 2d § 2035. St. Paul, Minn.:
West, 1998.
York v. American Medical Systems, 1998 U.S. App. LEXIS 30105 (6th Cir. 1998).
JONA
Volume 44, Number 1, pp 23-29
Copyright B 2014 Wolters Kluwer Health | Lippincott Williams & Wilkins
THE JOURNAL OF NURSING ADMINISTRATION
How Hospital Leaders Contribute to
Patient Safety Through the
Development of Trust
Corinne Auer, MScN, RN
René Schwendimann, PhD, RN
Roswitha Koch, MCommH, RN
Sabina De Geest, PhD, RN, FAAN, FRCN
Dietmar Ausserhofer, PhD, RN
OBJECTIVE: The aim of this study was to explore the
associations between hospital management support
for patient safety, registered nurses’ trust in hospital
management, and their overall perception of patient
safety, considering aspects of safety communication as
possible mediating variables.
BACKGROUND: Limited research exists regarding how key elements of a patient safety culture, that
is, leadership, safety communication, and trust, are
interrelated.
METHODS: This study used cross-sectional nurse
survey data from 1,633 registered nurses working in
35 acute care hospitals participating in the Swiss arm
of the RN4CAST (Nurse Forecasting in Europe) study.
RESULTS: A path analysis revealed that the indirect
associations between ‘‘management support for patient safety’’ and ‘‘overall perception of patient safety’’
were more prominent than the direct association.
CONCLUSION: Our findings confirm that safety
communication plays a partially mediating role between ‘‘management support for patient safety’’ and
nursing professionals’ assessments of patient safety.
This suggests that hospital leader-unit exchanges might
improve patient safety.
Author Affiliations: Clinical Nurse Specialist (Ms Auer), Triemli
City Hospital, Zurich; Nurse Scientist (Drs Schwendimann and
Ausserhofer) and Professor and Chair (Dr De Geest), Institute of
Nursing Science, University of Basel, Basel; Chief of Nursing Development (Ms Koch), Swiss Nursing Association/SBK-ASI, Bern,
Switzerland.
The authors declare no conflicts of interest.
Correspondence: Dr Schwendimann, Institute of Nursing
Science, University of Basel, Bernoullistrasse 28, CH-4056 Basel,
Switzerland (rene.schwendimann@unibas.ch).
Supplemental digital content is available for this article. Direct
URL citations appear in the printed text and are provided in the
HTML and PDF versions of this article on the journal’s Web site
(www.jonajournal.com).
DOI: 10.1097/NNA.0000000000000017
JONA  Vol. 44, No. 1  January 2014
Most adverse events (AEs) result not from reckless
behavior by healthcare professionals but from system
failures in healthcare organizations.1,2 For instance,
Reason’s adapted accident causation model2 provides
a theoretical framework illustrating the dynamic multifactor flow of the occurrence of errors and AEs. In
this framework, the accident sequence begins with
‘‘latent failures’’ due to management decisions and
organizational processes. The negative consequences
are transmitted along various organizational and departmental pathways to local workplaces, where they
create the local condition that increase the likelihood
of unsafe acts such as errors and violations of policies
and procedures. Unless there are barriers in place to
prevent the consequences of these unsafe acts, they
lead to AEs.2
Current literature emphasizes safety culture as a
performance-shaping factor, influencing both clinicians’ safety behaviors and patient outcomes.3 One
strategy to overcome systemic defects is to develop
an organizational culture in which healthcare professionals afford patient safety a high priority, that
is, a safety culture.3-6 In 2005, Kirk et al4 described
several characteristics of such a culture, including the
importance of communication founded on openness;
a nonblame, nonpunitive approach to incident reporting; organizational learning; proactive identification
of latent threats to safety; and shared perceptions of
the importance of patient safety.
Recently, awareness has increased that improving patient safety and creating a culture of safety may
23
Copyright © 2014 Wolters Kluwer Health | Lippincott Williams & Wilkins. Unauthorized reproduction of this article is prohibited.
depend, to a great extent, on leadership and communication in healthcare organizations. For example,
root-cause analysis of sentinel events from the last 8 years
in the United States confirmed that poor leadership
and communication failures were consistently among
the key factors leading to AEs.7 Therefore, healthcare
leaders need to prioritize patient safety when allocating limited resources.8 Leadership engagement and
accountability for patient safety are essential to the
creation and maintenance of a care delivery system
focused on AE prevention.9
One mechanism of achieving this goal is through
proactive identification of latent safety threats.4,5 Supporting the value of leaders’ unit-level engagement with
caregivers, Schwendimann et al10 reported positive
correlations between leadership walk-rounds (WRs)
and caregivers’ safety behaviors.
Another vital element of patient safety culture is
trust in hospital management. To build and maintain
this, essential management characteristics are integrity, benevolence, and competence.11 As the foundation of the leader-member relationship, trust is essential
to a positive safety culture and patient safety.12 Nurses
who trust their hospital managers are more likely to
engage in safety-ori…