Establish Policies and Procedures for Conducting Patient Safety Activities
Before completing and submitting the Certification for Initial Listing Form, the entity seeking listing must have in place written policies and procedures needed to perform the eight required patient safety activities specified in the Patient Safety Rule. The policies and procedures should outline the "what" (i.e., the Policy) and "how" (i.e., the Procedure) specific to the anticipated PSO's own operations. The entity should provide a systematic, step-by-step outline of the activities that will take place in the PSO including the workforce positions responsible for each activity. Merely re-stating general text from the rule does not fulfill this requirement. For more information, see Policies and Procedures—Topics to Address (PDF, 375 KB).
Please note that AHRQ does not create, approve, or endorse any model PSO policies and procedures or any other template documents for use by PSOs in their operations.
The eight required patient safety activities are:
- Efforts to improve patient safety and the quality of healthcare delivery;
- The collection and analysis of patient safety work product;
- The development and dissemination of information with respect to improving patient safety, such as recommendations, protocols, or information regarding best practices;
- The utilization of patient safety work product for the purposes of encouraging a culture of safety and of providing feedback and assistance to effectively minimize patient risk;
- The maintenance of procedures to preserve confidentiality with respect to patient safety work product;
- The provision of appropriate security measures with respect to patient safety work product;
- The utilization of qualified staff; and
- Activities related to the operation of a patient safety evaluation system and to the provision of feedback to participants in a patient safety evaluation system.
With respect to Patient Safety Activities (5) and (6) regarding confidentiality and security, the policies and procedures must include and provide for compliance with the confidentiality and security requirements in the Patient Safety Rule as well as notification to each provider if patient safety work product or data they submitted was subject to an unauthorized disclosure or security breach.
The Certification for Initial Listing also requires the applicant to certify that, if listed as a PSO, it will also comply with the seven requirements listed below. The entity may choose to address aspects of these in its policies and procedures but is not required to do so:
- The mission and primary activity of the PSO must be to conduct activities that are to improve patient safety and the quality of healthcare delivery.
- The PSO must have appropriately qualified workforce members, including licensed or certified medical professionals.
- The PSO, within the 24-month period that begins on the date of its initial listing as a PSO, and within each sequential 24-month period thereafter, must have 2 bona fide contracts, each of a reasonable period of time, each with a different provider for the purpose of receiving and reviewing patient safety work product.
- The PSO is not a health insurance issuer and is not a component of a health insurance issuer.
- The PSO must make disclosures as required under section 3.102(d), in accordance with section 3.112 of this subpart.
- To the extent practical and appropriate, the PSO must collect patient safety work product from providers in a standardized manner that permits valid comparisons of similar cases among similar providers.
- The PSO must utilize patient safety work product for the purpose of providing direct feedback and assistance to providers to effectively minimize patient risk.
Select another topic: