skip to main content
AICPA

Pennsylvania Patient Safety Authority (PSA) Announces New Directive Requiring the Submission of Root Cause Analysis (RCA) and Related Materials Through the PSRS Reporting System

Patient safety reporting

A controversial “Program Memorandum” issued December 21, 2022 by the Pennsylvania Patient Safety Authority (PSA) Program Office, announced that beginning in January 2023, facilities will be required to provide “internal investigations” related to events submitted to the PSRS reporting system, upon request. These “internal investigation” materials may include “root cause analysis, mini-analyses, and manager or patient safety officer follow-up notes.” These materials must “at a minimum. . . identify the cause of the event, if known, contributing factors, and actions taken to prevent recurrence.” 

PSA states that this information is “considered a required component of the PA-PSRS report and will remain confidential.” 

The MCARE Patient Safety Act, 40 P.S. § 1303.301 et seq. does not provide any clear statutory authority for the new directive. While the Program Memorandum states that the investigative materials are “considered a required component of the PA-PSRS report” the statutory reporting provision, on its face, does not appear to encompass investigative materials. Section 313 requires facilities to report “the occurrence of” a serious event, incident, or infrastructure failure to PSRS “in the form and manner prescribed by the authority in consultation with the [Department of Health].” Serious events and infrastructure failures must be reported within 24 hours. 

MCARE does not mandate any reporting other than “the occurrence of” an event. Nor does it authorize the PSA to direct facilities to produce information other than the occurrence of an event. The statutory authority to develop a form for reporting would appear to be limited to reporting of the occurrence of the event. The 24-hour reporting limitation would preclude a provider from conducting a complete or meaningful investigation or RCA as part of reporting the occurrence of an event. 

PSA also states that any information provided to it will “remain confidential.” Again, it is unclear whether PSA has the authority to assure the confidentiality of this information. Section 311, which provides the assurance of confidentiality, limits it to “documents, materials or information solely prepared or created for the purpose of compliance with section 310(b) or of reporting under section 304(a)(5) or (b), 306(a)(2), or (3), 307(b)(3), 308(a), 309(4), 310(b)(5) or 313 which arise out of matters reviewed by the patient safety committee pursuant to Section 310(b) or the governing board of a medical facility pursuant to section 310(b).” Since none of the cited provisions require facilities to provide investigative materials or RCAs to PSA as part of PSRS reporting, it is unclear that PSA could protect these materials as confidential once reported to the Authority. Moreover, restrictive court interpretations regarding the “solely” requirement of this section of MCARE provide further uncertainty as to whether a court would honor the confidentiality protection for RCA or investigative materials prepared by a provider as part of its internal patient safety analysis but also provided to PSA. 

This directive also creates uncertainty for those Pennsylvania facilities that conduct investigations and RCAs within their internal Patient Safety Evaluation Systems (PSESs) as Patient Safety Work Product (PSWP) created pursuant to the federal privilege and confidentiality protections of the federal Patient Safety and Quality Improvement Act, 42 U.S.C. § 299b-21 et seq. PSWP may not be disclosed externally except pursuant to specific statutory disclosure “permissions.” Those permissions do not authorize sharing of PSWP with a state patient safety authority. Therefore, a demand for such information from PSA could jeopardize providers’ ability to comply with their obligations of confidentiality under this federal statute and thus put them at risk of federal sanctions for breach of confidentiality.

The assurance of confidentiality and privilege protection under state and federal patient safety statutes is an essential component of effective patient safety analysis. Those provisions are designed specifically to encourage voluntary, internal reporting and robust self-critical analysis of patient safety events that will generate shared learning to improve patient safety and quality within facilities, health systems, and across the nation. Provider concern over the strength of the privilege and confidentiality protections has been demonstrated time and again to have a substantial chilling impact on this essential activity. 

The PSA Program Memorandum raises many troublesome issues for providers. Impacted facilities may wish to consult with legal counsel to better understand the extent of their legal obligations. 

Disclaimer: This post does not offer specific legal advice, nor does it create an attorney-client relationship. You should not reach any legal conclusions based on the information contained in this post without first seeking the advice of counsel.

About the Author

Robin Locke Nagele is a Principal in the firm's Health Care Practice Group. She has a national health care litigation and consulting practice, in which she represents, in complex commercial, regulatory and antitrust matters, proprietary and not-for-profit health care providers, multi-hospital systems, integrated delivery systems, academic/teaching medical centers, and ancillary service providers, along with their medical, executive and corporate leadership.

Read more >