Page 1 of 1

Final rule issued for Patient Safety Organizations

Research Activities, January 2009, No. 341

The U.S. Department of Health and Human Services (HHS) has issued a final rule for Patient Safety Organizations (PSOs). The rule becomes effective on January 19, 2009. It provides final requirements and procedures for PSOs, new entities that clinicians and health care providers can work with to collect, aggregate, and analyze data within a legally secure environment of privilege and confidentiality protections to identify and reduce patient care risks and hazards.

Under interim guidance issued on October 8, 2008, the Agency for Healthcare Research and Quality (AHRQ) has already listed 15 PSOs. During the remainder of the interim period, these organizations will maintain their status as PSOs. However, these and other PSOs listed throughout the interim period are expected to comply with the final rule once it takes effect.

The listing of PSOs is authorized by the Patient Safety and Quality Improvement Act of 2005 (Patient Safety Act). The Patient Safety Act is intended to encourage voluntary, provider-driven initiatives to improve the safety of health care through the establishment of legal protections to ensure that providers who report patient safety information do not incur new legal liability; to promote rapid learning about the underlying causes of risks and harms in the delivery of health care; and to share those findings widely, thus speeding the pace of improvement.

The final rule is consistent with many of the provisions of the proposed rule issued on February 12, 2008. However, it also includes new requirements for PSOs, such as:

  • The requirement that a PSO notify providers if the patient safety work product it submits is inappropriately disclosed or its security is breached.
  • Changes to the requirements for how a component PSO maintains separation between itself and its parent organization(s), making it more flexible.

The final rule also includes several important changes from the proposed rule regarding the listing and delisting of PSOs and the ways in which PSOs must comply with statutory requirements, including:

  • Expansion in the types of entities and organizations excluded from listing as PSOs.
  • Revisions to how PSOs should disclose certain relationships with health care providers.
  • Increased flexibility in how PSOs can store patient safety work products.
  • Automatic expiration of departmental listing after 3 years unless a PSO's listing is continued by the Secretary.
  • An expedited delisting process for PSOs in a limited number of serious circumstances.

AHRQ administers provisions dealing with PSO operations, and the HHS Office for Civil Rights enforces confidentiality provisions. The final rule addresses concerns regarding how providers may efficiently collect and analyze patient safety event information with privilege and confidentiality protections while complying with existing reporting requirements that seek similar information.

To read the final rule and access more information about PSOs, including background on the rulemaking process, visit AHRQ's PSO Web site at

Current as of January 2009
Internet Citation: Final rule issued for Patient Safety Organizations: Research Activities, January 2009, No. 341. January 2009. Agency for Healthcare Research and Quality, Rockville, MD.