§ 23-17.21-7 Requirements for patient safety organizations.
(a) PSO shall be certified by the department before entering into a contract with a reporting entity.
(b) A PSO shall provide guidance to reporting entities on reporting matters, and shall maintain all reports and associated documents as confidential and privileged, including any reports or information with identifiable information.
(c) A PSO shall, as appropriate, disseminate to health care providers and facilities, the department, the quality of care advisory committee, and the public, information or recommendations, including suggested policies, procedures or protocols, on best medical practices or potential system changes designed to improve patient safety and the overall quality of care. Notwithstanding the foregoing, the PSO shall not disclose identifiable patient safety work product to the department, the quality of care advisory committee, or the public.
(d) A PSO shall have in place appropriate safeguards and security measures to ensure the technical integrity, physical safety, and confidentiality of any patient safety work product. As provided for in § 23-17.21-8, patient safety work product shall be confidential, and shall not be subject to any discovery, access or use by any person or entity other than the PSO and the reporting entity with which the PSO has contracted. Nothing in this chapter shall be construed to prohibit a PSO from choosing to disclose patient safety work product, or portions of patient safety work product solely to a reporting entity, in conformity with the PSO's mission and within its contractual obligations to the reporting entity submitted the information. No patient safety organization may release protected health information or patient identifying information without meeting the requirements of state laws and the federal Health Insurance Portability and Accountability Act of 1996 as amended from time to time.
(e) The PSO shall adopt appropriate physical, technical and procedural safeguards to ensure the privacy and security of the patient safety work product. Such safeguards shall comply with the state and federal confidentiality laws including, without limitation, the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (45 C.F.R. Parts 160-164).
(P.L. 2008, ch. 157, § 1; P.L. 2008, ch. 175, § 1.)