February 9, 2023

QUESTION:
A physician called requesting a patient transfer to our hospital.  We would like to start recording these types of calls for patient safety and quality purposes.  Does the hospital have to obtain the callers’ consent prior to recording these communications?

OUR ANSWER FROM HORTYSPRINGER ATTORNEY MARY PATERNI:
The hospital’s obligation to get a caller’s consent prior to recording the communication depends on whether the hospital is located in a “one-party consent” or an “all-party consent” state.

One-party consent states allow a person to record so long as they are a party to the communication and consent to the recording.  In this case, the physician making the call does not have to be informed that the call is being recorded since the physician receiving the call has already provided the necessary consent.  The hospital may, as a courtesy, include an automated message at the top of the call that informs the physician making the transfer request that the conversation will be recorded.

On the other hand, states that have adopted “all-party consent” recording laws prohibit the use of devices to record absent the consent of all parties involved in the communication.  Therefore, if you find yourself in an “all-party consent” state, then the hospital will be required to disclose that it is recording the call prior to the start of the conversation.

When deciding whether and how to record patient transfer calls, keep in mind that the hospital is obligated under the HIPAA Privacy Rule to protect private health information shared during these communications.  Therefore, it is important that the hospital determine how it will record and how it will store these communications.  If, for instance, the hospital decides to contract with another entity to record and store these communications, then the entity will likely be furnishing Business Associate services.  In this case, it would be necessary for the hospital and the entity to enter into a business associate contract to ensure that the entity is safeguarding these communications in a manner appropriate under HIPAA.

January 12, 2023

QUESTION:
We have a contract with a Patient Safety Organization (“PSO”) and are concerned by the Garcia case summarized in this week’s Health Law Express.  Is there anything that we can do to enhance the eligibility of information we are generating for protection under the Patient Safety and Quality Improvement Act (“PSQIA”)?

OUR ANSWER FROM HORTYSPRINGER ATTORNEY CHARLIE CHULACK:
Information becomes Patient Safety Work Product (“PSWP”) when it is collected as a part of a provider’s Patient Safety Evaluation System (“PSES”).  Therefore, it makes sense for health care providers that have an agreement with a PSO (or who are considering one) to draft a robust PSES Policy that specifically identifies information that is being collected as a part of its PSES.  The policy should also state that the information is being collected “solely” for reporting to a PSO and constitutes PSWP.  However, before identifying information to include in the PSES, a health care provider should review any applicable laws and regulations that define information collection and reporting obligations.  For example, Pennsylvania requires healthcare entities to report patient safety events to the state.  Under HHS Guidance (and most of the case law on the subject), such information would not be considered PSWP because it is not developed “solely” for reporting to a PSO – it is also being developed for reporting to the state.  The court in Garcia goes one step further, holding that a contractual obligation to generate patient safety information renders that information ineligible for protection as PSWP under the PSQIA. As noted above, this is an incredibly narrow interpretation of the privilege under the PSQIA and sees no support in the PSQIA regulations (although it is consistent with another recent case from a federal court in Oregon – Dence v. Wellpath).  The court appears to indicate that the contract’s reference to accreditation standards provides another reason the mortality review was generated, further removing it from the PSQIA protection.  However, the PSQIA regulations contain a PSWP disclosure exception for “voluntary disclosure[s] to an accrediting body.”  This suggests that information could qualify as PSWP and still be shared with an accreditation entity, such as The Joint Commission, to demonstrate that a health care provider is meeting accreditation standards.  Thus, the court’s reliance on obligations created by accreditation standards as a justification for certain information not being eligible to become PSWP is puzzling.  Nevertheless, development of a PSES is a tricky task, and a health care provider should review its information generation and reporting obligations to assist in defining its PSES and what qualifies as PSWP.

February 25, 2021

QUESTION:        A physician called requesting a patient transfer to our Hospital.  We would like to start recording these types of calls for patient safety and quality purposes.  Does the hospital have to obtain the callers’ consent prior to recording these communications?

ANSWER:           The hospital’s obligation to get a caller’s consent prior to recording the communication depends on whether the hospital is located in a “one-party consent” or an “all-party consent” state.

One-party consent states allow a person to record so long as they are a party to the communication and consent to the recording.  In this case, the physician making the call does not have to be informed that the call is being recorded since the physician receiving the call has already provided the necessary consent.  The hospital may, as a courtesy, include an automated message at the top of the call that informs the physician making the transfer request that the conversation will be recorded.

On the other hand, states that have adopted “all-party consent” recording laws prohibit the use of devices to record absent the consent of all parties involved in the communication.  Therefore, if you find yourself in an “all-party consent” state, then the hospital will be required to disclose that it is recording the call prior to the start of the conversation.

When deciding whether and how to record patient transfer calls, keep in mind that the hospital is obligated under the HIPAA Privacy Rule to protect patient health information shared during these communications.  Therefore, it is important that the hospital determine how it will record and how it will store these communications.  If, for instance, the hospital decides to contract with another entity to record and store these communications, then the entity will likely be furnishing business associate services.  In this case, it would necessary for the hospital and the entity to enter into a business associate contract to ensure that the entity is safeguarding these communications in a manner appropriate under HIPAA.

May 24, 2018

QUESTION:        A physician new to our staff has taken it upon himself to personally “investigate” potential patient safety issues; he says that the medical staff committees are “useless.”  He is not a member of any peer review committee.  What can we do?

ANSWER:            He should be counseled and advised (in writing) of proper channels for expressing his concerns.  He should be asked to provide specifics so the matters can be reviewed.  It is reasonable for hospital and medical staff leaders to develop a statement of expectations, which can be placed into the bylaws, credentials or peer review policy, or adopted separately, requiring that all medical staff members and privileged practitioners cooperate constructively in the peer review, patient safety and performance improvement processes. Careful procedures must be followed, to track any state peer review protection statutory requirements.  It is also a fundamental principle of professionalism and respect that any practitioner who has concerns about hospital policies or other practitioners’ performance should take those concerns through appropriate channels. Otherwise, the practitioner raising these concerns could open himself or herself up to defamation claims by other practitioners whose care or practice he or she has criticized.

The peer review process depends on the willingness of all privileged practitioners to cooperate constructively. Having this responsibility set forth clearly in writing can be very helpful in the event a practitioner continues to act out inappropriately, and thus place the organization and medical staff leaders at risk. In the event an adverse action is necessary, it is best to have a solid written record that leadership reached out to the physician and provided specific directives as to avenues for presenting quality and safety concerns.  If the practitioner persists after the counseling and written follow-up, he or she could be placed on a performance improvement plan or conditional continued appointment. That way, if this practitioner decides to sue, it will be easier to defend the claim because he or she will have brought about the action by his or her own conduct.  You should, however, look into all the issues the practitioner has raised, through appropriate mechanisms.