The Joint Commission on Accreditation of Healthcare Organization (JCAHO), a private organization that accredits the nations' health care institutions, has adopted a new policy that encourages all accredited health care organizations voluntarily to turn over their investigations of sentinel events to JCAHO. (A "sentinel event" is an event that leads to any unexpected occurrence involving death or serious physical or psychological injury or risk to patients.)
JCAHO's goal is to create a data base to learn about the underlying causes of sentinel events, to educate medical errors.
However, the new policy has encountered some bumps in the road due to serious problems concerning the confidentiality of information while it is in the possession of a third party, such as JCAHO.
A. Sentinel Event Policy
JCAHO is a non-profit organization that evaluates and accredits more than 18,000 health care organizations and programs, including hospitals, health care networks, ambulatory care providers, laboratories, home care and long term care. Accreditation by JCAHO is considered a seal of approval regarding health care quality.
Organizations accredited by JCAHO are required to conduct a complete internal investigation, or "root cause analysis," any time a sentinel event occurs. Failure to perform an acceptable root cause analysis and to implement an appropriate action plan can lead to loss of JCAHO accreditation.
The new twist to JCAHO's sentinel event policy came in April, 1998, when JCAHO announced that accredited organizations should voluntarily report any sentinel event and its root cause analysis to JCAHO. Soon after the new policy was implemented, JCAHO received a request to review a particular hospital's root cause analysis information from a party involved in litigation. JCAHO refused, and stated that it would fight any subpoena for the release of any organization's root cause analysis.
Normally, internal reports and communications regarding a health care organization's quality improvement efforts are protected as confidential by various state statutes. However, it is unclear whether submitting root cause analysis information to a third party will compromise these confidentiality protections.
Accordingly, there is growing concern among health care organizations that the sentinel event information shared with JCAHO will create additional medical malpractice exposure. In July, the delegates to the American Medical Association's annual meeting called for the suspension of JCAHO's voluntary root cause analysis reporting policy until concerns about confidentiality can be addressed.
C. JCAHO's Response
To address these issues, JCAHO has directed accredited organizations to delete the name of the patient and provider when reporting sentinel event information. Also, to limit the time that sensitive information is in JCAHO's hands, JCAHO will return the root cause analysis and action plan to each organization after approving the organization's next steps, or, upon request, JCAHO will make site visits to review an organization's root cause analysis documentation and remediation plan. (The fee for such an on-site visit is $3,500.)
In July, JCAHO announced two new protocols for its on-site review. One protocol will permit the direct assessment of root cause analysis information without explicit review of an organization's underlying documents. The second is a 12-month pilot test of a protocol, yet to be developed, that will delineate the specific documentation JCAHO will review for those organizations at risk of waiving legal protection for information shared with JCAHO.
Also, JCAHO has vowed to draft contracts with its accredited organizations that will contain language that formally recognizes JCAHO as an integral part of the organization's quality monitoring and improvement team, and thereby hopefully cover JCAHO under the organization's applicable confidentiality blanket.
D. State Protections
Individual state laws determine the degree of confidentiality protection afforded to health care organizations. In JCAHO's home state of Illinois, the Illinois Supreme Court has specifically ruled that communications between hospitals (and certain other health care organizations) and JCAHO are protected from disclosure.
In Pennsylvania, however, only health care providers are covered by peer-review statutes, and, therefore, JCAHO is likely unprotected. For example, two years ago, Pennsylvania's highest court ruled that Pennsylvania HMOs are not protected.
Virginia's statute provides that reports and communications of a hospital's quality improvement committee are privileged and exempt from disclosure, but it is unclear whether submission of root cause analyses to JCAHO will waive that protection.
During the 1998 legislative session, Maryland broadened its peer-review laws specifically to include submissions to JCAHO. Effective October 1, 1998, a Maryland medical review committee's proceedings, records and files are not discoverable or admissible as evidence in any civil action arising from matters reviewed by the medical review committee, even if the information is provided to an accrediting organization by reason of a request by that organization in compliance with the organization's accrediting procedures.
The best laid plans of mice and men often go astray. Although well intentioned, it remains to be seen whether JCAHO's sentinel events policy will evolve quickly and effectively enough to permit the nation's health care entities to cooperate with the new policy's lofty goals.