[Federal Register Volume 59, Number 204 (Monday, October 24, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-26210]
[[Page Unknown]]
[Federal Register: October 24, 1994]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF VETERANS AFFAIRS
38 CFR Part 17
RIN 2900-AG01
Confidentiality of Healthcare Quality Assurance Reviews
AGENCY: Department of Veterans Affairs.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Veterans Affairs (VA) is amending its
regulations which govern the confidentiality of documents produced in
VA healthcare quality assurance programs. These regulations specify and
provide for the limited disclosure of those quality assurance documents
which are confidential under the provisions of the Dept. of Veterans
Affairs Confidentiality of Medical Quality Assurance Records Act of
1980, 38 U.S.C. 5705.
EFFECTIVE DATE: This amendment is effective January 23, 1995.
FOR FURTHER INFORMATION CONTACT: Galen L. Barbour, M.D. Associate CMD
for Quality Management (15), 810 Vermont Avenue N.W., Washington, D.C.
20420.
SUPPLEMENTARY INFORMATION: VA published a proposal to amend 38 CFR part
17 in the Federal Register of August 20, 1993 (58 FR 44313). Interested
persons were invited to submit written comments, suggestions or
objections on or before September 20, 1993. We received one comment
from the American Psychiatric Association.
The commenter noted that the standards for disclosure of medical
quality assurance records protected by section 5705 do not mirror the
standards recently proposed by the VA regarding the confidentiality of
patient records related to drug abuse, alcoholism or alcohol abuse,
infection with the human immunodeficiency virus (HIV) and sickle cell
anemia. The commenter asked that VA articulate any statutory or public
policy difference regarding the protection of these two categories of
records.
Each category of records is protected by a statute which
specifically provides that records subject to it may be released
outside the agency only as authorized by that particular section of
title 38. Section 5705 applies to medical quality assurance records,
and section 7332 applies to drug abuse, alcoholism or alcohol abuse,
HIV infection and sickle cell anemia. The VA regulations in each case
reflect the protection and the disclosure authority specified by
Congress in each statute.
This revision of the regulations in 38 CFR part 17 applies to
healthcare quality assurance records and documents created after the
date on which the revision becomes effective. The previous regulations
are still applicable to records and documents created prior to that
date and remain protected by 38 U.S.C. 5705 (formerly 38 U.S.C. 3305),
Confidentiality of Medical Quality-Assurance Records. Records generated
for reviews which are initiated prior to the effective date of this
revision and are in accordance with the previous regulations are
protected by the previous regulations even if the records are completed
after the effective date of this revision.
This revision is necessary to update the previous regulations which
were published in 1982. Much of the language in those regulations no
longer reflects the practice and terminology of quality assurance.
These revised regulations describe the conditions determining the
confidentiality of documents produced in quality assurance programs.
They do not specify the quality assurance program requirements for
VA medical facilities; the rapidly changing environment to which
quality assurance programs respond requires that policy guidance on
this subject be presented in a more flexible and readily modifiable
format. Consequently, the Veterans Health Administration (VHA) is
simultaneously publishing a directive delineating the specific quality
assurance requirements for VA medical facilities and the oversight
responsibilities of VHA regarding these requirements.
To be confidential and privileged under 38 U.S.C. 5705 and these
regulations, a document or part of a document must meet all four of the
following criteria:
1. The quality assurance activity which generated the document must
fall under one of the four classes listed in 17.501(a).
2. In accordance with 17.501(b), the activity which generated the
document must have been previously designated in writing as an activity
which produces confidential quality assurance documents.
3. The document or part of document must meet one of the five
conditions described in 17.501(c).
4. The document or part of document must not meet any of the
conditions in 17.501(g).
The revised regulations allow confidential information concerning a
provider to be seen by that provider for educational and quality
improvement purposes. To protect the integrity of the peer review
process, the identities of the peer reviewers involved in the creation
of the data will not be disclosed to the provider, to the extent
practicable. We believe these changes will permit a flow of information
conducive to continuous quality improvement by making information on
their practice readily available to clinicians.
Information concerning the number of cases treated and procedures
performed by individual providers will no longer be confidential and
protected by 38 U.S.C. 5705 and these regulations. Consequently, 38
U.S.C. 5705 no longer constitutes a bar to VA facilities placing this
information in a practitioner's credentialing and privileging folder.
Since this information is important to the evaluation of a
practitioner's request for renewal of clinical privileges, making it
more readily available should increase the effectiveness of that
process.
The specific examples of programs and activities cited in 17.501(a)
are included to provide guidance to VA facilities in classifying their
review documents to simplify coverage under these regulations.
Documents from other systematic healthcare quality assurance reviews
which meet the criteria in 17.501 are also confidential.
It is expected that VA facilities will indicate on all confidential
review documents created after the publication of these regulations
that the document is confidential under 38 U.S.C. 5705 and these
regulations and also will designate the specific program or activity
within which the review is included. The program and activity names
used should be from the policy documents referred to in 17.501(b).
However, it is not necessary for the facility to have taken these steps
for a document which meets the criteria in 17.501 to be confidential
and privileged.
These regulations recognize that there are two types of external
reviews of care conducted by VA Central Office and the Regions. One
type generates documents which are made confidential and privileged by
38 U.S.C. 5705 while the documents resulting from the second type of
external review are not protected by that statute. Sections
17.501(a)(2), 17.501(a)(3) and 17.501(g)(9) clarify existing agency
procedures in this respect.
This revision does not address the filing of confidential quality
assurance documents by individual identifiers. This change from the
previous regulations does not mean that it is now legal to file
documents in this manner. Guidelines will be provided to the field when
this issue is resolved.
The revised regulations no longer specify the manner in which VA
facilities will maintain and protect records containing information
protected by 38 U.S.C. 5705. However, all VA facilities are expected to
provide the level of protection reasonably necessary to ensure that
access to and disclosure of all records containing information
protected by 38 U.S.C. 5705 will occur only as authorized by the
statute and implementing regulations.
Under these regulations, quality assurance investigations may be
initiated as needed by facilities as focused reviews. Focused reviews
can be used to study both specific incidents and specific issues.
Records and documents relating to focused reviews will be confidential
and privileged if they meet the criteria in 17.501.
As in the past, information and records derived from patient
medical records or facility administrative records, which are not
protected by 38 U.S.C. 5705 and these regulations, may be sent or
communicated to a third party payor who has asked for this information
in response to a VA request for reimbursement based on Public Law 99-
272 and Public Law 101-508. Reviews conducted at the request of the
third party payor do not generate records protected by 38 U.S.C. 5705
and these regulations since the reviews are not undertaken as part of
the VA's quality assurance program. Compliance with applicable patient
record confidentiality statutes is, of course, necessary.
The Secretary hereby certifies that this proposed regulatory
amendment will not, if promulgated, have a significant economic impact
on a substantial number of small entities as they are defined in the
Regulatory Flexibility Act, 5 U.S.C. SS 601-612. The reasons for this
certification are that the proposed regulatory amendment is for the
express purpose of implementing 38 U.S.C. 5705 which protects
particular records generated by the VA medical quality assurance
program; affects only confidential VA records; and imposes no
regulatory burdens on small entities. Pursuant to 5 U.S.C. S 605(b),
this proposed regulatory amendment is therefore exempt from the initial
and final regulatory-flexibility analyses requirements of sections 603
and 604.
There is no Catalog of Federal Domestic Assistant Number.
List of Subjects in 38 CFR Part 17
Alcoholism, Claims, Dental health, Drug abuse, Foreign relations,
Government contracts, Grant programs-health, Health care, Health
facilities, Health professions, Medical devices, Medical research,
Mental health programs, Nursing homes, Philippines, Veterans.
Approved: October 4, 1994.
Jesse Brown,
Secretary of Veterans Affairs.
For the reasons set forth in the preamble, VA amends 38 CFR Part 17
as follows:
PART 17--MEDICAL
1. The authority citation for Part 17 is revised to read as
follows:
Authority: 38 U.S.C. 501, 5705.
2. Sections 17.500 and 17.501 and the undesignated centerheading
preceding Sec. 17.500 are revised; Sec. 17.502 is added; Secs. 17.503
through 17.510 are revised; Sec. 17.511 is added; and Secs. 17.512
through 17.541 are removed as follows:
Confidentiality of Healthcare Quality Assurance Review Records
Sec. 17.500 General.
(a) Section 5705, title 38, United States Code was enacted to
protect the integrity of the VA's medical quality assurance program by
making confidential and privileged certain records and documents
generated by this program and information contained therein. Disclosure
of quality assurance records and documents made confidential and
privileged by 38 U.S.C. 5705 and the regulations in Secs. 17.500
through 17.511 may only be made in accordance with the provisions of 38
U.S.C. 5705 and those regulations.
(b) The purpose of the regulations in Secs. 17.500 through 17.511
is to specify and provide for the limited disclosure of those quality
assurance documents which are confidential under the provisions of 38
U.S.C. 5705.
(c) For purposes of the regulations in Secs. 17.500 through 17.511,
the VA's medical quality assurance program consists of systematic
healthcare reviews carried out by or for VA for the purpose of
improving the quality of medical care or improving the utilization of
healthcare resources in VA medical facilities. These review activities
may involve continuous or periodic data collection and may relate to
either the structure, process, or outcome of health care provided in
the VA.
(d) Nothing in the regulations in Secs. 17.500 through 17.511 shall
be construed as authority to withhold any record or document from a
committee or subcommittee of either House of Congress or any joint
committee or subcommittee of Congress, if such record or document
pertains to any matter within the jurisdiction of such committee or
joint committee.
(e) The regulations in Secs. 17.500 through 17.511 do not waive the
sovereign immunity of the United States, and do not waive the
confidentiality provisions and disclosure restrictions of 38 U.S.C.
5705.
(Authority: 38 U.S.C. 5705)
Sec. 17.501 Confidential and privileged documents.
(a) Documents and parts of documents are considered confidential
and privileged if they were produced by or for the VA in the process of
conducting systematic healthcare reviews for the purpose of improving
the quality of health care or improving the utilization of healthcare
resources in VA healthcare facilities and meet the criteria in
paragraphs (b) and (c) of this section. The four classes of healthcare
quality assurance reviews with examples are:
(1) Monitoring and evaluation reviews conducted by a facility:
(i) Medical records reviews,
(ii) Drug usage evaluations,
(iii) Blood usage reviews,
(iv) Surgical case/invasive procedure reviews,
(v) Service and program monitoring including monitoring performed
by individual services or programs, several services or programs
working together, or individuals from several services or programs
working together as a team,
(vi) Mortality and morbidity reviews,
(vii) Infection control review and surveillance,
(viii) Occurrence screening,
(ix) Tort claims peer reviews (except reviews performed to satisfy
the requirements of a governmental body or a professional health care
organization which is licensing practitioners or monitoring their
professional performance),
(x) Admission and continued stay reviews,
(xi) Diagnostic studies utilization reviews,
(xii) Reports of special incidents (VA Form 10-2633 or similar
forms) and follow-up documents unless developed during or as a result
of a Board of Investigation;
(2) Focused reviews which address specific issues or incidents and
which are designated by the reviewing office at the outset of the
review as protected by 38 U.S.C. 5705 and the regulations in
Secs. 17.500 through 17.511; focused reviews may be either:
(i) Facility focused reviews;
(ii) VA Central Office or Regional focused reviews;
(3) VA Central Office or Regional general oversight reviews to
assess facility compliance with VA program requirements if the reviews
are designated by the reviewing office at the outset of the review as
protected by 38 U.S.C. 5705 and the regulations in Secs. 17.500 through
17.511; and
(4) Contracted external reviews of care, specifically designated in
the contract or agreement as reviews protected by 38 U.S.C. 5705 and
the regulations in Secs. 17.500 through 17.511.
(b) The Under Secretary for Health, Regional Director or facility
Director will describe in advance in writing those quality assurance
activities included under the classes of healthcare quality assurance
reviews listed in paragraph (a) of this section. Only documents and
parts of documents resulting from those activities which have been so
described are protected by 38 U.S.C. 5705 and the regulations in
Secs. 17.500 through 17.511. If an activity is not described in a VA
Central Office or Regional policy document, this requirement may be
satisfied at the facility level by description in advance of the
activity and its designation as protected in the facility quality
assurance plan or other policy document.
(c) Documents and parts of documents generated by activities which
meet the criteria in paragraphs (a) and (b) of this section shall be
confidential and privileged only if they:
(1) Identify, either implicitly or explicitly, individual
practitioners, patients, or reviewers except as provided in paragraph
(g)(6) of this section; or
(2) Contain discussions relating to the quality of VA medical care
or utilization of VA medical resources by healthcare evaluators during
the course of a review of quality assurance information or data, even
if they do not identify practitioners, patients, or reviewers; or
(3) Are individual committee, service, or study team minutes,
notes, reports, memoranda, or other documents either produced by
healthcare evaluators in deliberating on the findings of healthcare
reviews, or prepared for purposes of discussion or consideration by
healthcare evaluators during a quality assurance review; or
(4) Are memoranda, letters, or other documents from the medical
facility to the Regional Director or VA Central Office which contain
information generated by a quality assurance activity meeting the
criteria in Sec. 17.501 (a) and (b); or
(5) Are memoranda, letters, or other documents produced by the
Regional Director or VA Central Office which either respond to or
contain information generated by a quality assurance activity meeting
the criteria in Sec. 17.501 (a) and (b).
(d) Documents which meet the criteria in this section are
confidential and privileged whether they are produced at the medical
facility, Regional or VA Central Office levels, or by external
contractors performing healthcare quality assurance reviews.
(e) Documents which are confidential and privileged may be in
written, computer, electronic, photographic or any other form.
(f) Documents which contain confidential and privileged material in
one part, but not in others, such as Clinical Executive Board minutes,
should be filed and maintained as if the entire document was protected
by 38 U.S.C. 5705. This is not required if the confidential and
privileged material is deleted.
(g) The following records and documents and parts of records and
documents are not confidential even if they meet the criteria in
paragraphs (a) through (c) of this section:
(1) Statistical information regarding VA healthcare programs or
activities that does not implicitly or explicitly identify individual
VA patients or VA employees or individuals involved in the quality
assurance process;
(2) Summary documents or records which only identify study topics,
the period of time covered by the study, criteria, norms, and/or major
overall findings, but which do not identify individual healthcare
practitioners, even by implication;
(3) The contents of Credentialing and Privileging folders as
described in VACO policy documents (38 U.S.C. 5705-protected records
shall not be filed in Credentialing and Privileging folders);
(4) Records and documents developed during or as a result of Boards
of Investigations;
(5) Completed patient satisfaction survey questionnaires and
findings from patient satisfaction surveys;
(6) Records and documents which only indicate the number of
patients treated by a practitioner, either by diagnosis or in
aggregate, or number of procedures performed by a practitioner, either
by procedure or in aggregate;
(7) Records and documents developed during or as a result of
reviews performed to satisfy the requirements of a governmental body or
a professional healthcare organization which is licensing practitioners
or monitoring their professional performance, e.g., National
Practitioner Data Bank, Federation of State Medical Boards, and
National Council of State Boards of Nursing;
(8) Documents and reports developed during or as a result of site
visits by the Office of the Medical Inspector except to the extent that
the documents and reports contain information that meets the criteria
described in this section and are produced by or for VA by other than
the Office of Medical Inspector;
(9) External reviews conducted by VA Central Office or a Region
other than those designated by the reviewing office under paragraph
(a)(2) or (a)(3) of this section as protected by 38 U.S.C. 5705 and the
regulations in Secs. 17.500 through 17.511;
(10) Documents and reports of Professional Standards Boards,
Credentialing Committees, Executive Committees of Medical Staff, and
similar bodies, insofar as the documents relate to the credentialing
and privileging of practitioners;
(11) Documents and reports developed during or as a result of data
validation activities;
(12) Documents and reports developed during or as a result of
occupational health monitoring;
(13) Documents and reports developed during or as a result of
safety monitoring not directly related to the care of specified
individual patients;
(14) Documents and reports developed during or as a result of
resource management activities not directly related to the care of
specified individual patients; and
(15) Information and records derived from patient medical records
or facility administrative records, which are not protected by 38
U.S.C. 5705 and the regulations in Secs. 17.500 through 17.511, may be
sent or communicated to a third party payor who has asked for this
information in response to a VA request for reimbursement based on
Public Law 99-272 and Public Law 101-508. Reviews conducted at the
request of the third party payor do not generate records protected by
38 U.S.C. 5705 and the regulations in Secs. 17.500 through 17.511 since
the reviews are not undertaken as part of the VA's quality assurance
program.
(Authority: 38 U.S.C. 5705)
Sec. 17.502 Applicability of other statutes.
(a) Disclosure of quality assurance records and documents which are
not confidential and privileged under 38 U.S.C. 5705 and the
confidentiality regulations in Secs. 17.500 through 17.511 will be
governed by the provisions of the Freedom of Information Act, and, if
applicable, the Privacy Act and any other VA or federal confidentiality
statutes.
(b) When included in a quality assurance review, confidential
records protected by other confidentiality statutes such as 5 U.S.C.
552a (the Privacy Act), 38 U.S.C. 7332 (drug and alcohol abuse, sickle
cell anemia, HIV infection), and 38 U.S.C. 5701 (veterans' names and
addresses) retain whatever confidentiality protection they have under
these laws and applicable regulations and will be handled accordingly.
To the extent that information protected by 38 U.S.C. 5701 or 7332 or
the Privacy Act is incorporated into quality assurance records, the
information in the quality assurance records is still protected by
these statutes.
(Authority: 38 U.S.C. 5705)
Sec. 17.503 Improper disclosure.
(a) Improper disclosure is the disclosure of confidential and
privileged healthcare quality assurance review records or documents (or
information contained therein), as defined in Sec. 17.501, to any
person who is not authorized access to the records or documents under
the statute and the regulations in Secs. 17.500 through 17.511.
(b) ``Disclosure'' means the communication, transmission, or
conveyance in any way of any confidential and privileged quality
assurance records or documents or information contained in them to any
individual or organization in any form by any means.
(Authority: 38 U.S.C. 5705)
Sec. 17.504 Disclosure methods.
(a) Disclosure of confidential and privileged quality assurance
records and documents or the information contained therein outside VA,
where permitted by the statute and the regulations in Secs. 17.500
through 17.511, will always be by copies, abstracts, summaries, or
similar records or documents prepared by the Department of Veterans
Affairs and released to the requestor. The original confidential and
privileged quality assurance records and documents will not be removed
from the VA facility by any person, VA employee or otherwise, except in
accordance with Sec. 17.508(c) or where otherwise legally required.
(b) Disclosure of confidential and privileged quality assurance
records and documents to authorized individuals under either
Sec. 17.508 or Sec. 17.509 shall bear the following statement: ``These
documents or records (or information contained herein) are confidential
and privileged under the provisions of 38 U.S.C. 5705, which provide
for fines up to $20,000 for unauthorized disclosures thereof, and the
implementing regulations. This material shall not be disclosed to
anyone without authorization as provided for by that law or the
regulations in Secs. 17.500 through 17.511.''
(Authority: 38 U.S.C. 5705)
Sec. 17.505 Disclosure authorities.
The VA medical facility Director, Regional Director, Under
Secretary for Health, or their designees are authorized to disclose any
confidential and privileged quality assurance records or documents
under their control to other agencies, organizations, or individuals
where 38 U.S.C. 5705 or the regulations in Secs. 17.500 through 17.511
expressly provide for disclosure.
(Authority: 38 U.S.C. 5705)
Sec. 17.506 Appeal of decision by Veterans Health Administration to
deny disclosure.
When a request for records or documents subject to the regulations
in Secs. 17.500 through 17.511 is denied in whole or in part by the VA
medical facility Director, Regional Director or Under Secretary for
Health, the VA official denying the request in whole or in part will
notify the requestor in writing of the right to appeal this decision to
the General Counsel of the Department of Veterans Affairs within 60
days of the date of the denial letter. The final Department decision
will be made by the General Counsel or the Deputy General Counsel.
(Authority: 38 U.S.C. 5705)
Sec. 17.507 Employee responsibilities.
(a) All VA employees and other individuals who have access to
records designated as confidential and privileged under 38 U.S.C. 5705
and the regulations in Secs. 17.500 through 17.511 will treat the
findings, views, and actions relating to quality assurance in a
confidential manner.
(b) All individuals who have had access to records designated as
confidential and privileged under 38 U.S.C. 5705 and the regulations in
Secs. 17.500 through 17.511 will not disclose such records or
information therein to any person or organization after voluntary or
involuntary termination of their relationship to the VA.
(Authority: 38 U.S.C. 5705)
Sec. 17.508 Access to quality assurance records and documents within
the agency.
(a) Access to confidential and privileged quality assurance records
and documents within the Department pursuant to this section is
restricted to VA employees (including consultants and contractors of
VA) who have a need for such information to perform their government
duties or contractual responsibilities and who are authorized access by
the VA medical facility Director, Regional Director, the Under
Secretary for Health, or their designees or by the regulations in
Secs. 17.500 through 17.511.
(b) To foster continuous quality improvement, practitioners on VA
rolls, whether paid or not, will have access to confidential and
privileged quality assurance records and documents relating to
evaluation of the care they provided.
(c) Any quality assurance record or document, whether confidential
and privileged or not, may be provided to the General Counsel or any
attorney within the Office of General Counsel, wherever located. These
documents may also be provided to a Department of Justice (DOJ)
attorney who is investigating a claim or potential claim against the VA
or who is preparing for litigation involving the VA. If necessary, such
a record or document may be removed from the VA medical facility to the
site where the General Counsel or any attorney within the Office of
General Counsel or the DOJ attorney is conducting an investigation or
preparing for litigation.
(d) Any quality assurance record or document or the information
contained therein, whether confidential and privileged or not, will be
provided to the Department of Veterans Affairs Office of Inspector
General upon request. A written request is not required.
(e) To the extent practicable, documents accessed under paragraph
(b) of this section will not include the identity of peer reviewers.
Reasonable efforts will be made to edit documents so as to protect the
identities of reviewers, but the inability to completely do so will not
bar access under paragraph (b).
(f) No individual shall be permitted access to confidential and
privileged quality assurance records and documents identified in
Sec. 17.501 unless such individual has been informed of the penalties
for unauthorized disclosure. Any misuse of confidential and privileged
quality assurance records or documents shall be reported to the
appropriate VHA official, e.g., Service Chief, Medical Center Director.
(g) In general, confidential and privileged quality assurance
records and documents will be maintained for a minimum of 3 years and
may be held longer if needed for research studies or quality assurance
or legal purposes.
(Authority: 38 U.S.C. 5705)
Sec. 17.509 Authorized disclosure: Non-Department of Veterans Affairs
requests.
(a) Requests for confidential and privileged quality assurance
records and documents from organizations or individuals outside VA must
be made to the Department and must specify the nature and content of
the information requested, to whom the information should be
transmitted or disclosed, and the purpose listed in paragraphs (b)
through (j) of this section for which the information requested will be
used. In addition, the requestor will specify to the extent possible
the beginning and final dates of the period for which disclosure or
access is requested. The request must be in writing and signed by the
requestor. Except as specified in paragraphs (b) and (c) of this
section, these requests should be forwarded to the Director of the
facility in possession of the records or documents for response. The
procedures outlined in 38 CFR 1.500 through 1.584 will be followed
where applicable.
(b) Disclosure shall be made to Federal agencies upon their written
request to permit VA's participation in healthcare programs including
healthcare delivery, research, planning, and related activities with
the requesting agencies. Any Federal agency may apply to the Under
Secretary for Health for approval. If the VA decides to participate in
the healthcare program with the requestor, the requesting agency will
enter into an agreement with VA to ensure that the agency and its staff
will ensure the confidentiality of any quality assurance records or
documents shared with the agency.
(c) Qualified persons or organizations, including academic
institutions, engaged in healthcare program activities shall, upon
request to and approval by the Under Secretary for Health, Regional
Director, medical facility Director, or their designees, have access to
confidential and privileged medical quality assurance records and
documents to permit VA participation in a healthcare activity with the
requestor, provided that no records or documents are removed from the
VA facility in possession of the records.
(d) When a request under paragraphs (b) or (c) of this section
concerns access for research purposes, the request, together with the
research plan or protocol, shall first be submitted to and approved by
an appropriate VA medical facility Research and Development Committee
and then approved by the Director of the VA medical facility. The VA
medical facility staff together with the qualified person(s) conducting
the research shall be responsible for the preservation of the anonymity
of the patients, clients, and providers and shall not disseminate any
records or documents which identify such individuals directly or
indirectly without the individual's consent. This applies to the
handling of data or information as well as reporting or publication of
findings. These requirements are in addition to other applicable
protections for the research.
(e) Individually identified patient medical record information
which is protected by another statute as provided in Sec. 17.502 may
not be disclosed to a non-VA person or organization, including
disclosures for research purposes under paragraph (d), except as
provided in that statute.
(f) Under paragraph (b), the Under Secretary for Health or designee
or under paragraph (c), the Under Secretary for Health, Regional
Director, medical facility Director, or their designees may approve a
written request if it meets the following criteria:
(1) Participation by VA will benefit VA patient care; or
(2) Participation by VA will enhance VA medical research; or
(3) Participation by VA will enhance VA health services research;
or
(4) Participation by VA will enhance VA healthcare planning or
program development activities; or
(5) Participation by VA will enhance related VA healthcare program
activities; and
(6) Access to the record by the requester is required for VA to
participate in a healthcare program with the requester.
(g) Protected quality assurance records or documents, including
records pertaining to a specific individual, will for purposes
authorized under law be disclosed to a civil or criminal law
enforcement governmental agency or instrumentality charged under
applicable law with the protection of public health or safety,
including state licensing and disciplinary agencies, if a written
request for such records or documents is received from an official of
such an organization. The request must state the purpose authorized by
law for which the records will be used. The Under Secretary for Health,
Regional Director, medical facility Director, or their designees will
determine the extent to which the information is disclosable.
(h) Federal agencies charged with protecting the public health and
welfare, federal and private agencies which engage in various
monitoring and quality control activities, agencies responsible for
licensure of individual health care facilities or programs, and similar
organizations will be provided confidential and privileged quality
assurance records and documents if a written request for such records
or documents is received from an official of such an organization. The
request must state the purpose for which the records will be used. The
Under Secretary for Health, Regional Director, medical facility
Director, or their designees will determine the extent to which the
information is disclosable.
(i) JCAHO (Joint Commission on Accreditation of Healthcare
Organizations) survey teams and similar national accreditation agencies
or boards and other organizations requested by VA to assess the
effectiveness of quality assurance program activities or to consult
regarding these programs are entitled to disclosure of confidential and
privileged quality assurance documents with the following
qualifications:
(1) Accreditation agencies which are charged with assessing all
aspects of medical facility patient care, e.g., JCAHO, may have access
to all confidential and privileged quality assurance records and
documents.
(2) Accreditation agencies charged with more narrowly focused
review (e.g., College of American Pathologists, American Association of
Blood Banks, Nuclear Regulatory Commission, etc.) may have access only
to such confidential and privileged records and documents as are
relevant to their respective focus.
(j) Confidential and privileged quality assurance records and
documents shall be released to the General Accounting Office if such
records or documents pertain to any matter within its jurisdiction.
(k) Confidential and privileged quality assurance records and
documents shall be released to both VA and non-VA healthcare personnel
upon request to the extent necessary to meet a medical emergency
affecting the health or safety of any individual.
(l) For any disclosure made under paragraphs (a) through (i) of
this section, the name of and other identifying information regarding
any individual VA patient, employee, or other individual associated
with VA shall be deleted from any confidential and privileged quality
assurance record or document before any disclosure under these quality
assurance regulations in Secs. 17.500 through 17.511 is made, if
disclosure of such name and identifying information would constitute a
clearly unwarranted invasion of personal privacy.
(m) Disclosure of the confidential and privileged quality assurance
records and documents identified in Sec. 17.501 will not be made to any
individual or agency until that individual or agency has been informed
of the penalties for unauthorized disclosure or redisclosure.
(Authority: 38 U.S.C. 5705)
Sec. 17.510 Redisclosure.
No person or entity to whom a quality assurance record or document
has been disclosed under Sec. 17.508 or Sec. 17.509 shall make further
disclosure of such record or document except as provided for in 38
U.S.C. 5705 and the regulations in Secs. 17.500 through 17.511.
(Authority: 38 U.S.C. 5705)
Sec. 17.511 Penalties for violations.
Any person who knows that a document or record is a confidential
and privileged quality assurance document or record described in
Secs. 17.500 through 17.511 and willfully discloses such confidential
and privileged quality assurance record or document or information
contained therein, except as authorized by 38 U.S.C. 5705 or the
regulations in Secs. 17.500 through 17.511, shall be fined not more
than $5,000 in the case of a first offense and not more than $20,000 in
the case of each subsequent offense.
(Authority: 38 U.S.C. 5705)
[FR Doc. 94-26210 Filed 10-21-94; 8:45 am]
BILLING CODE 8320-01-P
