What Hospitals Might Miss About Patient Safety Organization Privilege Protections

Most hospitals with a patient safety organization (PSO) relationship assume their event data is protected once it enters the PSO process. The protections are real, but they depend on internal workflows that some hospitals have not built. The HHS Office of Inspector General (OIG) has found that many hospitals with PSO agreements lacked the internal governance structures needed to protect PSWP from discovery. For Quality leaders, Patient Safety Officers, and Risk Managers, that operational gap is where litigation exposure quietly accumulates.

This article shows where patient safety work product (PSWP) protections most often break down inside hospitals, the workflow controls that hold them in place, and how American Data Network’s (ADN) Patient Safety Organization (one of the first PSOs listed by AHRQ) supports the structured reporting environment hospitals need.

Key Takeaways

• PSWP protections are workflow-dependent. A PSO agreement alone does not guarantee privilege if internal documentation, sharing, and reporting practices do not preserve it.
• Three failure points account for most exposure: where events are first documented, who PSO-protected findings are shared with, and whether protected and non-protected analysis get blended in governance reports.
• Each failure point has a corresponding control: a written PSES intake policy, a written PSES access policy, and governance report templates that separate PSO-protected findings from non-protected QI analysis.
• Periodic review of whether PSO workflows are actually being followed is the audit step most hospitals skip, and where exposure quietly accumulates.

Where Does Patient Safety Organization Protection Break Down?

PSO protections do not fail because the statute is weak. They fail because internal processes create gaps the statute cannot close. For busy Quality and Risk leaders, the fastest way to assess PSWP risk is to look at three workflow points: intake, sharing, and governance reporting.

#1: Documentation Location

Where an event is initially documented strongly affects whether the information qualifies as PSWP. Information created or assembled within the hospital’s patient safety evaluation system (PSES) for reporting to a PSO is more likely to retain protection. Ad hoc documentation outside that system may not. Information collected to satisfy external reporting obligations falls outside PSWP protections regardless of where it is stored.

Quality leaders need clear, written policies on where events enter the system. Without them, documentation decisions can inadvertently place data outside the protected channel. ADN’s patient safety event reporting application routes documentation directly into the PSES from the point of entry, removing the ambiguity that ad hoc decisions create.

Audit question: “Where does the initial event narrative enter your system?” If staff can document events outside the PSO channel, protection can be compromised.

#2. Internal Sharing Practices

PSWP should remain within the defined patient safety event system unless it is shared through an approved disclosure pathway under the Patient Safety Act and Patient Safety Rule. Informal distribution, inconsistent committee routing, or sharing outside the PSES workflow can create avoidable risk.

The operational control is a written PSES access policy that names approved reviewers by title, specifies which committees may receive PSO-protected findings, and prohibits informal routing outside those channels. ADN’s culture of safety survey can help Quality leaders assess whether staff at every level understand the boundaries of the PSO workflow and where education or policy reinforcement may be needed.

Audit question: “Who receives PSO-protected findings, and through what channel?” If the answer varies by event or by staff member, the sharing practice is not protected. Consistent, policy-governed routing is the standard, not the exception.

#3. Mixing Privileged and Non-Privileged Analysis

Pulling PSO-directed data out of the PSES to combine it with general QI analysis risks compromising protected status, even though it can look like a benchmarking benefit. This is a particularly common failure point because the mixing happens at the governance level, not at the point of data entry.

The fix is structural. Governance report templates should have a defined section for PSO-protected findings and a separate section for non-protected QI analysis, with a standing reminder that the two should never be merged into a single narrative or combined slide deck.

Audit question: “Do your governance reports distinguish between PSO-protected findings and non-protected QI analysis?” If not, the blended document may not be protected in its entirety.

What Does the Patient Safety Act Actually Protect?

Under the Patient Safety Act (PSA), qualifying information that is reported to a PSO, or assembled or developed within a provider’s patient safety evaluation system for reporting to a PSO, may become patient safety work product. PSWP receives federal privilege and confidentiality protections, and the Act generally bars it from being used in civil, criminal, administrative, or disciplinary proceedings except in limited circumstances allowed by the statute and rule. Information becomes PSWP upon collection, not upon submission to the PSO.

Several HHS clarifications shape what qualifies and what does not:

• Hospitals are permitted to maintain “duplicate systems”: one for information developed within a protected PSES for reporting to a PSO, and another for records used to demonstrate compliance with state or federal requirements, CMS specifies in a memorandum on PSWP and the Quality Assessment and Performance Improvement (QAPI) program.
• Data collected to comply with “external obligations” (such as state incident reporting and adverse drug events reported to the Food and Drug Administration) is expressly not PSWP.
• Hospitals do not have to disclose PSWP to surveyors acting on behalf of CMS, but they must still demonstrate compliance with CMS Conditions of Participation and other mandatory survey activities.
• Hospitals may voluntarily disclose PSWP to an accrediting body that accredits the provider, subject to Patient Safety Rule conditions. Accrediting bodies that receive PSWP under this provision may not further disclose it.

HHS guidance, along with OCR and AHRQ resources, can help Quality leaders understand how PSWP protections interact with external reporting obligations.

How Do You Keep PSO Privilege Protections Intact Over Time?

The answer is operational, not legal. Most hospitals already have a PSO relationship. What separates the ones with durable protection from the ones with quiet exposure is whether someone is periodically auditing the three workflow points above against actual practice. The three audit questions in this article are the place to start: where does the narrative enter, who receives PSO-protected findings, and do governance reports keep protected and non-protected analysis cleanly separated.

Periodic review of PSO workflows is the step many hospitals skip, and it is where exposure quietly accumulates. ADN’s Patient Safety Organization helps hospitals structure patient safety reporting in a way that supports PSQIA privilege and confidentiality protections, encourages more complete reporting through a confidentiality framework, and connects teams with patient safety expertise that makes the PSO relationship operationally meaningful. ADN also supports the broader patient safety infrastructure through a patient safety event reporting application, culture of safety surveys, and patient safety event reporting resources, giving Quality teams the structure to stop the same exposure from recurring.