CMS’s Patient Safety Structural Measure: Forcing Hospitals to Look Behind the Curtain
THE BACKGROUND
In August, CMS published the final version of a new Patient Safety Structural Measure (PSSM) designed to hardwire patient safety and safety culture improvement into healthcare organizations.[1] For now, it applies to acute care hospitals (except critical access) and cancer hospitals. On a recent national call about the new measure, attendees described it as a burden; some said it was overwhelming, and others described it as daunting. Clearly, it came as a surprise to many healthcare organizations.
To be blunt, it shouldn’t have. The reaction to the new PSSM somewhat flummoxes us at CPS. None of the required structural components is particularly new or different from recommendations circulating in patient safety circles for at least a decade. We also truly believe that many providers have more pieces in place than they think they do; they just need to focus their efforts and tweak them for compliance.
A movie analogy seems the best way to express our reaction to the situation.
Recall The Wizard of Oz. An itinerant salesman finds himself in a new land where the people believe he is all-powerful because he fell out of the sky. His magic tricks impress them, but only the wizard himself knows that he isn’t really exercising any special ability. Late in the movie, Toto pulls back the curtain that hides his “control room,” exposing the wizard’s showmanship for what it is—at best ineffective and at worst fake. He might have made people feel better, but he didn’t do anything.
Folks who follow recent patient safety outcome research know that twenty-five years after To Err is Human, we haven’t significantly improved our patients’ safety. The proposed PSSM, published in May, referred to all that research, concluding that in most situations, patient safety has been like the Wizard, with lots of smoke and flashy things but not a lot of substance. [2],[3] In the movie, the Wizard ultimately helps Dorothy get home and gives her companions exactly what they need, but not until he drops his façade and they face the truth together. It’s time for hospitals to get out from behind the curtain, roll up their sleeves and do the hard work.
“What?” you say. “How can the Center for Patient Safety suggest our efforts have no substance? We work so hard!” Hint: So did the Wizard, and he accomplished a few things. But his attempts to accomplish actual change fell flat until he accepted a new reality. And so it is with our patient safety work. CMS is betting that our failure arises in part because we have never built structure around patient safety and given it a secure home. Kathleen Sutcliffe, one of the originators of high reliability thinking, refers to safety in its current form as a “transient monolith” that moves within organizations and is vulnerable to competing priorities.[4]
We have watched report after report since 2019 argue that the healthcare system has failed to move the needle on patient safety. (Most looking at pre-pandemic care.) We increase a few metrics and reduce a few categories of events, but the studies that dive deeply into whether our patients are safe bring disturbing news. Experts like Kathleen Sutcliffe and others like Martin Hatlie and Hardeep Singh, who have long championed safety, write about their disappointment.[5] And more recently, there have been clear signs that the federal government, disturbed by the status quo, is looking for ways to “help.”[6],[7],[8]
So we have the PSSM. Please hang on while we argue that it isn’t all that new and it shouldn’t be hard.
What does it require? Reporting starts in calendar 2025, and the hospitals’ responses will appear in CMS’s facility COMPARE information in 2026. Hospitals that DO NOT REPORT will encounter reduced payment in FY 2027. However, reimbursement only depends on reporting, not the adoption of the measures. To report compliance with a domain, the hospital must attest to the satisfaction of all five conditions for that domain. The public reports will indicate which domains the hospital has mastered. The commentary that accompanies the rule clearly states:
[T]he activities in the Patient Safety Structural measure are voluntary safety initiatives. While we recognize that a hospital's performance on the measure may impact the hospital's reputation through public reporting, this reputational impact is a means of encouraging the voluntary adoption of safety-related best practices.[9]
With almost a year before the first reporting deadline, there is time. Because the measure looks at structure and policy (not outcomes), compliance is entirely under the organization’s control. While some items will represent a change and others are controversial, none should be a complete surprise.
THE DETAILS
The measure outlines five domains, each with five items that require attestation for “full credit.”
The first domain addresses “Leadership Commitment to Eliminating Preventable Harm.” CPS has taught about safety culture since its founding in 2005, and every program has led off with a discussion about the importance of a genuine leadership commitment to safety. We have visited organizations with “Safety is a Core Value” emblazoned in their value statement. Process improvement programs have always stressed the importance of executive/C-Suite sponsorship for meaningful work. Safety culture surveys ask about leadership support for safety. So, the general concept of leadership involvement shouldn’t be a hard lift. There are some specific reporting requirements--for example, the Governing Board must spend 20% of its time addressing patient and workforce safety and safety culture. But isn’t taking care of patients what we do? And if our leadership at all levels isn’t focused on making things safer for patients and staff, aren’t we wizards pulling cords and speaking via a projected head?
The second domain lists some specific expectations for integrating safety into planning and policy, as well as education about patient safety for everyone. Workforce safety gets a mention here as well. The attestation also requires that the organization address safety concerns that are important to the populations served. Indeed, much of this is familiar. So far, the most controversial part of this domain is the requirement for a stated goal of “zero harm.” Many patient safety advocates believe a zero-harm goal controverts a proper understanding of safety. Nonetheless, we can all agree that, at least theoretically, zero harm would be good and go from there.
The first few items in the third domain (Culture of Safety and Learning Health Systems) also reflect activities that should be familiar. Regular safety culture surveys give an objective view of how the staff feels about safety and the culture in the organization, and they have been a requirement from other organizations for years. Root cause analysis is challenging sometimes, but it isn’t new and should be part of any robust safety program. While the requirement for a safety metrics dashboard is new, most organizations likely have some version of that. This domain lists several specific practices, and an organization needs to implement four of them to “check the box” for that attestation item. None is new, and they include safety huddles, leader rounding, and data-based measurements related to safety that allow tracking--which must be shared with senior leadership. Nothing new here.
The third domain’s last attestation item addresses the ongoing concern at the federal level that healthcare providers too frequently do safety in siloes without the benefit of industry-wide learning.[10] It requires “participat[ion] in large-scale learning network(s)” in which participants share data on safety events or outcomes and that the organization “has implemented at least one best practice from the network or collaborative.” We suspect that every Tom, Dick, and Harry will offer a large-scale learning opportunity and that facilities’ biggest challenge will be choosing one that is effective for them.
The fourth domain, Accountability and Transparency, fully embraces the concept of Patient Safety Organizations (PSOs) but also emphasizes transparency within an organization by requiring that safety metrics be tracked and internally reported. The measure would bring information about harm events to staff, patients, and families by requiring a communication and resolution program like CANDOR. (The CANDOR toolkit is available from AHRQ).[11] Because accountability matters, the hospital must track its activities in this program and report them to the governing board. These are not new concepts; many resources exist to help hospitals implement them.[12]
One constituency worked strenuously for the implementation of this rule: patient and family advocates. The fifth domain requires their integration into the patient safety process with access to essential information. Again, these concepts have already been emphasized in work by hospital associations via state Patient and Family Advisory Councils (PFACs),[13] through laws that require medical record access, and by standards that require language interpreters as needed. Incorporating family and caregivers into care team communication, while logistically challenging, has been demonstrated to increase safety by improving communication.[14] Viewed in that light, it may be less disruptive than other safety measures designed to achieve the same goals.
After Toto exposed the Wizard, everyone gathered to assess the situation. The Wizard, without all his flashy stuff, could see that the Scarecrow, Lion, and Tin Man had, through their own journeys, achieved most of what they wanted. And in the end, Dorothy also had what she needed. “You don’t need to be helped…you’ve always had the power to go back,” says Glinda the good witch. All she needed was her ruby slippers and an earnest determination to go home.
CPS looks forward to working with hospitals as they discover that they have the power, and the tools are available. We just need earnest determination.
Footnotes
[1]https://qualitynet.cms.gov/files/66ac085486c07e0c5ec5e930?filename=PSSM_Specs_073124.pdf. CMS also published an attestation guide: https://qualitynet.cms.gov/files/66ac08646a3d89e3e32733c4?filename=PSSM_AttestationGuide_073124.pdf
[2] Federal Register / Vol. 8opppppoi9, No. 86 / Thursday, May 2, 2024, P. 36284. https://www.govinfo.gov/content/pkg/FR-2024-05-02/pdf/2024-09470.pdf
[3] For a great example of smoke and flashy things, check out a recent publication of the American Hospital Association, “New Analysis Shows Hospitals Improving Performance on Key Patient Safety Measures Surpassing Pre-Pandemic Levels.” The report equates mortality statistics with improved patient safety and trumpets minor improvement on a few metrics. https://www.aha.org/system/files/media/file/2024/09/New-Analysis-Shows-Hospitals-Performance-on-Key-Patient-Safety-Measures-Surpassing-Pre-pandemic-Levels.pdf
[4] Vogus T, Sutcliffe K, and Weick K, “Doing No Harm: Enabling, Enacting, and Elaborating a Culture of Safety in Health Care, Perspectives (Academy of Management), November 2010 P. 60-77, 62.
[5] Wears R and Sutcliffe K, Still Not Safe: Patient Safety and the Middle-Managing of American Medicine, Oxford University Press (2019); Hemmelgarn C, Hatlie M, Sheridan S, and Ullem BD, “Who Killed Patient Safety,” Journal of Patient Safety and Risk Management Vol. 27(2): 56-68 (2022); Bates D and Singh H, “Two Decades Since To Err Is Human: An Assessment of Progress and Emerging Priorities in Patient Safety,” Health Affairs 37(11), 1736-1743 (2018).
[6] President’s Council of Advisors on Science and Technology, “Report to the President: A Transformation Effort on Patient Safety” (September 2023), P. 7-8: “Despite significant efforts made by dedicated health professionals, agencies, and organizations, uniform, nationwide implementation of many of these known solutions has lagged.”
[7] Proposed PSSM Rule, Federal Register / Vol. 89, No. 86 / May 2, 2024, P. 36284:
“[P]rogress has been slow, and preventable harm to patients in the clinical setting resulting in significant morbidity and mortality remains common. A recent systematic analysis of literature concluded that preventable mortality among inpatients results in approximately 22,165 preventable deaths annually… In another recent study, researchers identified adverse events in almost one-quarter of admissions and showed that more than one-fifth were deemed preventable and almost one-third were considered serious (that is, caused harm that required intervention or prolonged recovery).” Accessed at: https://www.govinfo.gov/content/pkg/FR-2023-05-01/pdf/2023-07389.pdf
[8] Both the PCAST report and the PSSM lean heavily on this report/plan: Safer Together: A National Action Plan to Advance Patient Safety. Boston, Massachusetts: Institute for Healthcare Improvement; 2020. https://www.ihi.org/national-action-plan-advance-patient-safety
[9] The commentary accompanying the final rule has not been published in a paginated version of the Federal Register, so no page reference is available.
[10] A number of patient safety advocacy organizations argue for the creation of a federal agency that would function like the Federal Aviation Administration, with significant central control. See information about the proposed National Patient Safety Board at: https://npsb.org/ The PSSM seems like a much more moderate attempt to keep safety learning in the open.
[11] https://www.ahrq.gov/patient-safety/settings/hospital/candor/index.html
[12] Full disclosure: CPS is a PSO and offers safety culture surveys. For those who want to look elsewhere, AHRQ has a list of all listed PSOs on its website and open source surveys. https://pso.ahrq.gov/pso/listed
[13] For example, the Missouri Hospital Association has a statewide group and also supports local PFACs. https://web.mhanet.com/partnerships/patient-family-advisory-council.
[14] Sandvoss, “Embracing Caregivers Patient-Centered Rounds” https://internalmedicine.wustl.edu/embracing-caregivers-patient-centered-rounds/