Unintended effects associated with clinical interventions.

Data Element
Adverse Event
Description (*Please confirm or update this field for the new USCDI version*)

A change to patient condition that could be an unintended effect of clinical interventions.

Applicable Vocabulary Standard(s)

Applicable Standards (*Please confirm or update this field for the new USCDI version*)
  • SNOMED Clinical Terms® (SNOMED CT®) U.S. Edition

View guidance on Applicable Vocabulary Standards and versioning.
Submitted By: Mitra Rocca / Food and Drug Administration
Data Element Information
Data Element Description An adverse event is any undesirable experience associated with the use of a medical product in a patient.
A serious adverse event or reaction is any untoward medical occurrence that at any dose resulting in:
Death
Life-threatening
Hospitalization (initial or prolonged)
Disability or Permanent Damage
Congenital Anomaly/Birth Defects
Other Serious or Important Medical Events
Required Intervention to Prevent Permanent Impairment/Damage
Rationale for Separate Consideration These specific outcomes are not currently present.
Use Case Description(s)
Use Case Description Capture serious adverse events outcomes from EHR systems.
Estimate the breadth of applicability of the use case(s) for this data element Any healthcare provider
Link to use case project page https://www.fda.gov/safety/reporting-serious-problems-fda/what-serious-adverse-event
Healthcare Aims
  • Improving patient experience of care (quality and/or satisfaction)
  • Improving the health of populations
  • Improving provider experience of care
Maturity of Use and Technical Specifications for Data Element
Applicable Standard(s) SNOMED CT
(e.g., Life-threatening severity)
snomed.org
Additional Specifications HL7 FHIR Release 5.0
Current Use In limited use in test environments only
Extent of exchange 2-3
Supporting Artifacts Comment Level – used only in connect-a-thons of small pilots
Tested at the IHE Connectathon

Potential Challenges
Restrictions on Standardization (e.g. proprietary code) none
Restrictions on Use (e.g. licensing, user fees) none
Privacy and Security Concerns none
Estimate of Overall Burden It might be captured in clinical notes with an EHR system.
ASTP Evaluation Details
Each submitted Data Element has been evaluated based on the following criteria. The overall Level classification is a composite of the maturity based on these individual criteria. This information can be used to identify areas that require additional work to raise the overall classification level and consideration for inclusion in future versions of USCDI
Criterion #1
Maturity - Current Standards		 Level 2 - Data element is represented by a terminology standard or SDO-balloted technical specification or implementation guide.
Criterion #2
Maturity - Current Use 		Level 2 - Data element is captured, stored, or accessed in multiple production EHRs or other HIT modules from more than one developer.
Criterion #3
Maturity - Current Exchange		 Level 2 - Data element is electronically exchanged between more than two production EHRs or other HIT modules of different developers using available interoperability standards.
Criterion #4
Use Case(s) - Breadth of Applicability		 Level 2 - Use cases apply to most care settings or specialties.

Comment

Submitted by SuzyRoy on

Support for vocabulary standard designation

SNOMED International supports ONC's designation of SNOMED CT U.S. Edition as an applicable vocabulary standard for the Adverse Event data element. SNOMED CT clinical finding hierarchy provides a comprehensive, pre-coordinated terminology for adverse event documentation, including 281647001 |Adverse reaction (disorder)| with thousands of specific subtypes covering drug reactions, vaccination reactions, and procedure-related adverse events. This aligns with the 21st Century Cures Act's mandate for interoperable health data exchange and supports HL7 FHIR-based adverse event reporting profiles used in ONC-certified systems.

 

SNOMED International recommends that ONC strengthen SNOMED CT designation from 'applicable' to 'required' for Adverse Event, to prevent implementation fragmentation. The SNOMED CT to MedDRA bidirectional mapping (updated annually) enables downstream translation to the FDA MedWatch and FAERS pharmacovigilance systems, creating a unified clinical-to-regulatory reporting pathway. 

Submitted by AQIPS on

Adverse Event Data Class and Data Elements are Excluded from EHI

April 8, 2026

 

Via electronic submission through the Interoperability Standards Platform

 

Thomas Keane, MD, MBA

National Coordinator for Health Information Technology

Office of the National Coordinator for Health Information Technology

U.S. Department of Health and Human Services

330 C Street, SW

7th Floor

Washington, DC 20201

 

Re: United States Core Data for Interoperability (USCDI) – Draft Version 7 (Draft USCDI v7) – Adverse Event, Adverse Event Outcomes and USCDI+ Quality Codes for Adverse Events

 

Dear Dr. Keane, 

 

The Alliance for Quality Improvement and Patient Safety (AQIPS) appreciates the opportunity to provide additional information concerning the USCDI code for Adverse Event and Adverse Event outcome as well as the USCDI+ quality codes concerning adverse events for medical care.  During the USCDI v.7 Information Session on Friday, February 3, ASTR representatives asked whether adverse events for medical care had ever been collected  in  medical records. The answer is No, adverse events, that is defined as unintended effects associated with clinical interventions (other than clinical trials) have never been held in the medical record.  Adverse events (i.e., patient safety activity records) are privileged and confidential and prohibited from being placed in the medical record under federal law, the Patient Safety and Quality Improvement Act of 2005 (42 U.S.C. 299b-21 et seq.).  Patient Safety Activity Records (42 U.S.C. 299b-21(5)) are not electronic health information (EHI) and therefore, are not subject to interoperability.   As a result, we urge ASTR to remove all definitions and codes for adverse events for medical care from the USCDI.  AQIPS is the not for profit professional association for over seventy (70) federally Listed Patient Safety Organizations (PSOs) created pursuant to the Patient Safety and Quality Improvement Act of 2005 (42 U.S.C. 299b-21 et seq., the Patient Safety Act) and their healthcare provider members.  As you know, research is showing that patient safety activities are improving the quality of patient care delivery and reducing patient harm. PSOs and healthcare providers develop “provider-driven voluntary opportunities for improving patient safety for breakthroughs in our understanding of how best to improve safety.”  Patient Safety and Quality Improvement, Proposed Rule, 73 Fed. Reg. 8114. 

 

 

The ONC/ASTR website states that the goal of defining USCDI codes for adverse events for medical care is to create “AI driven patient safety monitoring.”  However, AI driven adverse event monitoring is beyond the scope of the authority granted to ASTR/OCR under the 21st Century Cures Act.  The final rule implementing the 21st Century Cures Act makes clear that the information that is subject to interoperability is information generated in a clinical treatment area.  The proposal to create USCDI codes for AI driven patient safety monitoring by pulling adverse event information from the Patient Safety Evaluation System (PSES) and/or risk management software that is outside of the medical record and is not Electronic Health Information (EHI) is exactly what the final rule prohibits.  Moreover, Congress has never authorized the mandatory collection of adverse events concerning general medical care for patient safety monitoring through by any federal agency.  

 

Congress carefully constructed the Patient Safety Act, a privacy law, to balance the need for providers to have confidentiality protections for event reports and self-critical analysis, and the need for accountability.  Importantly, the Patient Safety Act privilege permits the disclosure of privileged information using a permitted disclosure to regulators and patients and does not hide healthcare providers who consistently provide substandard care – this information is in original records, such as clinical care information in medical records and never events in billing records, which are not covered under the Patient Safety Act. The Patient Safety Act is designed to provide a nationally uniform privilege for reports, analysis, best practices and conversations in a PSES to allow healthcare providers to learn from mistakes and other quality information to improve patient safety, patient outcomes and the quality of patient care. In the case of adverse events related to general medical care, federal and state law give protections to adverse event data and analysis to allow providers to investigate and analyze events to develop solutions and improve without litigation or reputational harm as a matter of public policy. The protections are necessary to create a safety culture, so that providers are willing to report and learn from events so that the same adverse events do not occur over and over in hospitals across the country for the benefit of patients. 

Concerning state law for those facilities that are not working with a PSO, most states have laws that protect adverse event reports from disclosure to permit healthcare providers to analyze and learn from the event without fear of discovery in legal actions.  In many states, including California, under common law and case law, all adverse events are created under attorney client privilege in anticipation of litigation and therefore would be categorically exempt from being placed in the medical record under the privacy exception (45 C.F.R. § 171.202).  For every adverse event, every hospital and medical provider would have to consider whether by making the event public in the EHR they would have to prepare for additional litigation.  Under the 21st Century Cures Act rulemaking, each case must be individually considered and documented before the exemption can be applied using policies and procedures developed for this purpose.  Moreover, the goal of collecting adverse events cannot be achieved because the exemption will result in a patchwork of reporting across states with few, if any, adverse events ultimately being considered EHI because of state laws or the fact that the risk of litigation will be exponentially increased.  Additionally, the documentation for the exemption will be extremely burdensome for hospitals in states that do not categorically exempt adverse events under attorney client privilege and will raise costs exponentially.

The Center for Disease Control's (CDC’s) National Healthcare Safety Network (NHSN), which tracks healthcare association infections (HAIs) is different than monitoring adverse events associated with medical care.  Hospital-acquired infections (HAIs) are generally contagious and thus fall with CDC’s – a public health agency - jurisdiction to prevent the spread of infectious diseases.  All of the information needed to report to the CDC NHSN database is in the EHR and therefore is part of the designated record set, is EHI and is interoperable.  The diagnosis, symptoms and signs information are in the medical record and can be transmitted via FHIR using USCDI codes to the CDC NHSN system.   Adverse event report information related to medical care does not originate from a clinical setting - the event reports are created in a PSES, an investigation and RCA occur, or, when using triggers to pull complications and deaths, nurses and doctor determine outside of the EHR but within the PSES that the patient harm was caused or contributed to by a medical intervention.  Under the Patient Safety Act, this information is prohibited from disclosure except under certain regulatory permissions and is prohibited from being held in a medical record (42 U.S.C. 299b-21(7)(b) and 22(b)).  As a matter of law, “patient safety activity records” (including adverse events related to general medical care) are categorically excluded from being a designated record set as defined in 45 CFR 164.501 and therefore are categorically excluded from the definition of Electronic Health Information (EHI).  Additionally, patient safety activity records are privileged and confidential under Federal privacy law (42 USC 299b-21 et seq.).  As a result, failure to share adverse events and adverse event outcomes is not information blocking.  Additionally, ASTR’s proposal to define adverse event, adverse event outcome, adverse event recorded time, adverse event category, adverse event suspect entity and adverse event degree of harm as EHI, violates HIPAA, the Patient Safety Act and the Administrative Procedures Act (contrary to law).

Please let us know should ASTR have additional questions or require additional information. 

Sincerely yours,

Peggy Binzer

AQIPS Executive Director and General Counsel

Submitted by jay.lyle@jpsys.com on

The term "Adverse Event" is ambiguous

This term is ambiguous. Discussions based on this term invariably spend significant time clarifying the ambiguity.

In the world of pharmacovigilance, an adverse event is any negative effect on the patient, irrespective of confidence that it was caused by a product or by care generally.

In the world of patient care, an adverse event is any care provision error that could harm the patient or other person, irrespective of whether harm actually occurs.

USCDI can help alleviate confusion by addressing that ambiguity head on, clearly, and concisely. 

E.g, 
A negative effect on a patient during a clinical trial or a care provision error that may result in a negative effect on a patient or other person.
This requirement addresses two different use cases, patient care and pharmacovigilance, and these cases use the term “adverse event” to mean different things. The Pharmacovigilance 'event' is the impact on the patient: any adverse effect on the patient is reported, whether it seems to be directly related to the product or service under review or not. The Patient Care 'event' is the care provision error: it is reported whether the patient was affected or not. If a care provision error has a negative impact on a study participant, there are two distinct events.
or
A negative effect on a patient during a clinical trial, irrespective of perceived cause. This requirement does not include care provision errors that do not harm patients.
or 
A care provision error that may result in a negative effect on a patient or other person. This requirement does not include negative effects on patients in clinical trials that do not result from errors.

This definition will affect, among other things, the definition of Adverse Event Outcome.

Sources defining Adverse Event as harm to a patient 
https://www.fda.gov/Safety/MedWatch/HowToReport/ucm053087.htm
Sources defining Adverse Event as a care provision act
https://psnet.ahrq.gov/glossary/error
 

Submitted by AQIPS on

Draft USCDI Data Element Adverse Event and Adverse Event Outcome

Re:  Draft USCDI+ and USCDI v7, Data Class and Data Elements:  Adverse Events, Adverse Event Outcomes, Adverse Event Recorded Time, Adverse Event Category, Adverse Event Suspected Entity and Adverse Event Degree of Harm are Categorically Excluded from Electronic Health Information (EHI) and therefore FHIR interoperability. Dear Dr. Keane:

The Alliance for Quality Improvement and Patient Safety (AQIPS) appreciates the opportunity to comment on the Draft USCDI+ Quality Version 1 (January 2026) data elements: “adverse event,” “adverse event recorded time,” “adverse event category,” “adverse event suspect entity” and “adverse event degree of harm” and the draft USCDI v7 “Adverse Events” data class, which includes “adverse event” and “adverse event outcomes.”  AQIPS is the not for profit professional association for over seventy (70) federally Listed Patient Safety Organizations (PSOs) created pursuant to the Patient Safety and Quality Improvement Act of 2005 (42 U.S.C. 299b-21 et seq., the Patient Safety Act) and their healthcare provider members.  As you know, research is showing that patient safety activities are improving the quality of patient care delivery and reducing patient harm. PSOs and healthcare providers develop “provider-driven voluntary opportunities for improving patient safety for breakthroughs in our understanding of how best to improve safety.”  Patient Safety and Quality Improvement, Proposed Rule, 73 Fed. Reg. 8114.  Toward this end, the PSO community along with their healthcare providers have developed innovative programs - including national safe-tables, peer-audit programs, best practice development collaboratives - and strategies to connect the healthcare continuum to revolutionize patient safety practice and to allow healthcare providers to confidentiality talk to each other to improve the quality of patient care. 

As more fully discussed below, the New Data Class: Adverse Events (Adverse 

Event; Adverse Event Outcome) and the adverse event data elements cannot be accessed from the medical record, are categorically excluded from the definition of  electronic health information (EHI), and therefore are excluded from interoperability, the exchange of electronic health information.  

1. The New Data Class: Adverse Events (Adverse Event; Adverse Event Outcome) and the Adverse Event Data elements as defined by ASTR cannot be identified in the medical record because hospitals must analyze the adverse event using “patient safety activities” to determine whether an adverse event is associated with medical care.  As a matter of law, “patient safety activity records” are categorically excluded from being a designated record set as defined in 45 CFR 164.501 and therefore are categorically excluded from the definition of Electronic Health Information (EHI). Additionally, Patient safety activity records are privileged and confidential under Federal privacy law (42 USC 299b-21 et seq.).  As a result, failure to share adverse events and adverse event outcomes is not information blocking.  Additionally, ASTR’s proposal to define adverse event, adverse event outcome, adverse event recorded time, adverse event category, adverse event suspect entity and adverse event degree of harm as EHI, violates HIPAA, the Patient Safety Act and the Administrative Procedures Act (contrary to law). 

As defined by ASTR, an “adverse event” that is “harm to a patient resulting from medical care rather than the underlying disease that requires additional monitoring, treatment or hospitalization” cannot be identified in the electronic health record (EHR) because hospitals must assess whether a complication is caused by or associated with medical care or the underlying disease. This causal analysis (e.g, root cause analysis or RCA) is conducted outside of the medical record and is a Patient Safety Activity (42 U.S.C. 299b-21(5)) or other risk management or peer review process.  The 21st Century Cures Act mandates standards for easier, secure sharing of electronic health information (EHI).  In this regard, under 21st Century Cures Act regulations, EHI is defined as electronic protected health information (EPHI) to the extent that it would be included in a designated record set (DRS) (42 C.F.R. 170.102). Patient safety activities are categorically excluded from a DRS (45 CFR 164.501), and therefore, patient safety activity records are outside of the definition of EHI and are not subject to interoperability under the 21st Century Cures Act.  The HHS final rule on information blocking, states concerning the scope of electronic health information:   

“We have adopted a focused definition of EHI in § 170.102.  For context purposes, the EHI definition is focused on ‘‘electronic protected health information as defined in 45 CFR 160.103 to the extent that it would be included in a designated record set as defined in 45 CFR 164.501’’ with additional caveats not repeated here for briefness. Put simply, the EHI definition represents the same ePHI that a patient would have the right to request a copy of pursuant to the HIPAA Privacy Rule. This is a regulatory concept with which the industry has nearly 20 years of familiarity. Health IT developers’ customer base includes health care providers who are HIPAA covered entities, and in many cases developers serve as HIPAA business associates to their covered-entity customers. Thus, health IT developers should be accustomed to identifying ePHI so that their products support appropriately securing it, the fulfillment of patient access requests, and the identification and reporting on breaches. They should, therefore, be well prepared to identify what EHI their product(s) would need to export in order to support a patient’s HIPAA right of access.”   

21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program, Office of the National Coordinator for Health Information Technology (ONC), Department of Health and Human Services (HHS), Final rule. 85 FR 25642, 25691 (May 1, 2020). 

According to the Office of Civil Rights, which is charged with enforcing HIPAA, “An individual does not have a right to access PHI that is not part of a designated record set because the information is not used to make decisions about individuals. This may include certain patient safety activity recordsor business planning, development, and management records that are used for business decisions more generally rather than to make decisions about individuals. For example, a hospital's peer review files or practitioner or provider performance evaluations, or a health plan's quality control records that are used to improve customer service or formulary development records, may be generated from and include an individual's PHI but might not be in the covered entity's designated record set and subject to access by the individual.”   

HHS Guidance, Health Information Privacy: Individuals’ Right under HIPAA to Access their Health Information 45 CFR § 164.524. https://www.hhs.gov/hipaa/forprofessionals/privacy/guidance/access/index.html (accessed May 23, 2023)(emphasis added).  

 

Patient safety activity records (under the Patient Safety Act, 42 U.S.C. 299-21(5)) are not part of the medical record (42 USC 299b-21(7)(a)), are excluded from HIPAA’s right to access regulations, are excluded from the definition of EHI and are privileged and confidential under the Patient Safety Act. The Patient Safety Act is a federal privacy statute designed in part to extend confidential peer review protections to all healthcare settings and healthcare professionals and collaborations to improve the quality of patient care through the confidential sharing of experiences and best practices among facilities using disclosure permissions (73 Fed. Reg. 8113 (Feb 2008)).  All fifty (50) states have peer review statutes to implement the strong public policy that protections are necessary for providers to implement quality/risk management system to enable healthcare organizations to identify patterns, implement preventive measures, and improve treatment protocols for the benefit of patients.  The Patient Safety Act’s strong, preemptive federal privilege and confidentiality (privacy) protections are intended to create a culture of safety by providing nationwide protection for comprehensive adverse event tracking across care settings, to permit self-critical patient safety analysis of quality and clinical information, and to allow for the learning and sharing of quality information to improve outcomes throughout the healthcare system.  Moreover, under the Patient Safety Act, Patient Safety Activity records cannot be part of the patient’s medical record (42 USC 299b-21(7)(b)).

  1. Congress designed the Patient Safety Act to allow healthcare providers to share adverse events and quality improvement best practices and protocols (e.g., a form of interoperability) to other providers to improve patient safety and the quality of patient care delivery under 42 CFR 299b-22(c)(2)(a) – Disclosures for Patient Safety Activities.  Healthcare Providers that use Patient Safety Act processes meet the goals that USDCI cannot, including to support comprehensive adverse event tracking across care settings, the exchange of adverse event information so that all members of a care team are aware of previous adverse events and analyzing and reducing preventable harm in healthcare delivery. 

 

The Patient Safety Act is a federal privacy statute designed in part to extend peer review protections to all healthcare settings, healthcare professionals and healthcare collaborations to improve the quality of patient care and permit the sharing of experiences and best practices among facilities (73 Fed. Reg. 8113 (Feb 2008)).  Congress created the Patient Safety Act to allow a form of interoperability for adverse events as well as patient safety and quality related information and best practices to be confidentially shared among healthcare providers using the Patient Safety Act’s disclosure permissions to be used to improve patient safety and the quality of healthcare delivery. Healthcare providers confidentially share patient safety activity records using the disclosure permission for patient safety activities for the benefit of patients.  CMS found PSOs so successful in improving patient safety and the quality of healthcare delivery that it requires hospitals to participate in PSO Patient Safety Activities as a proven best practice to improve patient safety in the Patient Safety Structural Measure.  The Patient Safety Act permits the disclosure of nonidentifiable information, which is not EHI and not subject to interoperability and FHIR. 

 

  1. The term  “Adverse event” is defined in FDA regulations. FDA requires an analysis to determine whether there is an association between the event and an FDA regulated product. Again, adverse event related to FDA regulated products cannot be identified in a medical record and the resulting evaluation is a “Patient Safety Activity Record” which is categorically exempt from EHI and is confidential but may be reported to the FDA through a Congressionally established disclosure permission. 

 

The term “Adverse event” is defined in FDA regulations and means that the unintended harm is associated with or caused an FDA regulated medical product (21 CFR 251.2; 21 CFR 803). ASTR’s materials state that “Adverse Event details a change to patient condition that could be an unintended effect of clinical interventions (such as medication reaction or vaccination reaction), providing essential information for patient safety monitoring and quality improvement activities. Adverse Event 

Outcome documents the patient’s clinical outcome resulting from an adverse event, with examples including hospitalized, recovered, recovered with sequelae, death.” FDA also has defined “serious adverse event” in 21 CFR 251.2(1).  Mandatory adverse event reports by device user facilities, including hospitals, are limited to medical device deaths (see 21 CFR 803(n)); a medical device reportable event is an event that user facilities become aware of that reasonably suggests that a device has or may have caused or contributed to a death.  Device and drug user facilities must report serious injury to the device/drug manufacturer or to the FDA if the manufacturer is unknown.      

In its medical device reporting guidance, FDA recognizes that adverse events must be investigated to determine whether the injury was associated with the  medical device.  According to FDA guidance, the event must be reviewed by the user facility, including a hospital.  FDA guidance states that a “Medical Device Reportable Event would not, and should not, be classified as a death unless the reporter believes the patient's cause of death was or may have been attributed to the device or the device was or may have been a factor in the death.”  (See FDA Guidance, Medical Device Reporting for User Facilities.)   This review is a risk management or patient safety activity that is outside of the medical record and is exempt from the definition of EHI).  Medication errors also need evaluation before a determination can be made whether the harm is associated with a pharmaceutical. (See 21 CFR 251.2).  Therefore, adverse events are not EHI, not interoperable. Reporting mechanisms other than FHIR must be used for the mandatory reporting of medical device adverse events.   

 

  1. Congress created a disclosure permission for providers and PSOs to disclose PSWP patient safety events that are required to be reported to the FDA under 21 CFR 801(n) so that all user facilities can comply with FDA reporting regulations and, more events can be reported after RCA evaluations.  Healthcare Providers and Patient Safety Organizations also report nonidentifiable reports to FDA about medical device failures as provided under the Patient Safety Act. 

PSOs have provided a substantial number of reports to FDA concerning Medical device reportable events and other adverse events related to FDA regulated pharmaceuticals and medical devices that would not otherwise be discovered and reported.  Under the Patient Safety Act, if during an investigation and root cause analysis (RCA) it is discovered that a medical device may have been the cause or contributing factor to the patient harm, the Patient Safety Act permits the user facility to report the discovered adverse event to FDA.  More specifically, any information about the safety of an FDA regulated product that is required to be reported to FDA that is PSWP can be disclosed to the FDA using the FDA disclosure permission under the Patient Safety Act (42 CFR 3.206(b)(7)(i)) and the information remains privileged and confidential.  To illustrate by example, a nurse told a story that a patient died and the causal factor was initially cited as failure to monitor.  The duty nurse was fired.  Upon conducting the Root Cause Analysis (RCA), the hospital learned that a medical device failed and this needed to be reported to the FDA (the nurse was rehired and graciously compensated). As the RCA, which is a patient safety activity record, was conducted within the hospitals Patient Safety Evaluation System, the findings with respect to the medical device/drug can be reported to the FDA through the Patient Safety Act disclosure permission (42 CFR 3.206(b)(7)(i)). Only upon conducting the RCA did the hospital learn that a medical device failed leading to the patient's death and this needed to be reported to the FDA - this PSWP could be reported to the FDA but not through the medical record because patient safety activity records the patient safety work product that it contains cannot be placed in the medical record (42 USC 299b-21(7)(a) and B),  is not EHI, is not interoperable information and the hospital cannot be subject regulatory penalties for information blocking.      

* * * * * 

Should you have any questions or require additional information, please contact me at pbinzer@allianceforqualityimprovement.org. 

Sincerely yours, 

Peggy Binzer,  

Executive Director and General Counsel  

AQIPS 

Submitted by AQIPS on

Adverse Event Data Class and Data Elements are Excluded from EHI

The  Draft USCDI+ and USCDI v7, Data Class and Data Elements:  “Adverse Events,” “Adverse Event Outcomes,” “Adverse Event Recorded Time,” “Adverse Event Category,” “Adverse Event Suspected Entity” and “Adverse Event Degree of Harm” are Categorically Excluded from Electronic Health Information (EHI) and therefore FHIR interoperability.  As more fully discussed in AQIPS’ written comments:

The New Data Class: Adverse Events (Adverse Event; Adverse Event Outcome) and the Adverse Event Data Elements as defined by ASTR cannot be identified in the medical record because hospitals must analyze the adverse event using “patient safety activities” to determine whether an adverse event is associated with medical care.  As a matter of law, patient safety activity records are categorically excluded from being a designated record set as defined in 45 CFR 164.501 and therefore are categorically excluded from the definition of Electronic Health Information (EHI) and interoperability.  Additionally, Patient safety activity records are privileged and confidential under Federal privacy law (42 USC 299b-21 et seq.).  As a result, failure to share adverse events and adverse event outcomes is not information blocking.  Additionally, ASTR’s proposal to define adverse event, adverse event outcome, adverse event recorded time, adverse event category, adverse event suspect entity and adverse event degree of harm as EHI, violates HIPAA, the Patient Safety Act and the Administrative Procedures Act (contrary to law). 

Congress designed the Patient Safety Act to allow healthcare providers to share adverse events and quality improvement best practices and protocols (e.g., a form of interoperability) to other providers to improve patient safety and the quality of patient care delivery under 42 CFR 299b-22(c)(2)(a) – Disclosures for Patient Safety Activities.  Healthcare providers using the Patient Safety Act processes meet the goals that USDCI cannot, including to support comprehensive adverse event tracking across care settings, the exchange of adverse event information so that all members of a care team are aware of previous adverse events and analyzing and reducing preventable harm in healthcare delivery. 

The term  “Adverse event” is defined in FDA regulations.  FDA requires an analysis to determine whether there is an association between the event and an FDA regulated product.  Again, adverse event related to FDA regulated products cannot be identified in a medical record and the resulting evaluation is a “Patient Safety activity record” which is categorically exempt from EHI and is confidential but would be reported to the FDA through a Patient Safety Act disclosure permission.

Congress created a disclosure permission for providers and PSOs to disclose PSWP patient safety events that are required to be reported to the FDA under 21 CFR 801(n) so that all user facilities can comply with FDA reporting regulations and, more events can be reported after RCA evaluations.  Healthcare Providers and Patient Safety Organizations also report nonidentifiable reports to FDA as provided under the Patient Safety Act.  Therefore, because PSOs are looking for harm, FDA is receiving more information about FDA regulated products than would otherwise be reported.

 

AQIPS Comments ASTR - ADVERSE EVENT.pdf

Log in or register to post comments

FormGuide

Help

1. Optional: Background Text / Cover Letter

The "Optional Background Text / Cover Letter" field provides space for additional context or introductory information related to your comment.

If you wish to provide context, explanation, or an introduction to your comment, enter this information in the field labeled "Optional Background Text / Cover Letter." This is entirely optional and is most useful when submitting multiple related comments or when additional background would help reviewers understand your feedback.

If you are only commenting on a single data class or element, you may leave this field blank.

2. Select the Data Class

To specify which data class your comment addresses:

  1. In the "Data Class" drop-down menu, select the appropriate data class you want to comment on.
  2. If you are providing a general comment that is not specific to a data element, select "General" from the options. Comments with this designation will be displayed on the USCDI landing page.
  3. Note that the Data Class field will automatically populate based on your current location in the platform:
    1. If you are on a data class page, the field will be set to that specific data class
    2. If you are on a data element page, the corresponding data class will be pre-selected
       

3. Select the Data Element

To specify which data element your comment addresses:

  1. In the "Data Element" drop-down menu, select the specific data element you want to comment on.
  2. The drop-down menu will display only the elements available under the data class you selected in the previous step.
  3. You can use the search function within the drop-down to quickly locate a specific data element.
  4. If you are commenting on the data class itself rather than a specific element, you may leave this field blank.

Note: Comments on a specific data element will appear on the respective data element page, while comments on a data class (without a specific element selected) will appear on the landing page for that data class.
 

Data Class and Data Element

Fig 1 The "Data Class" and "Data Element" dropdown menus allow users to specify the exact content they wish to comment on.

4. Optional: Propose New Data Class or Element

If you cannot find the appropriate data class or element for your comment:

  1. Instead of clicking the "Comment On An Existing Data Class Or Element" button, click the adjacent button labeled "Propose a New Data Class or Data Element."
  2. This will redirect you to the ONDEC (ONC New Data Element and Class) Submission System.
  3. In the ONDEC system, follow the provided instructions to submit your proposal for a new data class or element.
  4. Once your proposal is submitted through ONDEC, it will be reviewed separately from the commenting process.
Propose New Data Class or Element

Fig 2 The "Propose a New Data Class or Data Element" button redirects users to the ONDEC Submission System for proposing new data elements not currently available in the system.

5. Complete the Comment Form

Fill out the required fields in the comment form:

Subject: Enter a brief, descriptive title that summarizes your comment. This helps reviewers quickly understand the nature of your feedback.

Comment: In this field, provide the full details of your comment or feedback. Be as clear and specific as possible about your suggestions, concerns, or observations. Include any relevant details that support your position.

6. Optional: Add Additional Comments

If you need to comment on multiple data classes or elements:

  1. After completing your first comment, click the link labeled "Comment on another data element" at the bottom of the form.
  2. A new comment section will appear, allowing you to enter details for your additional comment.
  3. For each additional comment, you must select the appropriate data class and data element from the drop-down menus.
  4. Complete the Subject and Comment fields for your additional comment.
  5. Repeat this process for each additional comment you wish to submit.

Fig 3 The "Comment on another data element" link enables users to create multiple comments addressing different elements within a single submission.

7. Optional: Upload Supporting Files

The platform allows you to upload supporting documentation to enhance your comment:

  • Locate the "File Upload" section at the bottom of the comment form.
  • Click to upload any files (such as PDFs or documents) that provide additional context, evidence, or clarification for your comment.

Important: If you have already entered your comments using the form fields, there is no need to upload duplicate content in PDF format. The file upload feature is intended for supplementary materials only. Please avoid uploading files that contain the same information already provided in your comment text.

Upload Supporting Files

Fig 4 The "File Upload" section permits users to attach supporting documentation that supplements their written comments.

8. Optional: Save and Exit

If you need to pause your work and return to complete your comment later:

  1. Click the "Save and Exit" button at the bottom of the form.
  2. Your comment will be saved as a draft that you can access and complete later.
  3. When you return to the platform, you will see a red triangle with an exclamation mark next to the “Return to saved Comment” button, indicating that you have saved comments in draft status.
  4. Click this button to continue working on your draft.
  5. You will be taken to a review page where you can:
    1. Select "Submit Comment" to officially submit your feedback.
    2. Click "Edit" to return to the comment form and make changes
    3. Select "Discard Draft" to delete the saved draft and start fresh

Fig 5 A red triangle with exclamation mark indicator appears next to the “Return to saved Comment” button when draft comments are saved in the system.

9. Review and Submit

Once you have completed your comment:

  1. Click the "Review and Submit" button at the bottom of the form.
  2. This will take you to a review screen displaying your comment(s) in full.
  3. Review all information for accuracy and completeness.
  4. On this review screen, you have three options: 
    1. Click "Submit Comment" to officially submit your feedback
    2. Click "Edit" to return to the comment form and make changes
    3. Click "Discard Draft" to delete the comment and start fresh
  5. The review screen also includes a "Print" button that allows you to create a printed copy of your comments for your records. 
  6. If you choose to submit, your comment will be recorded in the system and made available for review by the appropriate stakeholders.
Review and Submit

Fig 6 The review screen allows users to verify comment content and make any necessary modifications before final submission.

USCDI Comments

Close

Add a New Comment

Review comment and Submit

Edit
Comment #1
PDF, Doc, Docx
Max Size : 10 MB