To the Editor: There is danger of a perception developing that, to ensure patient confidentiality, quality assurance (QA) activities in health care should be regarded as research. The Australian Law Reform Commission (ALRC) has delivered proposals for the review of the federal Privacy Act 1988 (Cwlth) that may lead to all but the most basic monitoring of health care activities being characterised as research.1 Recommendation 65–3 emphasises that “research” should include “the compilation or analysis of statistics” and the ALRC also stated that “some funding, management, planning, monitoring, improvement and evaluation activities also may be characterised as research”. This drives the possibility for policy interpretation of QA activities into the realm of research necessitating ethics approval and/or informed consent, rather than retaining the current level of exemption. Australian governments are crying out for increased transparency to improve safety, but labelling QA activities as formal research could seriously compromise and retard patient safety efforts.

A key to enabling optimal patient safety is the implementation of evidence by practitioners competent in judgement, skill and knowledge within an environment characterised by leadership and adequate resources (for example, through morbidity and mortality meetings and clinical audits).2 Implementing clinical monitoring (eg, antibiotic use, so essential to optimal outcomes and to minimising antibiotic resistance) requires audit of patients’ files. Improvement in current practices requires scientific, planned, data-driven study with ongoing review, which includes elements that could easily be characterised as research. If these activities and resultant quality improvement efforts are now regarded as research, their progress may be impeded.

It should be considered unethical not to act on established evidence. It would be dangerous to label as research surveillance and QA activities that are designed to ensure implementation of such evidence, even if they fall within the broad definition of research. Patient privacy and confidentiality must be managed within a transparent regulatory framework without impeding safety mechanisms with research frameworks that would inevitably lead to delays and increased costs, as well as seriously discouraging staff from implementing them. These effects are well documented overseas where the enactment of similar privacy rules relating to the use of patient information has resulted in detrimental unintended consequences.3,4

Work undertaken to discover new and better evidence needs to be regarded as research, not work to ensure that established evidence-based practice is properly implemented. Herein lies the difference.

Although the National Health and Medical Research Council (NHMRC) provides advisory guidelines,5,6 the proposed privacy (health information) regulations to be developed by the Office of the Privacy Commissioner1 will provide the legal basis for the use of health information. The public benefit of QA activities with appropriate privacy management and regulation that avoids designation as research requires strenuous championing during development of the regulations to ensure continued improvement in patient safety.