§8707. Public access to data
(CONTAINS TEXT WITH VARYING EFFECTIVE DATES)
(WHOLE SECTION TEXT EFFECTIVE UNTIL CONTINGENCY: See PL 2013, c. 528, §12)
The board shall adopt rules to provide for public access to data and to implement the requirements of this section. [1995, c. 653, Pt. A, §2 (NEW); 1995, c. 653, Pt. A, §7 (AFF).]
1. Public access; confidentiality. The board shall adopt rules making available to any person, upon request, information, except privileged medical information and confidential information, provided to the organization under this chapter as long as individual patients are not directly or indirectly identified through a reidentification process. The board shall adopt rules to protect the identity of certain health care practitioners, as it determines appropriate, except that the identity of practitioners performing abortions as defined in section 1596 must be designated as confidential and must be protected. Rules adopted pursuant to this subsection are major substantive rules as defined in Title 5, chapter 375, subchapter II-A.
[ 2001, c. 457, §14 (AMD) .]
2. Notice and comment period. The rules must establish criteria for determining whether information is confidential clinical data, confidential financial data or privileged medical information and adopt procedures to give affected health care providers and payors notice and opportunity to comment in response to requests for information that may be considered confidential or privileged.
[ 2003, c. 469, Pt. C, §27 (AMD) .]
3. Public health studies. The rules may allow exceptions to the confidentiality requirements only to the extent authorized in this subsection.
A. The board may approve access to identifying information for patients to the department and other researchers with established protocols that have been approved by the board for safeguarding confidential or privileged information. [2001, c. 457, §15 (AMD).]
B. The rules must ensure that:
(1) Identifying information is used only to gain access to medical records and other medical information pertaining to public health;
(2) Medical information about any patient identified by name is not obtained without the consent of that patient except when the information sought pertains only to verification or comparison of health data and the board finds that confidentiality can be adequately protected without patient consent;
(3) Those persons conducting the research or investigation do not disclose medical information about any patient identified by name to any other person without that patient's consent;
(4) Those persons gaining access to medical information about an identified patient use that information to the minimum extent necessary to accomplish the purposes of the research for which approval was granted; and
(5) The protocol for any research is designed to preserve the confidentiality of all health care information that can be associated with identified patients, to specify the manner in which contact is made with patients and to maintain public confidence in the protection of confidential information. [2001, c. 457, §15 (AMD).]
C. The board may not grant approval under this subsection if the board finds that the proposed identification of or contact with patients would violate any state or federal law or diminish the confidentiality of health care information or the public's confidence in the protection of that information in a manner that outweighs the expected benefit to the public of the proposed investigation. [2001, c. 457, §15 (AMD).]
[ 2001, c. 457, §15 (AMD) .]
4. Certain confidential information. The board may determine financial data submitted to the organization under section 8709 to be confidential information if the public disclosure of the data will directly result in the provider of the data being placed in a competitive economic disadvantage. This section may not be construed to relieve the provider of the data of the requirement to disclose such information to the organization in accordance with this chapter and rules adopted by the board.
[ 2011, c. 524, §4 (AMD) .]
5. Rules for release, publication and use of data. The rules must govern the release, publication and use of analyses, reports or compilations derived from the health data made available by the organization.
[ 1995, c. 653, Pt. A, §2 (NEW); 1995, c. 653, Pt. A, §7 (AFF) .]
1995, c. 653, §A2 (NEW). 1995, c. 653, §A7 (AFF). 1999, c. 353, §§12,13 (AMD). 2001, c. 457, §§14,15 (AMD). 2003, c. 469, §C27 (AMD). 2007, c. 466, Pt. A, §44 (AMD). 2011, c. 524, §4 (AMD). 2013, c. 528, §12 (AFF). 2013, c. 528, §8 (RP).