Current through Register Vol. 28, No. 3, September 1, 2024
3.1
HCCD data may be released to a person or organization for purposes of:
3.1.1 Promoting and improving public
health;
3.1.2 Advancing the "Triple
Aim" of improving health, improving health care quality and experience, and
improving affordability;
3.1.3
Providing information to effectively manage risk for the health needs of a
population.
3.2 The DHIN
may provide HCCD data or data access at the following levels of detail, per the
procedures established in this Regulation:
3.2.1 De-identified data
3.2.2 Limited data sets
3.2.3 Identified data
3.3 Except as otherwise specified in this
Regulation, all requests for HCCD data or data access shall require completion
of a written data request application that describes the intended purpose and
use or uses of the data, the justification for the data request, and the
security and privacy measures that will be used to safeguard the data and
prevent unauthorized access to or use of the data as well as such other
acknowledgments as may be included on the application. Exceptions to this rule
include:
3.3.1 DHIN may incorporate HCCD
clinical proxy data elements into the Community Health Record for purposes of
treatment and care coordination, without a written application or Committee
review.
3.3.2 DHIN may make HCCD
clinical proxy data elements available to the Members to whom they apply
without a written application or Committee review. Members may access their
health data by enrolling in DHIN's Personal Health Record on the DHIN website
at
www.DHIN.org.
3.4 The Committee shall review submitted data
request applications pursuant to business rules established by the Committee
consistent with Section
4.0 below and the HCCD's enabling
legislation. Exceptions to this rule include:
3.4.1 Requests from Reporting Entities for
their own data will not require Committee review.
3.4.2 Collaborating State Agencies may access
HCCD data without Committee review by entering into an interagency agreement
with the DHIN. The allowable uses of Claims Data by Collaborating State
Agencies will be posted on DHIN's web site for public transparency. The
interagency agreement shall include but not be limited to the following:
3.4.2.1 Confirmation that the Collaborating
State Agency will conform to DHIN's confidentiality and data security protocols
and all applicable state and federal laws relating to the privacy and security
of PHI;
3.4.2.2 Confirmation that
the Collaborating State Agency will abide by re-disclosure requirements as
specified in Section
6.0 of this
regulation.
3.4.3
Requests from Providers for their own data, as submitted by Reporting Entities,
will not require Committee review.
3.4.4 Applications for de-identified data may
be eligible for expedited review.
3.5 DHIN will post an annual summary of
disclosures on its website.
