New Mexico Administrative Code
Title 7 - HEALTH
Chapter 1 - HEALTH GENERAL PROVISIONS
Part 31 - STATEWIDE HEALTH CARE CLAIMS DATABASE
Section 7.1.31.8 - STATEWIDE ALL-PAYER CLAIMS DATABASE-DUTIES-CONTRACT WITH DATA VENDOR
Universal Citation: 7 NM Admin Code 7.1.31.8
Current through Register Vol. 35, No. 18, September 24, 2024
A. Duties of the department:
(1) The department
shall establish a statewide all-payer claims database to support transparent
public reporting of health care information. The database must improve
transparency to: assist patients, providers, and hospitals to make informed
choices about care; enable providers, hospitals, and communities to improve by
benchmarking their performance against that of others by focusing on best
practices, enable purchasers to identify value, build expectations into their
purchasing strategy, and reward improvements over time; and promote competition
based on quality and cost. The database must systematically collect all medical
claims for covered medical services, pharmacy claims, dental claims, member
eligibility and enrollment data, and provider data with necessary identifiers
from private and public payers, with data from all settings of care that permit
the systematic analysis of health care delivery.
(2) The department shall convene
subcommittees to the HIS advisory committee with the approval of the secretary,
including:
(a) a subcommittee on data policy
development;
(b) a subcommittee to
establish a data release process consistent with the requirements of this rule
and to provide advice regarding formal data release requests. The advisory
subcommittees must include in-state representation from key providers,
hospitals, public health and health maintenance organizations, large and small
private purchasers, consumer organizations, and the two largest carriers
supplying claims data to the database; and
(c) other subcommittees as needed.
B. Duties of the department in contract with data vendor:
(1) The department will conduct, or may
engage a data vendor to perform, data collection, processing, aggregation,
extracts, and analytics. The department or data vendor must:
(a) establish a secure data submission
process with data providers;
(b)
review data submitters' files per standards established by the
department;
(c) assess each
record's alignment with established format, frequency, and consistency
criteria;
(d) maintain
responsibility for quality assurance, including, but not limited to:
(i) the completeness, accuracy and validity
of data provider's data;
(ii)
accuracy of dates of service spans;
(iii) maintaining consistency of record
layout and counts; and
(iv)
identifying duplicate records;
(e) assign unique identifiers, as defined in
this rule, to individuals represented in the database;
(f) ensure that direct patient identifiers,
indirect patient identifiers, and proprietary information are released only in
compliance with federal and state privacy laws and the terms of applicable
confidentiality requirements;
(g)
demonstrate internal controls and affiliations with separate organizations as
appropriate to ensure safe data collection, security of the data with state of
the art encryption methods, actuarial support, and data review for quality
assurance;
(h) store data in a
manner compliant with the federal Health Insurance Portability and
Accountability Act and regulations, with access to the data strictly controlled
and limited to staff with appropriate training, clearance, and background
checks; and
(i) maintain state of
the art security standards for transferring data to approved data
requestors.
(2) The data
vendor must submit detailed descriptions to the department's chief information
security officer to ensure robust security methods are in place.
(3) The department is responsible for
internal governance, management, funding, and operations of the database. The
department shall work with the data vendor to:
(a) collect claims data from data providers
as provided in this rule;
(b)
design data collection mechanisms with consideration for the time and cost
incurred by data providers and others in submission and collection and the
benefits that measurement would achieve, ensuring the data submitted meet
quality standards and are reviewed for quality assurance;
(c) ensure protection of collected data and
store and use of data in a manner that protects patient privacy and complies
with this section. All patient-specific information must be secured with
required standard encryption algorithms;
(d) consistent with requirements of this
rule, make information from the database available as a resource for public and
private entities, including carriers, employers, providers, hospitals, and
purchasers of health care;
(e)
report performance on cost and quality pursuant to this rule.
(f) develop protocols and policies, including
prerelease review by any entity identified by the department , to ensure the
quality of data releases and reports;
(g) the department may not charge providers
or data providers fees other than fees directly related to requested
reports.
Disclaimer: These regulations may not be the most recent version. New Mexico may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.