Washington Administrative Code
Title 182 - Health Care Authority
ALL PAYER HEALTH CARE CLAIMS DATABASE
Chapter 182-70 - All payer health care claims database
DATA REQUESTS AND RELEASE PROCEDURES
Section 182-70-280 - Reasons to decline a request for data

Universal Citation: WA Admin Code 182-70-280

Current through Register Vol. 24-24, December 15, 2024

The lead organization may decline a request for data for any of the following reasons:

(1) The requestor has violated a data use agreement, nondisclosure agreement or confidentiality agreement within three years of the date of request.

(2) Any person, other than the requestor, who will have access to the data has violated a data use agreement, nondisclosure agreement or confidentiality agreement within three years of the date of request.

(3) The requestor or any person other than the requestor, who will have access to the data, within the five years prior to the data request date, been subject to a state or federal regulatory action related to a data breach and has been found in violation and assessed a penalty, been a party to a criminal or civil action relating to a data breach and found guilty or liable for that breach, or had to take action to notify individuals due to a data breach for data maintained by the data requestor or for which the data requestor was responsible for maintaining in a secure environment.

(4) The proposed privacy and security protections in the data management plan on the date the data is requested are not sufficient to meet Washington state standards. The protections must be in place on the date the data is requested. For out-of-state requestors, meeting the standards in the state where the requestor or data recipient is located is not acceptable if those standards do not meet those required in Washington state.

(5) The information provided is incomplete or not sufficient to approve the data request.

(6) The proposed purpose for accessing the data is not allowable under WA-APCD statutes, rules or policies, or other state or federal statutes, rules, regulations or federal agency policy or standards for example the Department of Justice Statements of Antitrust Enforcement Policy in Health Care.

(7) The proposed use of the requested data is for an unacceptable commercial use or purpose. An unacceptable commercial use or purpose includes, but is not limited to:

(a) A requestor using data to identify patients using a particular product or drug to develop a marketing campaign to directly contact those patients; or

(b) A requestor using data to directly contact patients for fund-raising purposes; or

(c) A requestor intends to contact an individual whose data is released; or

(d) Sells, gives, shares or intends to sell, give or share released data with another entity or individual not included in the original application for the data and for which approval was given.

Statutory Authority: Chapter 43.371 RCW. WSR 16-22-062, § 82-75-280, filed 11/1/16, effective 12/2/16.

Disclaimer: These regulations may not be the most recent version. Washington may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.