1 Del. Admin. Code § 104-2.0
The following words and terms, when used in this regulation, have the following meaning unless the context clearly indicates otherwise:
"Approved User" means any person or organization that DHIN has authorized to view or access data from the Health Care Claims Database, including Delaware state agencies and DHIN itself.
"Claims Data" means Required Claims Data and any additional health care information that a voluntary reporting entity elects, through entry into an appropriate Data Submission and Use Agreement, to submit to the Delaware Health Care Claims Database.
"Clinical proxy data elements" means any health care information contained within Claims Data which describes a rendered clinical service, including but not limited to: procedure codes, diagnosis codes, dates and locations of clinical services, healthcare providers, and pharmacy data, and excludes Pricing Information.
"Collaborating State Agencies" means the Delaware Office of Management and Budget, State Employee Benefits Committee, Division of Public Health, Division of Medicaid and Medical Assistance, and their successors, if applicable any other agencies identified in 16 Del.C. § 10314(c).
"Community Health Record" or "CHR" means a searchable online portal that presents authorized users with a view of a patient's aggregated clinical data from all sources that contribute health data to DHIN. Access to patient records in the Community Health Record is on the basis of an established relationship between the patient and the end user for purposes of treatment, payment, operations and public health purposes, as those terms are defined in the HIPAA regulations, by patient consent or patient request, or otherwise as set forth in DHIN's enabling legislation and associated regulations. Patients can opt out of allowing their CHR data to be searchable by anyone who was not the ordering provider, but may not opt out of reporting required by law or regulation, such as, but not limited to, reporting of certain conditions to the Division of Public Health.
"Data Submission and Use Agreement" or "DSUA" means the agreement between the HCCD Administrator and the Reporting Entity describing the specific terms and conditions for data submission and use.
"Data Submission Guide" means the document providing the specific content, formats, timelines, data quality standards and other requirements for claims data submission, incorporated as Addendum One to the DSUA. It shall be established and maintained as a technical guidance document and substantively updated on an annual basis.
" De-identified data" means health information as defined in the HIPAA Privacy Rule, which is not considered PHI because it excludes the following direct and indirect patient identifiers:
* Direct Patient Identifiers
* Names;
* Telephone numbers;
* Fax numbers;
* Email addresses;
* Social security numbers;
* Medical record numbers;
* Health plan beneficiary numbers;
* Account numbers;
* Certificate/license numbers;
* Vehicle identifiers and serial numbers;
* Device identifiers and serial numbers;
* URL's;
* IP addresses;
* Biometric identifiers, including fingerprints;
* Full-face photographs;
* Any other unique identifying characteristic or code.
* Indirect Patient Identifiers
* All geographic subdivisions smaller than a state, except for the initial three digits of a zip code;
* All elements of dates (except year) for dates that are directly related to an individual, including birth date, admission date, discharge date, death date, and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older.
"HCCD Administrator" means the Delaware Health Information Network and its staff and any contractors that are responsible for collecting data submissions, providing secure production services and providing data access for approved users.
"Health Care Claims Database" or "HCCD" means the database and associated technology components maintained by DHIN and authorized under 16 Del.C. Ch. 103, Subchapter II.
"Health Care Claims Database Committee" (the "Committee") means the subcommittee established by the Delaware Health Information Network Board of Directors and governed by its by-laws that has the authority to determine when applications for Claims Data should be provided to a data requestor to facilitate the purposes of the enabling legislation, and such other duties as designated by the DHIN Board of Directors consistent with the enabling legislation.
"Health care services" means as defined in 18 Del.C. § 6403.
"Health Insurer" means as defined in 16 Del.C. § 10312.
"Identified data" means data that contains direct patient identifiers.
"Limited data set" means PHI that excludes 16 categories of direct identifiers and may be used or disclosed, for purposes of research, public health, or health care operations, without obtaining either an individual's authorization or a waiver or an alteration of authorization for its use and disclosure, with a data use agreement. The following data elements are removed from a limited data set:
* Names;
* Postal address information, other than town or city, state, and ZIP Code;
* Telephone number;
* Fax numbers;
* Electronic mail addresses;
* Social Security numbers;
* Medical record numbers;
* Health plan beneficiary numbers;
* Account numbers;
* Certificate/license numbers;
* Vehicle identifiers and serial numbers, including license plate numbers;
* Device identifiers and serial numbers;
* Web universal resource locators (URLs);
* Internet protocol (IP) address numbers;
* Biometric identifiers, including fingerprints and voiceprints;
* Full-face photographic images and any comparable images.
A limited data set may include:
* City, state, ZIP Code;
* Elements of dates;
* Other numbers, characteristics, or codes not listed as direct identifiers.
"Mandatory Reporting Entity" means the following entities, except as prohibited under federal law:
* The State Employee Benefits Committee and the Office of Management and Budget, under each entity's respective statutory authority to administer the State Group Health Insurance Program in 19 Del.C. Ch. 96, and any Health Insurer, Third Party Administrator, or other entity that receives or collects charges, contributions, or premiums for, or adjusts or settles health claims for, any State employee, or their spouses or dependents, participating in the State Group Health Insurance Program, except for any carrier, as defined in 29 Del.C. § 5290, selected by the State Group Health Insurance Plan to offer supplemental insurance program coverage under 29 Del.C. Ch. 52C.
* The Division of Medicaid and Medical Assistance, with respect to services provided under programs administered under Titles XIX and XXI of the Social Security Act.
* Any Health Insurer or other entity that is certified as a qualified health plan on the Delaware Health Insurance Marketplace for plan year 2017 or any subsequent plan year.
* Any federal health insurance plan providing Health Care Services to a resident of this State, including Medicare fee for service, Medicare Part C/Medicare Advantage and Medicare Part D Prescription Drug plans and the Federal Employees Health Benefits Plan.
"Member" means individuals, employees, and dependents for which the Reporting Entity has an obligation to adjudicate, pay or disburse claims payments. The term includes covered lives. For employer-sponsored coverage, Members include certificate holders and their dependents. This definition includes all members of the State Group Health Insurance Program regardless of state of residence.
"Pricing Information" means any information referring to prices charged or paid, and includes the pre-adjudicated price charged by a Provider to a Reporting Entity for Health Care Services, the amount paid by a Member or insured party, including co-pays and deductibles, and the post-adjudicated price paid by a Reporting Entity to a Provider for Health Care Services.
"Protected health information" or "PHI" means individually identifiable health information as defined in the HIPAA Privacy Rule.
"Provider" means a hospital, facility, or any health care practitioner licensed, certified, or authorized under State law to provide Health Care Services and includes hospitals and health care practitioners participating in group arrangements, including accountable care organizations, in which the hospital or health care practitioners agree to assume responsibility for the quality and cost of health care for a designated group of beneficiaries.
"Re-disclosure" means the publication, distribution or other dissemination of Claims Data released to an Approved User using any medium and in any format, context or structure.
"Reporting Entity" means either a Mandatory Reporting Entity or a Voluntary Reporting Entity.
"Required Claims Data" as authorized under 16 Del.C. § 10312(8) means the required data containing records of member eligibility, medical services claims and pharmacy claims as specified in the Data Submission Guide.
"Voluntary Reporting Entity" means any of the following entities that has chosen to submit or has been instructed to submit data at the request of an employer or client and enters into a Data Submission and Use Agreement, unless such entity is a Mandatory Reporting Entity:
* Any Health Insurer.
* Any Third Party Administrator not otherwise required to report.
* Any entity, which is not a Health Insurer or Third Party Administrator, when such entity receives or collects charges, contributions, or premiums for, or adjusts or settles health care claims for, residents of this State.
1 Del. Admin. Code § 104-2.0