Statutes, codes, and regulations
District Of Columbia Administrative Code
Title 29 - PUBLIC WELFARE
Chapter 29-87 - DISTRICT OF COLUMBIA HEALTH INFORMATION EXCHANGE
Rule 29-8700 - GENERAL PROVISIONS

D.C. Mun. Regs. tit. 29, r. 29-8700

Download
PDF
Current through Register Vol. 71, No. 49, December 6, 2024
Rule 29-8700 - GENERAL PROVISIONS
8700.1

This chapter governs the establishment of the District of Columbia's Health Information Exchange ("HIE"), the registration and designation of HIE entities in the District by the Department of Health Care Finance ("DHCF") that opt to participate in the DC HIE and sets forth requirements to maintain the privacy and security of health information exchanged by a registered or designated HIE entity.

8700.2

This chapter sets forth requirements for participation in the DC HIE by registered and designated HIE entities, in order to:

(a) Ensure the privacy and security of protected health information ("PHI") accessed, used, or disclosed through a registered or designated HIE entity, including protections for the Secondary Use of PHI obtained, accessed, or released through a registered or designated HIE entity;
(b) Govern the access, use, maintenance, and disclosure of PHI through or by a registered or designated HIE entity;
(c) Improve access to clinical records by treating providers and participating organizations in the District;
(d) Promote interoperable exchange of health information;
(e) Ensure registered and designated HIE entities in the District adhere to District requirements and nationally recognized operating standards; and
(f) Govern the DC HIE infrastructure and consumer services developed for implementation by registered and designated HIE entities participating in the DC HIE.
8700.3

DHCF shall provide ongoing monitoring to ensure compliance with criteria for registration and designation of HIE entities in a manner consistent with this chapter.

8700.4

Registered and designated HIE entities are subject to the following requirements:

(a) The Health Insurance Portability and Accountability Act of 1996, including all pertinent regulations (45 CFR Parts 160 and 164) issued by the U.S. Department of Health and Human Services, as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), ( Pub. L. No. 111-5, Title XIII, 123 Stat. 226 (2009));
(b) The Health Breach Notification Rule, 16 CFR Part 318, adopted by the Federal Trade Commission pursuant to the HITECH Act;
(c) The District's "Consumer Protection Procedures Act," effective July 22, 1976 (D.C. Law 1-76; D.C. Official Code §§ 28-3901et seq.);
(d) Federal regulations governing Confidentiality of Alcohol and Drug Abuse Patient Records under 42 CFR Part 2;
(e) The District's "Mental Health Information Act of 1978," effective March 3, 1979 (D.C. Law 2-136; D.C. Official Code §§ 7-1201.01et seq.); and
(f) All other applicable District and federal laws and regulations governing the use, access, maintenance, and disclosure of health information.

D.C. Mun. Regs. tit. 29, r. 29-8700

Final Rulemaking published at 65 DCR 8346 (7/19/2019)