Statutes, codes, and regulations
West Virginia Administrative Code
Agency 65 - Health Care AuthorityTitle 65 - LEGISLATIVE RULE HEALTH CARE AUTHORITY
Series 65-28 - West Virginia Health Information Network Rule
Section 65-28-10 - User Authentication

W. Va. Code R. § 65-28-10

Download
PDF
Current through Register Vol. XLI, No. 50, December 13, 2024
Section 65-28-10 - User Authentication
10.1. To optimize the privacy and security of its health information exchange, the Network shall ensure that an authorized user's identity is properly authenticated each time the exchange is accessed. The Network shall establish a system by which each participating organization shall implement minimum requirements for authentication information unique to each authorized user in accordance with industry standards and specifications.
10.2. The Network and the participating organizations shall place strict controls upon the use of authentication information. An authorized user to whom authentication information is assigned shall not share his or her authentication information with any other individual.
10.3. An authorized user shall immediately report any loss or misuse of his or her authentication information to the participating organization or to the Network, as applicable.
10.3.a. The Network and the participating organization's site may lock out the affected authorized user from accessing the health information exchange; and
10.3.b. This lock out shall be terminated only after an authorized user's identity is verified, and new authentication information has been approved for the authorized user in question.

W. Va. Code R. § 65-28-10