Current through Register Vol. XLI, No. 50, December 13, 2024
Section 65-28-4 - Permissible Purposes for Health Information Exchange4.1. The placement of appropriate limits upon health information exchange shall minimize the potential for misuse or abuse of protected health information, thereby enhancing patient and participating organization confidence in the health information exchange process. Accordingly, the permissible purposes for which protected health information may be disclosed and used through the Network shall be limited by the Network. Permissible purposes may include treatment, emergency treatment, payment, health care operations, public health reporting, or any other purpose specifically authorized by federal and state laws or rules, or regulations, or approved by the Network.4.2. Absent a permissible purpose, no person or participating organization shall seek the disclosure of protected health information through the Network's health information exchange.4.3. A participating organization may submit an inquiry to the Network for the protected health information of a patient for a permissible purpose if it has a relationship to the patient sufficient to justify the permissible purpose. For example, a participating organization may submit an inquiry for treatment purposes when the participating organization is actually involved in the treatment of the patient. The Network shall implement a master patient index and a record locator function to identify which participating organizations possess protected health information responsive to an inquiry.4.4. A participating organization may submit a point-to-point transaction for a permissible purpose if it has a relationship to the patient sufficient to justify the permissible purpose. For example, a participating organization treating a patient may order and receive the patient's laboratory tests results in the form of a clinical message from another participating organization or data supplier.