Section 332-I:3 Use and Disclosure of Protected Health Information; Health Information Exchange.

NEW HAMPSHIRE STATUTES AND CODES

Section 332-I:3 Use and Disclosure of Protected Health Information; Health Information Exchange.

   I. Except as provided in paragraph VI, a health care provider or a business associate of a health care provider may disclose an individual's protected health information and information about the location of the individual's medical records to a health information exchange. Only a health care provider, for purposes of treatment, may have access to protected health information in a health information exchange.
   II. A health information exchange shall adhere to the protected health information requirements for health care providers in state and federal law.
   III. A health information exchange shall maintain an audit log of health care providers who access protected health information, including:
      (a) The identity of the health care provider accessing the information;
      (b) The identity of the individual whose protected health information was accessed by the health care provider;
      (c) The date the protected health information was accessed; and
      (d) The area of the record that was accessed.

[Paragraph IV shall take effect upon the date provided by 2009, 318:5; see ""Applicability; Certification'' note below.]

   IV. A health information exchange shall be certified, when federal certification standards are established, to be in compliance with nationally accepted interoperability standards and practices.
   V. No person shall require a health care provider to participate in a health information exchange as a condition of payment or participation.
   VI. An individual shall be given an opportunity to opt out of sharing his or her name and address and his or her protected health care information through a health information exchange.

Source. 2009, 318:4, eff. Jan. 1, 2010.