§ 5-37.7-8. Security.
The HIE must be subject to at least the following security procedures:
(1) Authenticate the recipient of any confidential healthcare information disclosed by the HIE pursuant to this chapter pursuant to rules and regulations promulgated by the department;
(2) Limit authorized access to personally identifiable confidential healthcare information to persons having a need to know that information; additional employees or agents may have access to de-identified information;
(3) Identify an individual or individuals who have responsibility for maintaining security procedures for the HIE;
(4) Provide an electronic or written statement to each employee or agent as to the necessity of maintaining the security and confidentiality of confidential healthcare information, and of the penalties provided for in this chapter for the unauthorized access, release, transfer, use, or disclosure of this information; and
(5) Take no disciplinary or punitive action against any employee or agent for bringing evidence of violation of this chapter to the attention of any person.
History of Section.
P.L. 2008, ch. 171, § 2; P.L. 2008, ch. 466, § 2; P.L. 2009, ch. 310, § 33; P.L. 2021,
ch. 362, § 1, effective July 12, 2021; P.L. 2021, ch. 364, § 1, effective July 12,
2021.