SB 537 - Under this act, a participant in a health information network may disclose, access, or use individually identifiable information through the network in accordance with this act and the federal Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH); provided, that an individual has the right to opt out of having his or her identifiable information accessible or delivered through the network. A health information network shall implement policies governing privacy and security of individually identifiable information accessible or delivered through the network. Participants shall maintain a written notice of privacy practices for the network, and shall post such practices on their publicly accessible website. A health information network shall not be considered a health care provider under this act and shall not be subject to liability for damages or costs arising out a civil action related to rendering of or failure to render health care services. Participants and staff, officers, and members of the board of directors of a health information network shall not be liable in actions for damages or costs, as described in the act. Individually identifiable information received from participants and accessed through a network under this act shall not be subject to discovery or subpoena and no health information network or participant shall be compelled by a request for production, subpoena, court order, or otherwise, to disclose individually identifiable information received from another participant.
This act is similar to SB 1049 (2020).
SARAH HASKINS