Updates
Added by St. 2025, c. 16, § 19, effective November 5, 2025
Section 19 (Effective November 5, 2025)
(a)
Except as required by federal law, the connector shall not provide access to any data, including de-identified data or any other data that would allow the identification of a patient, applicant or provider, in response to an out-of-state or federal inquiry or investigation into services constituting legally-protected health care activity, as defined in section 11I1/2 of chapter 12.
(b)
The connector shall grant providers, provider organizations and public and private health care payers access to identifiable health information or other personally identifiable information of an individual solely for the purposes of carrying out treatment, payment, health care operations or its functions as a health insurance exchange.
(c)
The connector shall not disclose, disseminate, transfer or otherwise allow access to identifiable health information or other personally identifiable information of an individual for any purpose not expressly authorized by this chapter.
(d)
A recipient of de-identified or identifiable health information or other personally identifiable information of an individual patient or applicant shall not use such information to: (i) conduct a criminal, civil or administrative investigation into any individual patient; or (ii) impose criminal, civil or administrative liability on any individual patient.
Contact
Online
| Last updated: | August 7, 2025 |
|---|