Health Current maintains various policies and procedures on how HIE Participants may use the data within the HIE. These policies and procedures are reviewed and approved by the Health Current Board of Directors. Health Current may also use health information provided by HIE Participants as required by law and as necessary to perform services for healthcare providers, health plans and others participating with Health Current. The most current policies and procedures are listed below and can be downloaded for review.
On January 26, 2021, the Health Current Board of Directors approved changes to Health Current Policy to address the new federal Information Blocking Rule, which took effect on April 1, 2021. Now consolidated into a health information exchange (HIE) Policy Manual, the following policies describe Health Current and Participants’ responsibilities for accessing data and making data available through the HIE. These updates are aimed at improving the functionality of the Health Current HIE and ensuring compliance with state and federal laws and regulations. Click here to review the new HIE Policy Manual.
The individual policies and brief summaries of the documents in the HIE Policy Manual are below:
Definitions Policy – consolidates definitions used throughout the HIE Policy Manual into a single reference.
Data Submission Policy – ensures that Data made accessible by Data Suppliers through the HIE is accessible in accordance with Applicable Law. Revised to remove prohibition against sending genetic information due to amendment of ARS 12-2802.
HIE Notice and Opt Out Policy – combines two existing policies into one to explain Health Current and Participant responsibilities around providing individuals a copy of the Notice of Health Information Practices and the opportunity to opt out.
Permitted Use Policy – describes the specific purposes for which Participants may access Data through the HIE in accordance with Applicable Law and within the technical and operational framework that Health Current and its Participants can reasonably support. Revised to expand limited healthcare operations use case as required by the new Information Blocking Rule.
Minimum Necessary Standard Procedure – describes when the HIPAA minimum necessary standard applies and how to satisfy its requirements. Revised to establish clear process for responding to requests for data to comply with the new Information Blocking Rule.
Information Blocking Policy – supports Health Current’s and Participants’ commitment to facilitating the timely access, exchange and use of electronic health information (EHI) in compliance with Applicable Law. Outlines the exceptions described in the new Information Blocking Rule.
Individual Rights Policy – describes how Health Current and Participants will work together to honor individual rights (e.g., right to request copy of data available, accounting of disclosures) with respect to Data that is accessible through the HIE.
HIE Security and Maintenance Policy – describes the security and maintenance practices that are reasonable and necessary to protect the confidentiality, integrity, and availability of Data, and to maintain and improve the performance of the HIE.
Health Current Information Security Requirements – highlights some of Health Current’s Information Security Requirements for our Participants using our services.