CERTIFICATION OF ENROLLMENT

SENATE BILL 6329

Chapter 158, Laws of 1998

55th Legislature

1998 Regular Session

DISCLOSURE OF HEALTH CARE INFORMATION WITHOUT PATIENT AUTHORIZATION--INVESTIGATIONS BY COUNTY CORONERS AND MEDICAL EXAMINERS

EFFECTIVE DATE: 6/11/98

Passed by the Senate February 12, 1998

YEAS 48 NAYS 0

BRAD OWEN

President of the Senate

Passed by the House March 4, 1998

YEAS 97 NAYS 0

CERTIFICATE

I, Mike O=Connell, Secretary of the Senate of the State of Washington, do hereby certify that the attached is SENATE BILL 6329 as passed by the Senate and the House of Representatives on the dates hereon set forth.

CLYDE BALLARD

Speaker of the

House of Representatives

MIKE O'CONNELL

Secretary

Approved March 25, 1998

FILED

March 25, 1998 - 4:44 p.m.

GARY LOCKE

Governor of the State of Washington

Secretary of State

State of Washington

AN ACT Relating to disclosure of health care information without patient's authorization; and amending RCW 70.02.050.

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF WASHINGTON:

Sec. 1. RCW 70.02.050 and 1993 c 448 s 4 are each amended to read as follows:

(1) A health care provider may disclose health care information about a patient without the patient's authorization to the extent a recipient needs to know the information, if the disclosure is:

(a) To a person who the provider reasonably believes is providing health care to the patient;

(b) To any other person who requires health care information for health care education, or to provide planning, quality assurance, peer review, or administrative, legal, financial, or actuarial services to the health care provider; or for assisting the health care provider in the delivery of health care and the health care provider reasonably believes that the person:

(i) Will not use or disclose the health care information for any other purpose; and

(ii) Will take appropriate steps to protect the health care information;

(c) To any other health care provider reasonably believed to have previously provided health care to the patient, to the extent necessary to provide health care to the patient, unless the patient has instructed the health care provider in writing not to make the disclosure;

(d) To any person if the health care provider reasonably believes that disclosure will avoid or minimize an imminent danger to the health or safety of the patient or any other individual, however there is no obligation under this chapter on the part of the provider to so disclose;

(e) Oral, and made to immediate family members of the patient, or any other individual with whom the patient is known to have a close personal relationship, if made in accordance with good medical or other professional practice, unless the patient has instructed the health care provider in writing not to make the disclosure;

(f) To a health care provider who is the successor in interest to the health care provider maintaining the health care information;

(g) For use in a research project that an institutional review board has determined:

(i) Is of sufficient importance to outweigh the intrusion into the privacy of the patient that would result from the disclosure;

(ii) Is impracticable without the use or disclosure of the health care information in individually identifiable form;

(iii) Contains reasonable safeguards to protect the information from redisclosure;

(iv) Contains reasonable safeguards to protect against identifying, directly or indirectly, any patient in any report of the research project; and

(v) Contains procedures to remove or destroy at the earliest opportunity, consistent with the purposes of the project, information that would enable the patient to be identified, unless an institutional review board authorizes retention of identifying information for purposes of another research project;

(h) To a person who obtains information for purposes of an audit, if that person agrees in writing to:

(i) Remove or destroy, at the earliest opportunity consistent with the purpose of the audit, information that would enable the patient to be identified; and

(ii) Not to disclose the information further, except to accomplish the audit or report unlawful or improper conduct involving fraud in payment for health care by a health care provider or patient, or other unlawful conduct by the health care provider;

(i) To an official of a penal or other custodial institution in which the patient is detained;

(j) To provide directory information, unless the patient has instructed the health care provider not to make the disclosure;

(k) In the case of a hospital or health care provider to provide, in cases reported by fire, police, sheriff, or other public authority, name, residence, sex, age, occupation, condition, diagnosis, or extent and location of injuries as determined by a physician, and whether the patient was conscious when admitted.

(2) A health care provider shall disclose health care information about a patient without the patient's authorization if the disclosure is:

(a) To federal, state, or local public health authorities, to the extent the health care provider is required by law to report health care information; when needed to determine compliance with state or federal licensure, certification or registration rules or laws; or when needed to protect the public health;

(b) To federal, state, or local law enforcement authorities to the extent the health care provider is required by law;

(d) Pursuant to compulsory process in accordance with RCW 70.02.060.

(3) All state or local agencies obtaining patient health care information pursuant to this section shall adopt rules establishing their record acquisition, retention, and security policies that are consistent with this chapter.