(1) The authority may initiate a random audit to ensure compliance with data release requirements. A data requestor may not be subject to a random audit more frequently than once every three years.
(2) The authority may initiate an audit of a data supplier or data requestor upon notice that one of the following events has occurred:
(a) Reports from the data vendor that there is a material change, without justification or a reasonable basis for the change provided by the data supplier, in the number of claims submitted from a data supplier. Before submitting a report under this subsection, the data vendor should have worked with the data supplier to cure any inadvertent data submission issues.
(b) Reports from the data vendor that certain types of claims are missing for a data supplier.
(c) Notice that the data requestor or data user is publishing data in reports that are not compliant with data use agreements. Violations of the data use agreements are subject to penalties in accordance with the process set forth in this chapter.
(d) Notice that the data requestor or data user is publishing PFI or PHI not in compliance with state or federal requirements.
(e) Other occurrence that could indicate that the data supplier or data requestor is not in compliance with the requirements in law or rule regarding the WA-APCD.
[Statutory Authority: RCW
41.05.021,
41.05.160 and
43.371.020. WSR 20-08-059, § 182-70-705, filed 3/25/20, effective 4/25/20. WSR 19-24-090, recodified as § 182-70-705, filed 12/3/19, effective 1/1/20. Statutory Authority: RCW
43.371.070. WSR 18-22-095, § 82-75-705, filed 11/5/18, effective 12/6/18.]