FINAL BILL REPORT

ESB 5258

 

C 16 L 01

Synopsis as Enacted

 

Brief Description:  Regulating disclosure of health care information.

 

Sponsors:  Senators Costa, Winsley, Franklin, Thibaudeau and Kohl‑Welles.

 

Senate Committee on Health & Long‑Term Care

House Committee on Health Care

 

Background:  Medical personnel and others are relying upon fax machines and other computer and electronic equipment that store fax numbers for the communication of private and personal medical information, like lab test results, prescriptions, and treatment recommendations.  The equipment does not check to make sure the fax number is correct or current.  It is not uncommon for medical records with individually identifiable sensitive medical history to be faxed to the wrong person or business.

 

Recent federal privacy provisions enacted under the Health Insurance Portability and Accountability Act (HIPAA) regulate the communication of electronically transmitted health care information.  The HIPAA provisions preempt only state law that is not more protective of individual privacy interests.  The HIPAA provisions are similar to current state law requirements that require a release before confidential medical information is disclosed.  Neither HIPAA nor the state health care provisions have specialized duties that pertain to faxing health care information in a certain manner.

 

Summary:  Health care providers must take reasonable safeguards for the security of health care information by making sure fax number records are current, and verifying the accuracy of a fax number prior to transmission.

 

A negligent violation of the confidentiality statutes for sexually transmitted disease information is defined to include sending the protected information to an incorrect number when the sender should have known the number was wrong.

 

Votes on Final Passage:

 

Senate461

House     92 0

 

Effective:  July 22, 2001