| |
| |
|
|
A BILL TO BE ENTITLED
|
|
|
AN ACT
|
|
|
relating to use of health information technology in this state; |
|
|
creating a criminal offense. |
|
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
|
SECTION 1. Title 4, Civil Practice and Remedies Code, is |
|
|
amended by adding Chapter 74A to read as follows: |
|
|
CHAPTER 74A. LIMITATION OF LIABILITY RELATING TO HEALTH |
|
|
INFORMATION EXCHANGES |
|
|
Sec. 74A.001. DEFINITIONS. In this chapter: |
|
|
(1) "Health care provider" means any individual, |
|
|
partnership, professional association, corporation, facility, or |
|
|
institution duly licensed, certified, registered, or chartered by |
|
|
this state to provide health care or medical care, including a |
|
|
physician. The term includes: |
|
|
(A) an officer, director, shareholder, member, |
|
|
partner, manager, owner, or affiliate of a physician or other |
|
|
health care provider; and |
|
|
(B) an employee, independent contractor, or |
|
|
agent of a physician or other health care provider acting in the |
|
|
course and scope of the employment or contractual relationship. |
|
|
(2) "Health information exchange" has the meaning |
|
|
assigned by Section 182.151, Health and Safety Code. The term |
|
|
includes: |
|
|
(A) an officer, director, shareholder, member, |
|
|
partner, manager, owner, or affiliate of the health information |
|
|
exchange; and |
|
|
(B) an employee, independent contractor, or |
|
|
agent of the health information exchange acting in the course and |
|
|
scope of the employment or contractual relationship. |
|
|
(3) "Physician" means: |
|
|
(A) an individual licensed to practice medicine |
|
|
in this state under Subtitle B, Title 3, Occupations Code; |
|
|
(B) a professional association organized by an |
|
|
individual physician or a group of physicians; |
|
|
(C) a partnership or limited liability |
|
|
partnership formed by a group of physicians; |
|
|
(D) a limited liability company formed by a group |
|
|
of physicians; |
|
|
(E) a nonprofit health corporation certified by |
|
|
the Texas Medical Board under Chapter 162, Occupations Code; or |
|
|
(F) a single legal entity authorized to practice |
|
|
medicine in this state owned by a group of physicians. |
|
|
Sec. 74A.002. LIMITATION ON LIABILITY OF HEALTH CARE |
|
|
PROVIDERS RELATING TO HEALTH INFORMATION EXCHANGES. (a) The use |
|
|
of, failure to use, or existence of a health information exchange |
|
|
does not establish a standard of care applicable to a health care |
|
|
provider for obtaining, using, or disclosing patient information. |
|
|
(b) Unless a health care provider acts with intent or gross |
|
|
negligence, the health care provider is not liable for any damages, |
|
|
penalties, or other relief related to: |
|
|
(1) the health care provider's or another health care |
|
|
provider's obtainment of or failure to obtain patient information |
|
|
from a health information exchange; |
|
|
(2) the health care provider's or another health care |
|
|
provider's disclosure of or failure to disclose patient information |
|
|
to a health information exchange; |
|
|
(3) the health care provider's or another health care |
|
|
provider's reliance on inaccurate patient information obtained |
|
|
from or disclosed by a health information exchange; or |
|
|
(4) the obtainment, use, or disclosure by a health |
|
|
information exchange, another health care provider, or any other |
|
|
person, in violation of federal or state law, of any patient |
|
|
information that the health care provider provided to a health |
|
|
information exchange or to another health care provider in |
|
|
compliance with the Health Insurance Portability and |
|
|
Accountability Act of 1996 (42 U.S.C. Section 1320d et seq.) and |
|
|
other applicable federal and state law. |
|
|
(c) Nothing in this section may be construed to create a |
|
|
cause of action or to create a standard of care, obligation, or duty |
|
|
that provides a basis for a cause of action. |
|
|
Sec. 74A.003. LIMITATION ON LIABILITY OF HEALTH INFORMATION |
|
|
EXCHANGES. (a) Unless a health information exchange acts with |
|
|
intent or gross negligence, the health information exchange is not |
|
|
liable for any damages, penalties, or other relief related to: |
|
|
(1) a health care provider's obtainment of or failure |
|
|
to obtain patient information from the health information exchange; |
|
|
(2) a health care provider's disclosure of or failure |
|
|
to disclose patient information to the health information exchange; |
|
|
(3) a health care provider's reliance on inaccurate |
|
|
patient information obtained from or disclosed by the health |
|
|
information exchange; or |
|
|
(4) the obtainment, use, or disclosure by a health |
|
|
care provider or any other person, in violation of federal or state |
|
|
law, of any patient information that was provided to the person by |
|
|
the health information exchange in compliance with: |
|
|
(A) the Health Insurance Portability and |
|
|
Accountability Act of 1996 (42 U.S.C. Section 1320d et seq.) and |
|
|
other applicable federal and state law; and |
|
|
(B) the health information exchange's policies. |
|
|
(b) Nothing in this section may be construed to create a |
|
|
cause of action or to create a standard of care, obligation, or duty |
|
|
that provides a basis for a cause of action. |
|
|
SECTION 2. Section 531.0162, Government Code, is amended by |
|
|
adding Subsections (e) and (f) to read as follows: |
|
|
(e) The executive commissioner shall ensure that: |
|
|
(1) all information systems available for use by the |
|
|
commission or a health and human services agency in sending |
|
|
protected health information to a health care provider or receiving |
|
|
protected health information from a health care provider, and for |
|
|
which planning or procurement begins on or after September 1, 2015, |
|
|
are capable of sending or receiving that information in accordance |
|
|
with the applicable data exchange standards developed by the |
|
|
appropriate standards development organization accredited by the |
|
|
American National Standards Institute; |
|
|
(2) if national data exchange standards do not exist |
|
|
for a system described by Subdivision (1), the commission makes |
|
|
every effort to ensure the system is interoperable with the |
|
|
national standards for electronic health record systems; and |
|
|
(3) the commission and each health and human services |
|
|
agency establish an interoperability standards plan for all |
|
|
information systems that exchange protected health information |
|
|
with health care providers. |
|
|
(f) Not later than December 1 of each even-numbered year, |
|
|
the executive commissioner shall report to the governor and the |
|
|
Legislative Budget Board on the commission's and the health and |
|
|
human services agencies' progress in ensuring that the information |
|
|
systems described in Subsection (e) are interoperable with one |
|
|
another and meet the appropriate standards specified by that |
|
|
subsection. |
|
|
SECTION 3. Section 81.044(a), Health and Safety Code, is |
|
|
amended to read as follows: |
|
|
(a) The board shall prescribe the form and method of |
|
|
reporting under this chapter, which may be in writing, by |
|
|
telephone, by electronic data transmission, through a health |
|
|
information exchange as defined by Section 182.151 if requested and |
|
|
authorized by the person required to report, or by other means. |
|
|
SECTION 4. Section 82.008(a), Health and Safety Code, is |
|
|
amended to read as follows: |
|
|
(a) To ensure an accurate and continuing source of data |
|
|
concerning cancer, each health care facility, clinical laboratory, |
|
|
and health care practitioner shall furnish to the department [board
|
|
|
or its representative], on request, data the board considers |
|
|
necessary and appropriate that is derived from each medical record |
|
|
pertaining to a case of cancer that is in the custody or under the |
|
|
control of the health care facility, clinical laboratory, or health |
|
|
care practitioner. The department may not request data that is more |
|
|
than three years old unless the department is investigating a |
|
|
possible cancer cluster. At the request and with the authorization |
|
|
of the applicable health care facility, clinical laboratory, or |
|
|
health care practitioner, data may be furnished to the department |
|
|
through a health information exchange as defined by Section |
|
|
182.151. |
|
|
SECTION 5. Section 161.007(d), Health and Safety Code, is |
|
|
amended to read as follows: |
|
|
(d) A health care provider who administers an immunization |
|
|
to an individual younger than 18 years of age shall provide data |
|
|
elements regarding an immunization to the department. A health |
|
|
care provider who administers an immunization to an individual 18 |
|
|
years of age or older may submit data elements regarding an |
|
|
immunization to the department. At the request and with the |
|
|
authorization of the health care provider, the data elements may be |
|
|
provided through a health information exchange as defined by |
|
|
Section 182.151. The data elements shall be submitted in a format |
|
|
prescribed by the department. The department shall verify consent |
|
|
before including the information in the immunization |
|
|
registry. The department may not retain individually identifiable |
|
|
information about an individual for whom consent cannot be |
|
|
verified. |
|
|
SECTION 6. Section 161.00705(a), Health and Safety Code, is |
|
|
amended to read as follows: |
|
|
(a) The department shall maintain a registry of persons who |
|
|
receive an immunization, antiviral, and other medication |
|
|
administered to prepare for a potential disaster, public health |
|
|
emergency, terrorist attack, hostile military or paramilitary |
|
|
action, or extraordinary law enforcement emergency or in response |
|
|
to a declared disaster, public health emergency, terrorist attack, |
|
|
hostile military or paramilitary action, or extraordinary law |
|
|
enforcement emergency. A health care provider who administers an |
|
|
immunization, antiviral, or other medication shall provide the data |
|
|
elements to the department. At the request and with the |
|
|
authorization of the health care provider, the data elements may be |
|
|
provided through a health information exchange as defined by |
|
|
Section 182.151. |
|
|
SECTION 7. Section 161.00706(b), Health and Safety Code, is |
|
|
amended to read as follows: |
|
|
(b) A health care provider, on receipt of a request under |
|
|
Subsection (a)(1), shall submit the data elements to the department |
|
|
in a format prescribed by the department. At the request and with |
|
|
the authorization of the health care provider, the data elements |
|
|
may be submitted through a health information exchange as defined |
|
|
by Section 182.151. The department shall verify the person's |
|
|
request before including the information in the immunization |
|
|
registry. |
|
|
SECTION 8. Chapter 182, Health and Safety Code, is amended |
|
|
by adding Subchapter D to read as follows: |
|
|
SUBCHAPTER D. HEALTH INFORMATION EXCHANGES |
|
|
Sec. 182.151. DEFINITION. In this subchapter, "health |
|
|
information exchange" means an organization that: |
|
|
(1) assists in the transmission or receipt of |
|
|
health-related information among organizations transmitting or |
|
|
receiving the information according to nationally recognized |
|
|
standards and under an express written agreement with the |
|
|
organizations; |
|
|
(2) as a primary business function, compiles or |
|
|
organizes health-related information designed to be securely |
|
|
transmitted by the organization among physicians, other health care |
|
|
providers, or entities within a region, state, community, or |
|
|
hospital system; or |
|
|
(3) assists in the transmission or receipt of |
|
|
electronic health-related information among physicians, other |
|
|
health care providers, or entities within: |
|
|
(A) a hospital system; |
|
|
(B) a physician organization; |
|
|
(C) a health care collaborative, as defined by |
|
|
Section 848.001, Insurance Code; |
|
|
(D) a Pioneer Model accountable care |
|
|
organization established under the initiative by the Centers for |
|
|
Medicare and Medicaid Services Innovation Center; or |
|
|
(E) an accountable care organization |
|
|
participating in the Medicare Shared Savings Program under 42 |
|
|
U.S.C. Section 1395jjj. |
|
|
Sec. 182.152. AUTHORITY OF HEALTH INFORMATION EXCHANGE. |
|
|
(a) Notwithstanding Sections 81.046, 82.009, and 161.0073, a health |
|
|
information exchange may access and transmit health-related |
|
|
information under Sections 81.044(a), 82.008(a), 161.007(d), |
|
|
161.00705(a), and 161.00706(b) if the access or transmittal is: |
|
|
(1) made for the purpose of assisting in the reporting |
|
|
of health-related information to the appropriate agency; |
|
|
(2) requested and authorized by the appropriate health |
|
|
care provider, practitioner, physician, facility, clinical |
|
|
laboratory, or other person who is required to report |
|
|
health-related information; and |
|
|
(3) made in accordance with the requirements of this |
|
|
subchapter and all other state and federal law. |
|
|
(b) A health information exchange may only use and disclose |
|
|
the information that it accesses or transmits under Subsection (a) |
|
|
in compliance with this subchapter and all applicable state and |
|
|
federal law, and may not exchange, sell, trade, or otherwise make |
|
|
any prohibited use or disclosure of the information. |
|
|
Sec. 182.153. COMPLIANCE WITH LAW; SECURITY. A health |
|
|
information exchange that collects, transmits, disseminates, |
|
|
accesses, or reports health-related information under this |
|
|
subchapter shall comply with all applicable state and federal law, |
|
|
including secure electronic data submission requirements. |
|
|
Sec. 182.154. CRIMINAL PENALTY. (a) A person who collects, |
|
|
transmits, disseminates, accesses, or reports information under |
|
|
this subchapter on behalf of or as a health information exchange |
|
|
commits an offense if the person, with the intent to violate this |
|
|
subchapter, allows health-related information in the possession of |
|
|
a health information exchange to be used or disclosed in a manner |
|
|
that violates this subchapter. |
|
|
(b) An offense under this section is a Class A misdemeanor. |
|
|
SECTION 9. Chapter 74A, Civil Practice and Remedies Code, |
|
|
as added by this Act, applies only to a cause of action that accrues |
|
|
on or after the effective date of this Act. A cause of action that |
|
|
accrues before the effective date of this Act is governed by the law |
|
|
in effect immediately before the effective date of this Act, and |
|
|
that law is continued in effect for that purpose. |
|
|
SECTION 10. This Act takes effect September 1, 2015. |