NRS 439.589 - Adoption of regulations to prescribe standards relating to electronic health records, health-related information and health information exchanges.

NV Rev Stat § 439.589 (2019) (N/A)
Copy with citation
Copy as parenthetical citation

1. The Director shall by regulation prescribe standards:

(a) To ensure that electronic health records retained or shared by any health information exchange are secure;

(b) To maintain the confidentiality of electronic health records and health-related information, including, without limitation, standards to maintain the confidentiality of electronic health records relating to a child who has received health care services without the consent of a parent or guardian and which ensure that a child’s right to access such health care services is not impaired;

(c) To ensure the privacy of individually identifiable health information, including, without limitation, standards to ensure the privacy of information relating to a child who has received health care services without the consent of a parent or guardian;

(d) For obtaining consent from a patient before retrieving the patient’s health records from a health information exchange, including, without limitation, standards for obtaining such consent from a child who has received health care services without the consent of a parent or guardian;

(e) For making any necessary corrections to information or records retained or shared by a health information exchange; and

(f) For notifying a patient if the confidentiality of information contained in an electronic health record of the patient is breached.

2. The standards prescribed pursuant to this section must include, without limitation:

(a) Requirements for the creation, maintenance and transmittal of electronic health records;

(b) Requirements for protecting confidentiality, including control over, access to and the collection, organization and maintenance of electronic health records, health-related information and individually identifiable health information;

(c) Requirements for the manner in which a patient may, through a health care provider who participates in the sharing of health records using a health information exchange, revoke his or her consent for a health care provider to retrieve the patient’s health records from the health information exchange;

(d) A secure and traceable electronic audit system for identifying access points and trails to electronic health records and health information exchanges; and

(e) Any other requirements necessary to comply with all applicable federal laws relating to electronic health records, health-related information, health information exchanges and the security and confidentiality of such records and exchanges.

(Added to NRS by 2011, 1756; A 2015, 1040)