(a)
(1) Upon a preliminary determination by the threat assessment team that an individual poses a threat of violence or exhibits significantly disruptive behavior or need for assistance, the threat assessment team may:
(A) Request law enforcement information or records, which may be provided as deemed appropriate by the law enforcement agency in accordance with state and federal privacy laws; and
(B) Request court files and records, which may be provided as deemed appropriate by the juvenile court pursuant to § 37-1-153.
(2) A member of a threat assessment team shall not disclose any court files or records obtained pursuant to this section or otherwise use any record of an individual beyond the purpose for which the disclosure was made. This section does not require a law enforcement agency or juvenile court to produce a record or limit a law enforcement agency's or juvenile court's discretion.
(3) Law enforcement and juvenile justice information obtained pursuant to this part cannot be used:
(A) To discipline or exclude a child from educational services unless the information is provided to a school pursuant to § 37-1-131(a)(2)(B); or
(B) By a juvenile court system to assess legal consequences against a person for any action, unless the information is brought before the juvenile court pursuant to a properly filed petition and addressed through the proper court proceedings in accordance with title 37, chapter 1.
(b) An LEA may disclose information contained in a student's education record to appropriate parties, including members of the threat assessment team and the members' respective agencies, in the event of an emergency if knowledge of the information is necessary to protect the health or safety of the student or other individuals. Any disclosure under this subsection (b) must comply with the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. 1232g), § 10-7-504, the Data Accessibility, Transparency and Accountability Act, and all other relevant state and federal privacy laws. This section does not limit an LEA's ability to disclose information to the fullest extent otherwise permitted by state or federal law.
(c) Agencies, entities, and individuals subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) (42 U.S.C. § 1320d et seq.) may disclose information contained in a medical record to the threat assessment team if the agency, entity, or individual believes that the disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. Any disclosure under this subsection (c) must comply with HIPAA. Nothing in this subsection (c) limits an agency's, entity's or individual's ability to disclose information to the fullest extent otherwise permitted by state or federal law.
(d) The threat assessment team shall certify to any agency or individual providing confidential information that the information will not be disclosed to any other party, except as provided by law. The agency providing the information to the threat assessment team shall retain ownership of the information provided, and such information remains subject to any confidentiality laws applicable to the agency. The provision of information to the threat assessment team does not waive any applicable confidentiality standards. Confidential information may be shared with the threat assessment team only as necessary to protect the safety of the individual or others. Nothing in this part compels an agency or individual to share records or information unless required by law.