Title: Section 300.5 - Sharing of Patient Information
Section 300.5 Sharing of Patient Information.
(a) General standard. Qualified entity participants may only exchange patient information as authorized by law and consistent with their participation agreements with qualified entity participants. Under subdivision six of section 18 of the Public Health Law, individuals who work for a qualified entity are deemed personnel under contract with a health care provider that is a qualified entity participant. As such, a qualified entity participant may disclose to such a qualified entity necessary patient information without a written authorization from the patient of the qualified entity participant. Qualified entity participants may, but shall not be required to, provide patients the option to withhold patient information, including minor consent patient information, from the SHIN-NY. Except as set forth in subdivision (b)(2) or (c) of this section, a qualified entity shall only allow access to patient information by qualified entity participants with a written authorization from:
(1) the patient; or
(2) when the patient lacks capacity to consent, from:
(i) another qualified person under section 18 of the Public Health Law;
(ii) a person with power of attorney whom the patient has authorized to access records relating to the provision of health care under General Obligations Law Article 5, Title 15; or
(iii) a person authorized pursuant to law to consent to health care for the individual.
(b) Written authorization.
(1) Written authorizations must specify to whom disclosure is authorized.
(i) Patient information may not be disclosed to persons who, or entities that, become qualified entity participants subsequent to the execution of a written authorization unless:
(a) the name or title of the individual or the name of the organization are specified in a new written authorization; or
(b) the patient’s written authorization specifies that disclosure is authorized to persons or entities becoming qualified entity participants subsequent to the execution of the written authorization and the qualified entity has documented that it has notified the patient, or the patient has declined the opportunity to receive notice, of the persons or entities becoming qualified entity participants subsequent to the execution of the written authorization.
(ii) Any written authorization shall remain in effect until it is revoked in writing or explicitly superseded by a subsequent written authorization. A patient may revoke a written authorization in writing at any time by following procedures established by the qualified entity.
(2) A minor’s parent or legal guardian may authorize the disclosure of the minor’s patient information, other than minor consent patient information.
(3) Minor consent patient information.
(i) In general, a minor’s minor consent patient information may be disclosed to a qualified entity participant if the minor’s parent or legal guardian has provided authorization for that qualified entity participant to access the minor’s patient information through the SHIN-NY. Such access shall be deemed necessary to provide appropriate care or treatment to the minor. However, if federal law or regulation requires the minor’s authorization for disclosure of minor consent patient information or if the minor is the parent of a child, has married or is otherwise emancipated, the disclosure may not be made without the minor’s authorization.
(ii) In no event may a qualified entity participant disclose minor consent patient information to the minor’s parent or guardian without the minor’s authorization.
(4) Minor consent patient information includes, but is not limited to patient information concerning:
(i) treatment of such patient for sexually transmitted disease or the performance of an abortion as provided in section 17 of the Public Health Law;
(ii) the diagnosis, treatment or prescription for a sexually transmitted disease as provided in section 2305 of the Public Health Law;
(iii) medical, dental, health and hospital services relating to prenatal care as provided in section 2504(3) of the Public Health Law;
(iv) an HIV test as provided in section 2781 of the Public Health Law;
(v) mental health services as provided in section 33.21 of the Mental Hygiene Law;
(vi) alcohol and substance abuse treatment as provided in section 22.11 of the Mental Hygiene Law;
(vii) any patient who is the parent of a child or has married as provided in section 2504 of the Public Health Law or an otherwise legally emancipated minor;
(viii) treatment that a minor has a Constitutional right to receive without a parent’s or guardian’s permission as determined by courts of competent jurisdiction;
(ix) Treatment for a minor who is a victim of sexual assault as provided in section 2805-i of the Public Health Law;
(x) Emergency care as provided in section 2504(4) of the Public Health Law.
(c) Access without written authorization. A qualified entity shall, where permitted by law, allow access to patient information without written authorization when:
(1) Prior consent has already been obtained for the disclosure as required by subdivision 23 of section 6530 of the Education Law, and no provision of law requires any additional written authorization.
(2) Disclosure to the individual entity accessing the patient information is:
(i) required by law; or
(ii) authorized by law:
(a) to a public health authority for public health activities;
(b) to a health oversight agency for health oversight activities; or
(c) to a federally designated organ procurement organization for purposes of facilitating organ, eye or tissue donation and transplantation.
(3) The health care provider treating the patient, a person acting at the direction of such health care provider, or other professional emergency personnel has documented that an emergency condition exists and the patient is in immediate need of medical attention, and an attempt to secure consent would result in delay of treatment which would increase the risk to the patient’s life or health.
VOLUME C (Title 10)