1. The Director of the Authority, in consultation with health care providers, third parties and other interested persons and entities, shall by regulation prescribe a framework for the electronic maintenance, transmittal and exchange of electronic health records, prescriptions, health-related information and electronic signatures and requirements for electronic equivalents of written entries or written approvals in accordance with federal law. The regulations must: (a) Establish standards for networks and technologies to be used to maintain, transmit and exchange health information, including, without limitation, standards: (1) That require: (I) The use of networks and technologies that allow patients to access electronic health records directly from the health care provider of the patient and forward such electronic health records electronically to other persons and entities; and (II) The interoperability of such networks and technologies in accordance with the applicable standards for the interoperability of Qualified Health Information Networks prescribed by the Office of the National Coordinator for Health Information Technology of the United States Department of Health and Human Services; (2) To ensure that electronic health records retained or shared are secure; (3) To maintain the confidentiality of electronic health records and health-related information, including, without limitation, standards to maintain the confidentiality of electronic health records relating to a child who has received health care services without the consent of a parent or guardian and which ensure that a childs right to access such health care services is not impaired; (4) To ensure the privacy of individually identifiable health information, including, without limitation, standards to ensure the privacy of information relating to a child who has received health care services without the consent of a parent or guardian; (5) For obtaining consent from a patient before retrieving the patients health records from a health information exchange, including, without limitation, standards for obtaining such consent from a child who has received health care services without the consent of a parent or guardian; (6) For making any necessary corrections to information or records; (7) For notifying a patient if the confidentiality of information contained in an electronic health record of the patient is breached; (8) Governing the ownership, management and use of electronic health records, health-related information and related data; and (9) For the electronic transmission of prior authorizations for prescription medication; (b) Ensure compliance with the requirements, specifications and protocols for exchanging, securing and disclosing electronic health records, health-related information and related data prescribed pursuant to the provisions of the Health Information Technology for Economic and Clinical Health Act, 42 U.S.C. 300jj et seq. and 17901 et seq., the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and other applicable federal and state law; and (c) Be based on nationally recognized best practices for maintaining, transmitting and exchanging health information electronically. 2. The standards prescribed pursuant to this section must include, without limitation: (a) Requirements for the creation, maintenance and transmittal of electronic health records; (b) Requirements for protecting confidentiality, including control over, access to and the collection, organization and maintenance of electronic health records, health-related information and individually identifiable health information; (c) Requirements for the manner in which a patient may, through a health care provider who participates in the sharing of health records using a health information exchange, revoke his or her consent for a health care provider to retrieve the patients health records from the health information exchange; (d) A secure and traceable electronic audit system for identifying access points and trails to electronic health records and health information exchanges; and (e) Any other requirements necessary to comply with all applicable federal laws relating to electronic health records, health-related information, health information exchanges and the security and confidentiality of such records and exchanges. 3. The regulations adopted pursuant to this section must not require any person or entity to use a health information exchange. 4. Except as otherwise provided in subsections 5, 6 and 7, the Department and the divisions thereof, the Authority and the divisions thereof, other state and local governmental entities, health care providers, third parties, pharmacy benefit managers and other entities licensed or certified pursuant to title 57 of NRS shall maintain, transmit and exchange health information in accordance with the regulations adopted pursuant to this section, the provisions of NRS 439.581 to 439.597 , inclusive, and any other regulations adopted pursuant thereto. 5. The Federal Government and employees thereof, a provider of health coverage for federal employees, a provider of health coverage that is subject to the Employee Retirement Income Security Act of 1974, 29 U.S.C. 1001 et seq., or a Taft-Hartley trust formed pursuant to 29 U.S.C. 186(c)(5) is not required to but may maintain, transmit and exchange electronic information in accordance with the regulations adopted pursuant to this section. 6. A health care provider may apply to the Authority for a waiver from the provisions of subsection 4 on the basis that the health care provider does not have the infrastructure necessary to comply with those provisions, including, without limitation, because the health care provider does not have access to the Internet. The Authority shall grant a waiver if it determines that: (a) The health care provider does not currently have the infrastructure necessary to comply with the provisions of subsection 4; and (b) Obtaining such infrastructure is not reasonably practicable, including, without limitation, because the cost of such infrastructure would make it difficult for the health care provider to continue to operate. 7. The provisions of subsection 4 do not apply to the Department of Corrections. 8. A violation of the provisions of this section or any regulations adopted pursuant thereto is not a misdemeanor. 9. As used in this section: (a) Pharmacy benefit manager has the meaning ascribed to it in NRS 683A.174 . (b) Third party means any insurer, governmental entity or other organization providing health coverage or benefits in accordance with state or federal law.
‹ Prev All Nevada sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.