§ 23-6.3-8 - Protection of records.
SECTION 23-6.3-8
§ 23-6.3-8 Protection of records. (a) Providers of health care, public health officials, and any other person whomaintains records containing information on HIV test results of individuals areresponsible for maintaining full confidentiality of this data and shall takeappropriate steps for their protection, including:
(1) Keeping records secure at all times and establishingadequate confidentiality safeguards for any records electronically stored;
(2) Establishing and enforcing reasonable rules limitingaccess to these records; and
(3) Training persons who handle records in securityobjectives and technique.
(b) The department shall evaluate reports of HIV/AIDS forcompleteness and potential referrals for service. All case reports shall bekept in a confidential and secure setting. An HIV/AIDS policy and protocol forsecurity shall be developed and implemented by the department for this purpose.
(c) The department shall evaluate its procedures for HIV/AIDSreporting on a continuous basis for timeliness, completeness of reporting, andsecurity of confidential information.
(d) The department shall develop a protocol that shall be inaccordance with the most recent recommendations of the CDC's Guidelines forNational Human Immunodeficiency Virus Case Surveillance, including monitoringfor Human Immunodeficiency Virus infection and Acquired ImmunodeficiencySyndrome, pertaining to patient records and confidentiality; provided, however,that in no event shall the protocol be less protective than that required bystate law.
(e) All reports and notifications made pursuant to thissection shall be confidential and protected from release except under theprovisions of law. Any person aggrieved by a violation of this section shallhave a right of action in the superior court and may recover for each violation.