Section 439.586 - Duties of exchange to audit access to health information, conduct annual risk assessment, adopt procedure to incorporate certain information and provide notification of errors in information disclosedA health information exchange shall:
1. Routinely audit access to health information by users of the health information exchange to ensure that such access complies with the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and make the records of such audits available to the Director upon request;2. Annually conduct a risk assessment of measures taken by the health information exchange to safeguard the health information of patients and develop strategies for mitigating the risk of unauthorized access to such information;3. Adopt a standard procedure for incorporating revocations of consent made pursuant to NAC 439.592 and amendments to records made by authorized users of the health information exchange in compliance with the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191; and4. If the health information exchange becomes aware of an error in information disclosed using the health information exchange, notify the authorized user who disclosed the information of the error.Nev. Admin. Code § 439.586
Added to NAC by Dep't of Health & Human Services by R056-16, eff. 9-21-2017