Or. Admin. Code § 407-120-0110

Current through Register Vol. 63, No. 11, November 1, 2024
Section 407-120-0110 - Purpose
(1) These rules establish requirements applicable to providers, PHPs, and allied agencies that want to conduct electronic data transactions with the Department. These rules govern the conduct of all web portal or EDI transactions with the Department. These rules only apply to services or items that are paid for by the Department. If the service or item is paid for by a plan or an allied agency, these rules do not apply.
(2) These rules establish the Department's electronic data transaction requirements for purposes of the Health Insurance Portability and Accountability Act of 1996, 42 USC 1320 d -- 1320d-8, Public Law 104-191, sec. 262and sec. 264, and the implementing standards for electronic transactions rules. Where a federal HIPAA standard has been adopted for an electronic data transaction, this rule implements and does not alter the federal standard.
(3) These rules establish procedures that must be followed by any provider, PHP, or allied agency in the event of a security or privacy incident, regardless of whether the incident is related to the use of an electronic data transaction.

Or. Admin. Code § 407-120-0110

OMAP 25-2003(Temp), f. & cert. ef. 3-21-03 thru 9-8-03; OMAP 55-2003, f. & cert. ef. 8-22-03; DMAP 30-2007(Temp), f. 12-31-07, cert. ef. 1-1-08 thru 6-28-08; Renumbered from 410-001-0110, DHSD 1-2008, f. & cert. ef. 2-1-08

Stat. Auth.: ORS 409.050, 414.065

Stats. Implemented: ORS 414.065