Medical Care Data.
§ 131E-214. Title and purpose.
(a) This Article is the Medical Care Data Act.
(b) The General Assembly finds that, as a result of rising medical care costs and the concern expressed by medical care providers, medical care consumers, third-party payors, and health care planners involved with planning for the provision of medical care, there is an urgent and continuing need to understand patterns and trends in the use and cost of medical care services in this State. The purposes of this Article are as follows:
(1) To ensure that there is an information base containing medical care data from throughout the State that can be used to improve the appropriate and efficient use of medical care services and maintain an acceptable quality of health care services in this State.
(2) To ensure that the necessary medical care data is available to university researchers, State public policymakers, and all other interested persons to improve the decision-making process regarding access, identified needs, patterns of medical care, charges, and use of appropriate medical care services.
(3) To ensure that a data processor receiving data under this Article protects patient confidentiality.
These purposes are to be accomplished by requiring that all hospitals and freestanding ambulatory surgical facilities submit information necessary for a review and comparison of charges, utilization patterns, and quality of medical services to a data processor that maintains a statewide database of medical care data and that makes medical care data available to interested persons, including medical care providers, third-party payors, medical care consumers, and health care planners. (1995, c. 517, s. 39(b).)
§ 131E-214.1. Definitions.
As used in this Article:
(1) "Division" means the Division of Health Service Regulation of the Department of Health and Human Services.
(2) "Freestanding ambulatory surgical facility" means a facility licensed under Part D of Article 6 of this Chapter.
(3) "Hospital" means a facility licensed under Article 5 of this Chapter or Article 2 of Chapter 122C of the General Statutes, but does not include the following:
a. A facility with all of its beds designated for medical type "LTC" (long-term care).
b. A facility with the majority of its beds designated for medical type "PSY-3" (mental retardation).
c. A facility operated by the Division of Adult Correction and Juvenile Justice of the Department of Public Safety.
(4) "Patient data" means data that includes a patient's age, sex, race, ethnicity, zip code, third-party coverage, principal and other diagnosis, date of admission, procedure and discharge date, principal and other procedures, total charges and components of the total charges, attending physician identification number, and hospital or freestanding ambulatory surgical facility identification number.
(5) "Patient identifying information" means the name, address, social security number, or similar information by which the identity of a patient can be determined with reasonable accuracy and speed either directly or by reference to other publicly available information. The term does not include a number assigned to a patient by a health care provider if that number does not consist of or contain numbers, including social security or drivers license numbers, that could be used to identify a patient with reasonable accuracy and speed from sources external to the health care provider.
(6) "Statewide data processor" means a data processor certified by the Division as capable of complying with the requirements of G.S. 131E-214.4. The Division may deny, suspend, or revoke a certificate, in accordance with Chapter 150B of the General Statutes, if the statewide data processor does not comply with or is not capable of complying with the requirements of G.S. 131E-214.4. The Division is authorized to promulgate rules concerning the receipt, consideration, and limitation of a certificate applied for or issued under this Article. (1995, c. 517, s. 39(b); 1997-443, s. 11A.118(a); 2007-182, s. 1; 2008-119, s. 2; 2011-145, s. 19.1(h); 2012-83, s. 44; 2017-186, s. 2(yyyyy).)
§ 131E-214.2. Data submission required.
Except as prohibited by federal law or regulation, each hospital and freestanding ambulatory surgical facility shall submit patient data to a statewide data processor within 60 calendar days after the close of each calendar quarter for patients that were discharged or died during that quarter. (1995, c. 517, s. 39(b).)
§ 131E-214.3. Patient data not public records.
(a) The following are not public records under Chapter 132 of the General Statutes:
(1) Patient data furnished to and maintained by a statewide data processor pursuant to this Article.
(2) Compilations of patient data prepared for release or dissemination by a statewide data processor pursuant to this Article.
(3) Patient data furnished by a statewide data processor to the State.
(b) Compilations of data under subdivision (a)(3) of this section, prepared for release or dissemination by the State, are public records.
(c) The State shall not allow proprietary information, including patient data, that it receives from a statewide data processor to be used by a person for commercial purposes. The State shall require the person requesting this information to certify that it will not use the information for commercial purposes.
(d) A person is immune from liability for actions arising from the required submission of data under this Article. (1995, c. 517, s. 39(b).)
§ 131E-214.4. Statewide data processor.
(a) A statewide data processor shall perform the following duties:
(1) Make available annually to the Division, at no charge, a report that includes a comparison of the 35 most frequently reported charges of hospitals and freestanding ambulatory surgical facilities. The report is a public record and shall be made available to the public in accordance with Chapter 132 of the General Statutes. Publication or broadcast by the news media shall not constitute a resale or use of the data for commercial purposes.
(2) Receive patient data from hospitals and freestanding ambulatory surgical facilities throughout this State.
(3) Compile and maintain a uniform set of data from the patient data submitted.
(4) Analyze the patient data.
(5) Compile reports from the patient data and make the reports available upon request to interested persons at a reasonable charge determined by the data processor.
(6) Ensure that adequate measures are taken to provide system security for all data and information received from hospitals and freestanding ambulatory surgical facilities pursuant to this Article.
(7) Protect the confidentiality of patient records and comply with applicable laws and regulations concerning patient confidentiality, including the confidentiality of patient-identifying information. The data processor shall not disclose patient-identifying information unless (i) the information was originally submitted by the party requesting disclosure or (ii) the State Health Director requests specific individual records for the purpose of protecting and promoting the public health under Chapter 130A of the General Statutes, and the disclosure is not otherwise prohibited by federal law or regulation. Such records shall be made available to the State Health Director at a reasonable charge. Such records made available to the State Health Director are not public records; the State Health Director shall maintain their confidentiality and shall not make the records available notwithstanding G.S. 130A-374(a)(2).
(b) The Department of Health and Human Services may take adverse action against a hospital under G.S. 131E-78 or G.S. 122C-24 or against a freestanding ambulatory surgical center under G.S. 131E-148 for a violation of this Article. (1995, c. 517, s. 39(b); 1997-443, s. 11A.118(a).)
§§ 131E-214.5 through 131E-214.10. Reserved for future codification purposes.