Nevada Revised Statutes 439.589 – Adoption of regulations to prescribe standards relating to electronic health records, health-related information and health information exchanges
‘ 1. The Director shall by regulation prescribe standards:
Terms Used In Nevada Revised Statutes 439.589
- Director: means the Director of the Department. See Nevada Revised Statutes 439.005
- Guardian: A person legally empowered and charged with the duty of taking care of and managing the property of another person who because of age, intellect, or health, is incapable of managing his (her) own affairs.
- Individually identifiable health information: has the meaning ascribed to it in 45 C. See Nevada Revised Statutes 439.005
(a) To ensure that electronic health records retained or shared by any health information exchange are secure;
(b) To maintain the confidentiality of electronic health records and health-related information, including, without limitation, standards to maintain the confidentiality of electronic health records relating to a child who has received health care services without the consent of a parent or guardian and which ensure that a child’s right to access such health care services is not impaired;
(c) To ensure the privacy of individually identifiable health information, including, without limitation, standards to ensure the privacy of information relating to a child who has received health care services without the consent of a parent or guardian;
(d) For obtaining consent from a patient before retrieving the patient’s health records from a health information exchange, including, without limitation, standards for obtaining such consent from a child who has received health care services without the consent of a parent or guardian;
(e) For making any necessary corrections to information or records retained or shared by a health information exchange; and
(f) For notifying a patient if the confidentiality of information contained in an electronic health record of the patient is breached.
2. The standards prescribed pursuant to this section must include, without limitation:
(a) Requirements for the creation, maintenance and transmittal of electronic health records;
(b) Requirements for protecting confidentiality, including control over, access to and the collection, organization and maintenance of electronic health records, health-related information and individually identifiable health information;
(c) Requirements for the manner in which a patient may, through a health care provider who participates in the sharing of health records using a health information exchange, revoke his or her consent for a health care provider to retrieve the patient’s health records from the health information exchange;
(d) A secure and traceable electronic audit system for identifying access points and trails to electronic health records and health information exchanges; and
(e) Any other requirements necessary to comply with all applicable federal laws relating to electronic health records, health-related information, health information exchanges and the security and confidentiality of such records and exchanges.