Utah Code 26B-8-409. Department measures to protect security of health data
Current as of: 2024 | Check for updates
|
Other versions
The department shall protect the security of identifiable health data by use of the following measures and any other measures adopted by rule:
(1) limit access to identifiable health data to authorized individuals who have received training in the handling of such data;
Terms Used In Utah Code 26B-8-409
- Health data: means any information, except vital records as defined in Section 26B-8-101, relating to the health status of individuals, the availability of health resources and services, and the use and cost of these resources and services. See Utah Code 26B-8-401
- Identifiable health data: means any item, collection, or grouping of health data which makes the individual supplying it or described in it identifiable. See Utah Code 26B-8-401
- Person: means :(24)(a) an individual;(24)(b) an association;(24)(c) an institution;(24)(d) a corporation;(24)(e) a company;(24)(f) a trust;(24)(g) a limited liability company;(24)(h) a partnership;(24)(i) a political subdivision;(24)(j) a government office, department, division, bureau, or other body of government; and(24)(k) any other organization or entity. See Utah Code 68-3-12.5(2) designate a person to be responsible for physical security;(3) develop and implement a system for monitoring security; and(4) review periodically all identifiable health data to determine whether identifying characteristics should be removed from the data.