Search

Chapter 70.02 RCW

Medical records — health care information access and disclosure

RCW Sections

70.02.005Findings.
70.02.010Definitions.
70.02.020Disclosure by health care provider.
70.02.030Patient authorization of disclosure.
70.02.040Patient's revocation of authorization for disclosure.
70.02.045Third-party payor release of information.
70.02.050Disclosure without patient's authorization.
70.02.060Discovery request or compulsory process.
70.02.070Certification of record.
70.02.080Patient's examination and copying -- Requirements.
70.02.090Patient's request -- Denial of examination and copying.
70.02.100Correction or amendment of record.
70.02.110Correction or amendment or statement of disagreement -- Procedure.
70.02.120Notice of information practices -- Display conspicuously.
70.02.130Consent by others -- Health care representatives.
70.02.140Representative of deceased patient.
70.02.150Security safeguards.
70.02.160Retention of record.
70.02.170Civil remedies.
70.02.180Licensees under chapter 18.225 RCW -- Subject to chapter.
70.02.900Conflicting laws.
70.02.901Application and construction -- 1991 c 335.
70.02.902Short title.
70.02.903Severability -- 1991 c 335.
70.02.904Captions not law -- 1991 c 335.
70.02.905Construction -- Chapter applicable to state registered domestic partnerships -- 2009 c 521.

Notes:

Record retention by hospitals: RCW 70.41.190.

70.02.005
Findings.

The legislature finds that:

     (1) Health care information is personal and sensitive information that if improperly used or released may do significant harm to a patient's interests in privacy, health care, or other interests.

     (2) Patients need access to their own health care information as a matter of fairness to enable them to make informed decisions about their health care and correct inaccurate or incomplete information about themselves.

     (3) In order to retain the full trust and confidence of patients, health care providers have an interest in assuring that health care information is not improperly disclosed and in having clear and certain rules for the disclosure of health care information.

     (4) Persons other than health care providers obtain, use, and disclose health record information in many different contexts and for many different purposes. It is the public policy of this state that a patient's interest in the proper use and disclosure of the patient's health care information survives even when the information is held by persons other than health care providers.

     (5) The movement of patients and their health care information across state lines, access to and exchange of health care information from automated data banks, and the emergence of multistate health care providers creates a compelling need for uniform law, rules, and procedures governing the use and disclosure of health care information.

[1991 c 335 § 101.]

70.02.010
Definitions.

The definitions in this section apply throughout this chapter unless the context clearly requires otherwise.

     (1) "Audit" means an assessment, evaluation, determination, or investigation of a health care provider by a person not employed by or affiliated with the provider to determine compliance with:

     (a) Statutory, regulatory, fiscal, medical, or scientific standards;

     (b) A private or public program of payments to a health care provider; or

     (c) Requirements for licensing, accreditation, or certification.

     (2) "Directory information" means information disclosing the presence, and for the purpose of identification, the name, location within a health care facility, and the general health condition of a particular patient who is a patient in a health care facility or who is currently receiving emergency health care in a health care facility.

     (3) "Federal, state, or local law enforcement authorities" means an officer of any agency or authority in the United States, a state, a tribe, a territory, or a political subdivision of a state, a tribe, or a territory who is empowered by law to: (a) Investigate or conduct an official inquiry into a potential criminal violation of law; or (b) prosecute or otherwise conduct a criminal proceeding arising from an alleged violation of law.

     (4) "General health condition" means the patient's health status described in terms of "critical," "poor," "fair," "good," "excellent," or terms denoting similar conditions.

     (5) "Health care" means any care, service, or procedure provided by a health care provider:

     (a) To diagnose, treat, or maintain a patient's physical or mental condition; or

     (b) That affects the structure or any function of the human body.

     (6) "Health care facility" means a hospital, clinic, nursing home, laboratory, office, or similar place where a health care provider provides health care to patients.

     (7) "Health care information" means any information, whether oral or recorded in any form or medium, that identifies or can readily be associated with the identity of a patient and directly relates to the patient's health care, including a patient's deoxyribonucleic acid and identified sequence of chemical base pairs. The term includes any required accounting of disclosures of health care information.

     (8) "Health care operations" means any of the following activities of a health care provider, health care facility, or third-party payor to the extent that the activities are related to functions that make an entity a health care provider, a health care facility, or a third-party payor:

     (a) Conducting: Quality assessment and improvement activities, including outcomes evaluation and development of clinical guidelines, if the obtaining of generalizable knowledge is not the primary purpose of any studies resulting from such activities; population-based activities relating to improving health or reducing health care costs, protocol development, case management and care coordination, contacting of health care providers and patients with information about treatment alternatives; and related functions that do not include treatment;

     (b) Reviewing the competence or qualifications of health care professionals, evaluating practitioner and provider performance and third-party payor performance, conducting training programs in which students, trainees, or practitioners in areas of health care learn under supervision to practice or improve their skills as health care providers, training of nonhealth care professionals, accreditation, certification, licensing, or credentialing activities;

     (c) Underwriting, premium rating, and other activities relating to the creation, renewal, or replacement of a contract of health insurance or health benefits, and ceding, securing, or placing a contract for reinsurance of risk relating to claims for health care, including stop-loss insurance and excess of loss insurance, if any applicable legal requirements are met;

     (d) Conducting or arranging for medical review, legal services, and auditing functions, including fraud and abuse detection and compliance programs;

     (e) Business planning and development, such as conducting cost-management and planning-related analyses related to managing and operating the health care facility or third-party payor, including formulary development and administration, development, or improvement of methods of payment or coverage policies; and

     (f) Business management and general administrative activities of the health care facility, health care provider, or third-party payor including, but not limited to:

     (i) Management activities relating to implementation of and compliance with the requirements of this chapter;

     (ii) Customer service, including the provision of data analyses for policy holders, plan sponsors, or other customers, provided that health care information is not disclosed to such policy holder, plan sponsor, or customer;

     (iii) Resolution of internal grievances;

     (iv) The sale, transfer, merger, or consolidation of all or part of a health care provider, health care facility, or third-party payor with another health care provider, health care facility, or third-party payor or an entity that following such activity will become a health care provider, health care facility, or third-party payor, and due diligence related to such activity; and

     (v) Consistent with applicable legal requirements, creating deidentified health care information or a limited dataset and fund-raising for the benefit of the health care provider, health care facility, or third-party payor.

     (9) "Health care provider" means a person who is licensed, certified, registered, or otherwise authorized by the law of this state to provide health care in the ordinary course of business or practice of a profession.

     (10) "Institutional review board" means any board, committee, or other group formally designated by an institution, or authorized under federal or state law, to review, approve the initiation of, or conduct periodic review of research programs to assure the protection of the rights and welfare of human research subjects.

     (11) "Maintain," as related to health care information, means to hold, possess, preserve, retain, store, or control that information.

     (12) "Patient" means an individual who receives or has received health care. The term includes a deceased individual who has received health care.

     (13) "Payment" means:

     (a) The activities undertaken by:

     (i) A third-party payor to obtain premiums or to determine or fulfill its responsibility for coverage and provision of benefits by the third-party payor; or

     (ii) A health care provider, health care facility, or third-party payor, to obtain or provide reimbursement for the provision of health care; and

     (b) The activities in (a) of this subsection that relate to the patient to whom health care is provided and that include, but are not limited to:

     (i) Determinations of eligibility or coverage, including coordination of benefits or the determination of cost-sharing amounts, and adjudication or subrogation of health benefit claims;

     (ii) Risk adjusting amounts due based on enrollee health status and demographic characteristics;

     (iii) Billing, claims management, collection activities, obtaining payment under a contract for reinsurance, including stop-loss insurance and excess of loss insurance, and related health care data processing;

     (iv) Review of health care services with respect to medical necessity, coverage under a health plan, appropriateness of care, or justification of charges;

     (v) Utilization review activities, including precertification and preauthorization of services, and concurrent and retrospective review of services; and

     (vi) Disclosure to consumer reporting agencies of any of the following health care information relating to collection of premiums or reimbursement:

     (A) Name and address;

     (B) Date of birth;

     (C) Social security number;

     (D) Payment history;

     (E) Account number; and

     (F) Name and address of the health care provider, health care facility, and/or third-party payor.

     (14) "Person" means an individual, corporation, business trust, estate, trust, partnership, association, joint venture, government, governmental subdivision or agency, or any other legal or commercial entity.

     (15) "Reasonable fee" means the charges for duplicating or searching the record, but shall not exceed sixty-five cents per page for the first thirty pages and fifty cents per page for all other pages. In addition, a clerical fee for searching and handling may be charged not to exceed fifteen dollars. These amounts shall be adjusted biennially in accordance with changes in the consumer price index, all consumers, for Seattle-Tacoma metropolitan statistical area as determined by the secretary of health. However, where editing of records by a health care provider is required by statute and is done by the provider personally, the fee may be the usual and customary charge for a basic office visit.

     (16) "Third-party payor" means an insurer regulated under Title 48 RCW authorized to transact business in this state or other jurisdiction, including a health care service contractor, and health maintenance organization; or an employee welfare benefit plan; or a state or federal health benefit program.

     (17) "Treatment" means the provision, coordination, or management of health care and related services by one or more health care providers or health care facilities, including the coordination or management of health care by a health care provider or health care facility with a third party; consultation between health care providers or health care facilities relating to a patient; or the referral of a patient for health care from one health care provider or health care facility to another.

[2006 c 235 § 2; 2005 c 468 § 1; 2002 c 318 § 1; 1993 c 448 § 1; 1991 c 335 § 102.]

Notes:

     Reviser's note: For charges or fees under subsection (15) of this section as adjusted by the secretary of health, see chapter 246-08 WAC.

     Purpose -- Effective date -- 2006 c 235: See notes following RCW 70.02.050.

     Effective date -- 1993 c 448: "This act is necessary for the immediate preservation of the public peace, health, or safety, or support of the state government and its existing public institutions, and shall take effect July 1, 1993." [1993 c 448 § 9.]



70.02.020
Disclosure by health care provider.

(1) Except as authorized in RCW 70.02.050, a health care provider, an individual who assists a health care provider in the delivery of health care, or an agent and employee of a health care provider may not disclose health care information about a patient to any other person without the patient's written authorization. A disclosure made under a patient's written authorization must conform to the authorization.

     (2) A patient has a right to receive an accounting of disclosures of health care information made by a health care provider or a health care facility in the six years before the date on which the accounting is requested, except for disclosures:

     (a) To carry out treatment, payment, and health care operations;

     (b) To the patient of health care information about him or her;

     (c) Incident to a use or disclosure that is otherwise permitted or required;

     (d) Pursuant to an authorization where the patient authorized the disclosure of health care information about himself or herself;

     (e) Of directory information;

     (f) To persons involved in the patient's care;

     (g) For national security or intelligence purposes if an accounting of disclosures is not permitted by law;

     (h) To correctional institutions or law enforcement officials if an accounting of disclosures is not permitted by law; and

     (i) Of a limited data set that excludes direct identifiers of the patient or of relatives, employers, or household members of the patient.

[2005 c 468 § 2; 1993 c 448 § 2; 1991 c 335 § 201.]

Notes:

     Effective date -- 1993 c 448: See note following RCW 70.02.010.



70.02.030
Patient authorization of disclosure.

(1) A patient may authorize a health care provider or health care facility to disclose the patient's health care information. A health care provider or health care facility shall honor an authorization and, if requested, provide a copy of the recorded health care information unless the health care provider or health care facility denies the patient access to health care information under RCW 70.02.090.

     (2) A health care provider or health care facility may charge a reasonable fee for providing the health care information and is not required to honor an authorization until the fee is paid.

     (3) To be valid, a disclosure authorization to a health care provider or health care facility shall:

     (a) Be in writing, dated, and signed by the patient;

     (b) Identify the nature of the information to be disclosed;

     (c) Identify the name and institutional affiliation of the person or class of persons to whom the information is to be disclosed;

     (d) Identify the provider or class of providers who are to make the disclosure;

     (e) Identify the patient; and

     (f) Contain an expiration date or an expiration event that relates to the patient or the purpose of the use or disclosure.

     (4) Unless disclosure without authorization is otherwise permitted under RCW 70.02.050 or the federal health insurance portability and accountability act of 1996 and its implementing regulations, an authorization may permit the disclosure of health care information to a class of persons that includes:

     (a) Researchers if the health care provider or health care facility obtains the informed consent for the use of the patient's health care information for research purposes; or

     (b) Third-party payors if the information is only disclosed for payment purposes.

     (5) Except as provided by this chapter, the signing of an authorization by a patient is not a waiver of any rights a patient has under other statutes, the rules of evidence, or common law.

     (6) When an authorization permits the disclosure of health care information to a financial institution or an employer of the patient for purposes other than payment, the authorization as it pertains to those disclosures shall expire ninety days after the signing of the authorization, unless the authorization is renewed by the patient.

     (7) A health care provider or health care facility shall retain the original or a copy of each authorization or revocation in conjunction with any health care information from which disclosures are made.

     (8) Where the patient is under the supervision of the department of corrections, an authorization signed pursuant to this section for health care information related to mental health or drug or alcohol treatment expires at the end of the term of supervision, unless the patient is part of a treatment program that requires the continued exchange of information until the end of the period of treatment.

[2005 c 468 § 3; 2004 c 166 § 19; 1994 sp.s. c 9 § 741; 1993 c 448 § 3; 1991 c 335 § 202.]

Notes:

     Severability -- Effective dates -- 2004 c 166: See notes following RCW 71.05.040.

     Severability -- Headings and captions not law -- Effective date -- 1994 sp.s. c 9: See RCW 18.79.900 through 18.79.902.

     Effective date -- 1993 c 448: See note following RCW 70.02.010.



70.02.040
Patient's revocation of authorization for disclosure.

A patient may revoke in writing a disclosure authorization to a health care provider at any time unless disclosure is required to effectuate payments for health care that has been provided or other substantial action has been taken in reliance on the authorization. A patient may not maintain an action against the health care provider for disclosures made in good-faith reliance on an authorization if the health care provider had no actual notice of the revocation of the authorization.

[1991 c 335 § 203.]

70.02.045
Third-party payor release of information.

Third-party payors shall not release health care information disclosed under this chapter, except to the extent that health care providers are authorized to do so under RCW 70.02.050.

[2000 c 5 § 2.]

Notes:

     Intent -- Purpose -- 2000 c 5: See RCW 48.43.500.

     Application -- Short title -- Captions not law -- Construction -- Severability -- Application to contracts -- Effective dates -- 2000 c 5: See notes following RCW 48.43.500.



70.02.050
Disclosure without patient's authorization.

(1) A health care provider or health care facility may disclose health care information about a patient without the patient's authorization to the extent a recipient needs to know the information, if the disclosure is:

     (a) To a person who the provider or facility reasonably believes is providing health care to the patient;

     (b) To any other person who requires health care information for health care education, or to provide planning, quality assurance, peer review, or administrative, legal, financial, actuarial services to, or other health care operations for or on behalf of the health care provider or health care facility; or for assisting the health care provider or health care facility in the delivery of health care and the health care provider or health care facility reasonably believes that the person:

     (i) Will not use or disclose the health care information for any other purpose; and

     (ii) Will take appropriate steps to protect the health care information;

     (c) To any other health care provider or health care facility reasonably believed to have previously provided health care to the patient, to the extent necessary to provide health care to the patient, unless the patient has instructed the health care provider or health care facility in writing not to make the disclosure;

     (d) To any person if the health care provider or health care facility reasonably believes that disclosure will avoid or minimize an imminent danger to the health or safety of the patient or any other individual, however there is no obligation under this chapter on the part of the provider or facility to so disclose;

     (e) To immediate family members of the patient, including a patient's state registered domestic partner, or any other individual with whom the patient is known to have a close personal relationship, if made in accordance with good medical or other professional practice, unless the patient has instructed the health care provider or health care facility in writing not to make the disclosure;

     (f) To a health care provider or health care facility who is the successor in interest to the health care provider or health care facility maintaining the health care information;

     (g) For use in a research project that an institutional review board has determined:

     (i) Is of sufficient importance to outweigh the intrusion into the privacy of the patient that would result from the disclosure;

     (ii) Is impracticable without the use or disclosure of the health care information in individually identifiable form;

     (iii) Contains reasonable safeguards to protect the information from redisclosure;

     (iv) Contains reasonable safeguards to protect against identifying, directly or indirectly, any patient in any report of the research project; and

     (v) Contains procedures to remove or destroy at the earliest opportunity, consistent with the purposes of the project, information that would enable the patient to be identified, unless an institutional review board authorizes retention of identifying information for purposes of another research project;

     (h) To a person who obtains information for purposes of an audit, if that person agrees in writing to:

     (i) Remove or destroy, at the earliest opportunity consistent with the purpose of the audit, information that would enable the patient to be identified; and

     (ii) Not to disclose the information further, except to accomplish the audit or report unlawful or improper conduct involving fraud in payment for health care by a health care provider or patient, or other unlawful conduct by the health care provider;

     (i) To an official of a penal or other custodial institution in which the patient is detained;

     (j) To provide directory information, unless the patient has instructed the health care provider or health care facility not to make the disclosure;

     (k) To fire, police, sheriff, or another public authority, that brought, or caused to be brought, the patient to the health care facility or health care provider if the disclosure is limited to the patient's name, residence, sex, age, occupation, condition, diagnosis, estimated or actual discharge date, or extent and location of injuries as determined by a physician, and whether the patient was conscious when admitted;

     (l) To federal, state, or local law enforcement authorities and the health care provider, health care facility, or third-party payor believes in good faith that the health care information disclosed constitutes evidence of criminal conduct that occurred on the premises of the health care provider, health care facility, or third-party payor;

     (m) To another health care provider, health care facility, or third-party payor for the health care operations of the health care provider, health care facility, or third-party payor that receives the information, if each entity has or had a relationship with the patient who is the subject of the health care information being requested, the health care information pertains to such relationship, and the disclosure is for the purposes described in RCW 70.02.010(8) (a) and (b); or

     (n) For payment.

     (2) A health care provider shall disclose health care information about a patient without the patient's authorization if the disclosure is:

     (a) To federal, state, or local public health authorities, to the extent the health care provider is required by law to report health care information; when needed to determine compliance with state or federal licensure, certification or registration rules or laws; or when needed to protect the public health;

     (b) To federal, state, or local law enforcement authorities to the extent the health care provider is required by law;

     (c) To federal, state, or local law enforcement authorities, upon receipt of a written or oral request made to a nursing supervisor, administrator, or designated privacy official, in a case in which the patient is being treated or has been treated for a bullet wound, gunshot wound, powder burn, or other injury arising from or caused by the discharge of a firearm, or an injury caused by a knife, an ice pick, or any other sharp or pointed instrument which federal, state, or local law enforcement authorities reasonably believe to have been intentionally inflicted upon a person, or a blunt force injury that federal, state, or local law enforcement authorities reasonably believe resulted from a criminal act, the following information, if known:

     (i) The name of the patient;

     (ii) The patient's residence;

     (iii) The patient's sex;

     (iv) The patient's age;

     (v) The patient's condition;

     (vi) The patient's diagnosis, or extent and location of injuries as determined by a health care provider;

     (vii) Whether the patient was conscious when admitted;

     (viii) The name of the health care provider making the determination in (c)(v), (vi), and (vii) of this subsection;

     (ix) Whether the patient has been transferred to another facility; and

     (x) The patient's discharge time and date;

     (d) To county coroners and medical examiners for the investigations of deaths;

     (e) Pursuant to compulsory process in accordance with RCW 70.02.060.

     (3) All state or local agencies obtaining patient health care information pursuant to this section shall adopt rules establishing their record acquisition, retention, and security policies that are consistent with this chapter.

[2007 c 156 § 12; 2006 c 235 § 3; 2005 c 468 § 4; 1998 c 158 § 1; 1993 c 448 § 4; 1991 c 335 § 204.]

Notes:

     Purpose -- 2006 c 235: "The purpose of this act is to aid law enforcement in combating crime through the rapid identification of all persons who require medical treatment as a result of a criminal act and to assist in the rapid identification of human remains." [2006 c 235 § 1.]

     Effective date -- 2006 c 235: "This act is necessary for the immediate preservation of the public peace, health, or safety, or support of the state government and its existing public institutions, and takes effect immediately [March 27, 2006]." [2006 c 235 § 5.]

     Effective date -- 1993 c 448: See note following RCW 70.02.010.



70.02.060
Discovery request or compulsory process.

(1) Before service of a discovery request or compulsory process on a health care provider for health care information, an attorney shall provide advance notice to the health care provider and the patient or the patient's attorney involved through service of process or first-class mail, indicating the health care provider from whom the information is sought, what health care information is sought, and the date by which a protective order must be obtained to prevent the health care provider from complying. Such date shall give the patient and the health care provider adequate time to seek a protective order, but in no event be less than fourteen days since the date of service or delivery to the patient and the health care provider of the foregoing. Thereafter the request for discovery or compulsory process shall be served on the health care provider.

     (2) Without the written consent of the patient, the health care provider may not disclose the health care information sought under subsection (1) of this section if the requestor has not complied with the requirements of subsection (1) of this section. In the absence of a protective order issued by a court of competent jurisdiction forbidding compliance, the health care provider shall disclose the information in accordance with this chapter. In the case of compliance, the request for discovery or compulsory process shall be made a part of the patient record.

     (3) Production of health care information under this section, in and of itself, does not constitute a waiver of any privilege, objection, or defense existing under other law or rule of evidence or procedure.

[1991 c 335 § 205.]

70.02.070
Certification of record.

Upon the request of the person requesting the record, the health care provider or facility shall certify the record furnished and may charge for such certification in accordance with RCW 36.18.016(5). No record need be certified until the fee is paid. The certification shall be affixed to the record and disclose:

     (1) The identity of the patient;

     (2) The kind of health care information involved;

     (3) The identity of the person to whom the information is being furnished;

     (4) The identity of the health care provider or facility furnishing the information;

     (5) The number of pages of the health care information;

     (6) The date on which the health care information is furnished; and

     (7) That the certification is to fulfill and meet the requirements of this section.

[1995 c 292 § 20; 1991 c 335 § 206.]



70.02.080
Patient's examination and copying — Requirements.

(1) Upon receipt of a written request from a patient to examine or copy all or part of the patient's recorded health care information, a health care provider, as promptly as required under the circumstances, but no later than fifteen working days after receiving the request shall:

     (a) Make the information available for examination during regular business hours and provide a copy, if requested, to the patient;

     (b) Inform the patient if the information does not exist or cannot be found;

     (c) If the health care provider does not maintain a record of the information, inform the patient and provide the name and address, if known, of the health care provider who maintains the record;

     (d) If the information is in use or unusual circumstances have delayed handling the request, inform the patient and specify in writing the reasons for the delay and the earliest date, not later than twenty-one working days after receiving the request, when the information will be available for examination or copying or when the request will be otherwise disposed of; or

     (e) Deny the request, in whole or in part, under RCW 70.02.090 and inform the patient.

     (2) Upon request, the health care provider shall provide an explanation of any code or abbreviation used in the health care information. If a record of the particular health care information requested is not maintained by the health care provider in the requested form, the health care provider is not required to create a new record or reformulate an existing record to make the health care information available in the requested form. The health care provider may charge a reasonable fee for providing the health care information and is not required to permit examination or copying until the fee is paid.

[1993 c 448 § 5; 1991 c 335 § 301.]

Notes:

     Effective date -- 1993 c 448: See note following RCW 70.02.010.



70.02.090
Patient's request — Denial of examination and copying.

(1) Subject to any conflicting requirement in the public records act, chapter 42.56 RCW, a health care provider may deny access to health care information by a patient if the health care provider reasonably concludes that:

     (a) Knowledge of the health care information would be injurious to the health of the patient;

     (b) Knowledge of the health care information could reasonably be expected to lead to the patient's identification of an individual who provided the information in confidence and under circumstances in which confidentiality was appropriate;

     (c) Knowledge of the health care information could reasonably be expected to cause danger to the life or safety of any individual;

     (d) The health care information was compiled and is used solely for litigation, quality assurance, peer review, or administrative purposes; or

     (e) Access to the health care information is otherwise prohibited by law.

     (2) If a health care provider denies a request for examination and copying under this section, the provider, to the extent possible, shall segregate health care information for which access has been denied under subsection (1) of this section from information for which access cannot be denied and permit the patient to examine or copy the disclosable information.

     (3) If a health care provider denies a patient's request for examination and copying, in whole or in part, under subsection (1)(a) or (c) of this section, the provider shall permit examination and copying of the record by another health care provider, selected by the patient, who is licensed, certified, registered, or otherwise authorized under the laws of this state to treat the patient for the same condition as the health care provider denying the request. The health care provider denying the request shall inform the patient of the patient's right to select another health care provider under this subsection. The patient shall be responsible for arranging for compensation of the other health care provider so selected.

[2005 c 274 § 331; 1991 c 335 § 302.]

Notes:

     Part headings not law -- Effective date -- 2005 c 274: See RCW 42.56.901 and 42.56.902.



70.02.100
Correction or amendment of record.

(1) For purposes of accuracy or completeness, a patient may request in writing that a health care provider correct or amend its record of the patient's health care information to which a patient has access under RCW 70.02.080.

     (2) As promptly as required under the circumstances, but no later than ten days after receiving a request from a patient to correct or amend its record of the patient's health care information, the health care provider shall:

     (a) Make the requested correction or amendment and inform the patient of the action;

     (b) Inform the patient if the record no longer exists or cannot be found;

     (c) If the health care provider does not maintain the record, inform the patient and provide the patient with the name and address, if known, of the person who maintains the record;

     (d) If the record is in use or unusual circumstances have delayed the handling of the correction or amendment request, inform the patient and specify in writing, the earliest date, not later than twenty-one days after receiving the request, when the correction or amendment will be made or when the request will otherwise be disposed of; or

     (e) Inform the patient in writing of the provider's refusal to correct or amend the record as requested and the patient's right to add a statement of disagreement.

[1991 c 335 § 401.]

70.02.110
Correction or amendment or statement of disagreement — Procedure.

(1) In making a correction or amendment, the health care provider shall:

     (a) Add the amending information as a part of the health record; and

     (b) Mark the challenged entries as corrected or amended entries and indicate the place in the record where the corrected or amended information is located, in a manner practicable under the circumstances.

     (2) If the health care provider maintaining the record of the patient's health care information refuses to make the patient's proposed correction or amendment, the provider shall:

     (a) Permit the patient to file as a part of the record of the patient's health care information a concise statement of the correction or amendment requested and the reasons therefor; and

     (b) Mark the challenged entry to indicate that the patient claims the entry is inaccurate or incomplete and indicate the place in the record where the statement of disagreement is located, in a manner practicable under the circumstances.

     (3) A health care provider who receives a request from a patient to amend or correct the patient's health care information, as provided in RCW 70.02.100, shall forward any changes made in the patient's health care information or health record, including any statement of disagreement, to any third-party payor or insurer to which the health care provider has disclosed the health care information that is the subject of the request.

[2000 c 5 § 3; 1991 c 335 § 402.]

Notes:

     Intent -- Purpose -- 2000 c 5: See RCW 48.43.500.

     Application -- Short title -- Captions not law -- Construction -- Severability -- Application to contracts -- Effective dates -- 2000 c 5: See notes following RCW 48.43.500.



70.02.120
Notice of information practices — Display conspicuously.

(1) A health care provider who provides health care at a health care facility that the provider operates and who maintains a record of a patient's health care information shall create a "notice of information practices" that contains substantially the following:



NOTICE


"We keep a record of the health care services we provide you. You may ask us to see and copy that record. You may also ask us to correct that record. We will not disclose your record to others unless you direct us to do so or unless the law authorizes or compels us to do so. You may see your record or get more information about it at . . . . . ."



     (2) The health care provider shall place a copy of the notice of information practices in a conspicuous place in the health care facility, on a consent form or with a billing or other notice provided to the patient.

[1991 c 335 § 501.]

70.02.130
Consent by others — Health care representatives.

(1) A person authorized to consent to health care for another may exercise the rights of that person under this chapter to the extent necessary to effectuate the terms or purposes of the grant of authority. If the patient is a minor and is authorized to consent to health care without parental consent under federal and state law, only the minor may exercise the rights of a patient under this chapter as to information pertaining to health care to which the minor lawfully consented. In cases where parental consent is required, a health care provider may rely, without incurring any civil or criminal liability for such reliance, on the representation of a parent that he or she is authorized to consent to health care for the minor patient regardless of whether:

     (a) The parents are married, unmarried, or separated at the time of the representation;

     (b) The consenting parent is, or is not, a custodial parent of the minor;

     (c) The giving of consent by a parent is, or is not, full performance of any agreement between the parents, or of any order or decree in any action entered pursuant to chapter 26.09 RCW.

     (2) A person authorized to act for a patient shall act in good faith to represent the best interests of the patient.

[1991 c 335 § 601.]



70.02.140
Representative of deceased patient.

A personal representative of a deceased patient may exercise all of the deceased patient's rights under this chapter. If there is no personal representative, or upon discharge of the personal representative, a deceased patient's rights under this chapter may be exercised by persons who would have been authorized to make health care decisions for the deceased patient when the patient was living under RCW 7.70.065.

[1991 c 335 § 602.]

70.02.150
Security safeguards.

A health care provider shall effect reasonable safeguards for the security of all health care information it maintains.

     Reasonable safeguards shall include affirmative action to delete outdated and incorrect facsimile transmission or other telephone transmittal numbers from computer, facsimile, or other databases. When health care information is transmitted electronically to a recipient who is not regularly transmitted health care information from the health care provider, the health care provider shall verify that the number is accurate prior to transmission.

[2001 c 16 § 2; 1991 c 335 § 701.]

70.02.160
Retention of record.

A health care provider shall maintain a record of existing health care information for at least one year following receipt of an authorization to disclose that health care information under RCW 70.02.040, and during the pendency of a request for examination and copying under RCW 70.02.080 or a request for correction or amendment under RCW 70.02.100.

[1991 c 335 § 702.]



70.02.170
Civil remedies.

(1) A person who has complied with this chapter may maintain an action for the relief provided in this section against a health care provider or facility who has not complied with this chapter.

     (2) The court may order the health care provider or other person to comply with this chapter. Such relief may include actual damages, but shall not include consequential or incidental damages. The court shall award reasonable attorneys' fees and all other expenses reasonably incurred to the prevailing party.

     (3) Any action under this chapter is barred unless the action is commenced within two years after the cause of action is discovered.

     (4) A violation of this chapter shall not be deemed a violation of the consumer protection act, chapter 19.86 RCW.

[1991 c 335 § 801.]

70.02.180
Licensees under chapter 18.225 RCW — Subject to chapter.

Mental health counselors, marriage and family therapists, and social workers licensed under chapter 18.225 RCW are subject to this chapter.

[2001 c 251 § 34.]

Notes:

     Severability -- 2001 c 251: See RCW 18.225.900.



70.02.900
Conflicting laws.

(1) This chapter does not restrict a health care provider, a third-party payor, or an insurer regulated under Title 48 RCW from complying with obligations imposed by federal or state health care payment programs or federal or state law.

     (2) This chapter does not modify the terms and conditions of disclosure under Title 51 RCW and chapters 13.50, 26.09, 70.24, *70.39, 70.96A, 71.05, and 71.34 RCW and rules adopted under these provisions.

[2000 c 5 § 4; 1991 c 335 § 901.]

Notes:

     *Reviser's note: Chapter 70.39 RCW was repealed by 1982 c 223 § 10, effective June 30, 1990.

     Intent -- Purpose -- 2000 c 5: See RCW 48.43.500.

     Application -- Short title -- Captions not law -- Construction -- Severability -- Application to contracts -- Effective dates -- 2000 c 5: See notes following RCW 48.43.500.



70.02.901
Application and construction — 1991 c 335.

This act shall be applied and construed to effectuate its general purpose to make uniform the law with respect to the subject of this act among states enacting it.

[1991 c 335 § 903.]

70.02.902
Short title.

This act may be cited as the uniform health care information act.

[1991 c 335 § 904.]



70.02.903
Severability — 1991 c 335.

If any provision of this act or its application to any person or circumstance is held invalid, the remainder of the act or the application of the provision to other persons or circumstances is not affected.

[1991 c 335 § 905.]



70.02.904
Captions not law — 1991 c 335.

As used in this act, captions constitute no part of the law.

[1991 c 335 § 906.]



70.02.905
Construction — Chapter applicable to state registered domestic partnerships — 2009 c 521. (Effective if E2SSB 5688 is approved at the November 2009 election under Referendum Measure 71.)

For the purposes of this chapter, the terms spouse, marriage, marital, husband, wife, widow, widower, next of kin, and family shall be interpreted as applying equally to state registered domestic partnerships or individuals in state registered domestic partnerships as well as to marital relationships and married persons, and references to dissolution of marriage shall apply equally to state registered domestic partnerships that have been terminated, dissolved, or invalidated, to the extent that such interpretation does not conflict with federal law. Where necessary to implement chapter 521, Laws of 2009, gender-specific terms such as husband and wife used in any statute, rule, or other law shall be construed to be gender neutral, and applicable to individuals in state registered domestic partnerships.

[2009 c 521 § 149.]