HIE Background

Health Information Exchange (HIE) Oversight: Background Information

Public Hearings, Minnesota's Privacy Laws and FAQs

Minnesota's HIE Oversight Law established a process for oversight of the organizations providing health information exchange services for clinical use transactions within Minnesota. These organizations are referred to as “health information exchange (HIE) service providers.”

In 2015, this HIE Oversight law was modernized to provide updated definitions and to streamline the application process. The oversight process is intended to ensure that the HIE service providers are conducting their business transparently and in accordance with Minnesota and nationally recognized standards and requirements for securely exchanging health information. It is also intended to ensure that the organizations have processes in place to protect the privacy and security of patients’ health information in accordance with Minnesota law.

The HIE service provider must submit an application, participate in a public hearing if deemed appropriate, and respond to questions and/or concerns from interested stakeholders, including consumers, before becoming certified to operate in Minnesota.

Use this page to find more information on:
The HIE Public Hearing Process
Minnesota's Privacy Laws
Frequently Asked Questions (FAQ)

HIE Public Hearing Process

After an HIE service provider submits an application, the Minnesota Department of Health holds a public hearing, as deemed appropriate. During the public hearing the application is reviewed and the HIE service provider gives a presentation. After the presentation, the HIE oversight review panel, which represents different stakeholder groups and is selected by the Commissioner of Health, asks questions about the application. Public comments and questions specific to the application are also part of the public hearing after the presentation and review panel discussion. 

The application materials are posted on the MDH website on the Minnesota HIE Service Providers Public Hearings page at least 10 days before a public hearing is held. Interested persons may submit comments specific to the application at the public hearing or during the formal written comment period, which begins once the application is posted and ends five calendar days after the public hearing.

After the public comment period closes, the HIE oversight review panel discusses any outstanding questions or concerns about the application. The panel then makes a recommendation to the Commissioner of Health on the certification of the organization. If an organization is certified, it is posted on the Minnesota Certified Health Information Exchange Service Providers webpage.

Minnesota’s Privacy Laws: Beyond HIPAA

The federal law, under HIPAA (Health Information Portability and Accountability Act), established the baseline standards for protection of patient information and health records across the country. The HITECH Act, passed in 2009, included provisions to enhance a person's access to his/her own patient information and the protection of patient records. The Minnesota Health Records Act established additional requirements related to protecting access to patient health information including a requirement that the patient must consent to the release of his/her health records even for treatment purposes. This means healthcare providers and organizations, including health information exchange service providers that work with patient health information, must comply with HIPAA and HITECH regulations as well as the additional state requirements if they are conducting business in Minnesota.

An important part of the oversight and certification process is to ensure that any state-certified HIE service provider will comply with both the federal and Minnesota privacy laws. As part of the oversight process, HIE service providers must submit information in their certification applications about policies and procedures related to compliance with these laws.

FAQ about Health Information Exchange (HIE) Oversight

Last updated September 27, 2011
What is health information exchange (or HIE)?

Health information exchange, or HIE, in Minnesota means the electronic transmission of health related information between organizations according to nationally recognized standards (Minn. Stat. §62J.498 sub. 1(f)). This means each time information is sent electronically to another provider it is done in a uniformly accepted way that meets specific standards to ensure protection of the data and privacy of the patient. It also means the information will be received in a way that is usable for the recipient.

What is a Health Information Exchange Service Provider?

A health information exchange service provider is an organization that facilitates the electronic movement of health information. In Minnesota, these organizations are divided into two types:

  • Health Information Organization (HIO): An HIO means an organization that oversees, governs, and facilitates health information exchange among health care providers that are not related health care entities as defined in Minnesota Statutes section 144.291, subdivision 2, paragraph (j), to improve coordination of patient care and the efficiency of health care delivery.
  • Health Data Intermediary (HDI): An HDI means an entity that provides the technical capabilities or related products and services to enable health information exchange among health care providers that are not related health care entities as defined in Minnesota Statutes section 144.291, subdivision 2, paragraph (j).  This includes but is not limited to: health information service providers, electronic health record vendors, and pharmaceutical electronic data intermediaries as defined in section 62J.495.

How does the Health Information Exchange Oversight Law affect me?

Minnesota is currently the one of very few states in the country that has a law requiring state oversight of health information exchange (HIE) service providers. This HIE Oversight law, combined with the Minnesota Health Records Act, establishes a higher level of protection for consumers and their personal health information than what is provided under HIPAA and HITECH at the national level.

Why is the Minnesota Department of Health involved in this oversight process?

The state law that was passed in 2010, granted the Commissioner of Health (at the Minnesota Department of Health) the authority to implement an oversight program.

How can I be involved in the oversight process?

Public involvement is encouraged in the HIE oversight process through participation in the public hearings; there is time after the presentations and review panel discussion with the HIE service provider applicant for questions and comments from the public specifically related to the application. In addition, written public comments specific to the application, are accepted during the official public comment period, which begins once the application is posted and ends five calendar days after the public hearing. See the Minnesota HIE Service Providers Public Hearings webpage for more details on how to submit comments on a current application/hearing.

The HIE oversight review panel also has a consumer representative; this person is selected by the Commissioner of Health.

Where can I get more information on health information exchange and the HIE oversight process in Minnesota?
Visit the Minnesota e-Health Initiative’s website for more information on both health information exchange (HIE) and the HIE oversight process. On a national level, the Office of the National Coordinator has launched a new website with helpful information for consumers.

Back to Oversight home

Link to Adobe Acrobat Reader To view the PDF files, you will need Adobe Acrobat Reader (free download from Adobe's website).

Updated Thursday, May 10, 2018 at 09:12AM