Minnesota e-Health Privacy & Security
Request for Information (RFI): Patient Impact and Costs Associated with the Consent Requirements under the Minnesota Health Records Act (MHRA)
Responses Due October 24, 2016
The Minnesota Department of Health (MDH) by legislative mandate seeks public input on both patient impact and costs associated with requirements related to patient consent for release of health records for the purposes of treatment, payment, and health care operations, as required in section 144.293, subdivision 2 (Minnesota Session Laws 2016, Regular Session, Chapter 189, Article 20, Section 5).
The complete RFI and instructions for responding:
Request for Information on Impact and Costs Associated with the Consent Requirements under the Minnesota Health Records Act (DOCX)
Individuals, health care providers, payers and related organizations are encouraged to respond. For questions, please email firstname.lastname@example.org.
Privacy and Security Resources for Minnesota Health Care Providers
The Minnesota Health Records Access Study (2013) identified gaps and opportunities for providing resources and guidance to health and health care providers to aid in implementing more robust privacy and security programs throughout the state.
In 2014, the Minnesota Department of Health (MDH), in consultation with the Minnesota e-Health Advisory Committee, convened the Minnesota e-Health Privacy and Security Workgroup to provide expert analysis and opinions on materials and resources that may be used to enhance privacy and security programs throughout the state. The work is ongoing, and current resources are available at the links below.
Minnesota Standard Consent Form to Release Health Information (PDF)
A standard patient consent form for a person to release their health information.
- Q & A: Standard Consent Form to Release Health Information (PDF)
For general questions regarding the Minnesota Standard Consent Form to Release Health Information.
- Spanish Language Version: Minnesota Standard Consent Form to Release Health Information (PDF)
Formulario de Permiso Estándar de Minnesota para la Divulgación de Información Médica.
Minnesota Model Notice of Privacy Practices (NPP) (PDF)
(Adapted for Minnesota from U.S. Department of Health and Human Services Model NPP)
- Minnesota Model Notice of Privacy Practices (NPP) Microsoft Word Version for Health Care Providers' Use (DOCX)
Other Minnesota Activities and Resources
Privacy and Security Workgroup
Website of the Privacy and Security Workgroup of the Minnesota e-Health Initiative.
Minnesota Health Records Act
Minnesota law governing health records information, Minnesota Statutes 144.291 through 144.298
Upper Midwest HIE Interstate Patient Consent Tools
The Upper Midwest HIE (UM HIE) State Health Policy Consortium has developed a set of tools for health care providers designed to ease the exchange of patient health information, with consent, across state borders specifically for Minnesota, North Dakota, South Dakota, Wisconsin and Illinois.
The Minnesota Commissioner of Health has endorsed these new tools and encourages health care providers to use the UM HIE Common Consent Form.
Visit the UM HIE webpage to access the tools and read more about the Commissioner's endorsement.
Minnesota Documents Related to Federal Privacy & Security Activities
ARRA Title XIII: HITECH Act, Subtitle D – Privacy (PDF)
Full text of privacy provisions included in the HITECH Act.
HHS Interim Final Rule and Request for Comment on Breach Notification of Unsecured Protected Health Information (PDF)
Full text of the U.S. Department of Health and Human Services health information breach notification interim final rule for HIPAA covered entities.
FTC Interim Final Rule on Health Breach Notification (PDF)
Full text of Federal Trade Commission’s health information breach notification rule for non-HIPAA covered entities.
HHS Interim Final Rule Enforcement (PDF)
Full text of HHS amending sections within HIPAA related to the authority of the Secretary of the HHS (the Secretary) to impose civil money penalties.
HHS Proposed Rule Genetic Information Nondiscrimination Act of 2008 (GINA) (PDF)
Full text of HHS proposed rule to modify certain provisions HIPAA related to genetic information.
Statement of Organization, Functions, and Delegations of Authority (PDF)
Full text of HHS statement of delegated authority for HIPAA security rule from the Centers for Medicare & Medicaid Services (CMS) to the Director, Office for Civil Rights (OCR).