SB 287 – AS AMENDED BY THE HOUSE
25Apr2012… 1780h
2012 SESSION
01/10
SENATE BILL 287
AN ACT relative to confidential prescription data and relative to the medical records law.
SPONSORS: Sen. Bradley, Dist 3; Sen. Barnes, Jr., Dist 17; Sen. Lambert, Dist 13; Sen. Boutin, Dist 16; Sen. De Blois, Dist 18; Sen. Luther, Dist 12; Rep. Bettencourt, Rock 4; Rep. Chandler, Carr 1; Rep. Weyler, Rock 8; Rep. W. Smith, Rock 18
COMMITTEE: Health and Human Services
This bill implements the ruling of the Supreme Court in IMS Health Inc. v. Sorrell, 131 S. Ct. 2653 (2011), which held that a prohibition on the use of prescriber-identifiable data in prescription records for commercial purposes violates the First Amendment.
This bill also clarifies the release of a patient’s medical information.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Explanation: Matter added to current law appears in bold italics.
Matter removed from current law appears [in brackets and struckthrough.]
Matter which is either (a) all new or (b) repealed and reenacted appears in regular type.
25Apr2012… 1780h
12-2839
01/10
STATE OF NEW HAMPSHIRE
In the Year of Our Lord Two Thousand Twelve
AN ACT relative to confidential prescription data and relative to the medical records law.
Be it Enacted by the Senate and House of Representatives in General Court convened:
1 Pharmacists and Pharmacies; Prescription Data to be Kept Confidential. Amend RSA 318:47-f to read as follows:
318:47-f Prescription [Information] Data to be Kept Confidential. [Records relative to prescription information containing patient-identifiable and prescriber-identifiable] Patient-identifiable data in prescription records shall not be licensed, transferred, used, or sold by any pharmacy benefits manager, insurance company, electronic transmission intermediary, retail, mail order, or Internet pharmacy or other similar entity, for any commercial purpose, except for the limited purposes of pharmacy reimbursement; formulary compliance; care management; utilization review by a health care provider, the patient’s insurance provider or the agent of either; health care research; or as otherwise provided by law. Commercial purpose includes, but is not limited to, advertising, marketing, promotion, or any activity that could be used to influence sales or market share of a pharmaceutical product, influence or evaluate the prescribing behavior of an individual health care professional, or evaluate the effectiveness of a professional pharmaceutical detailing sales force. Nothing in this section shall prohibit the dispensing of prescription medications to a patient or to the patient’s authorized representative; the transmission of prescription information between an authorized prescriber and a licensed pharmacy; the transfer of prescription information between licensed pharmacies; the transfer of prescription records that may occur in the event a pharmacy ownership is changed or transferred; care management educational communications provided to a patient about the patient’s health condition, adherence to a prescribed course of therapy or other information about the drug being dispensed, treatment options, or clinical trials. Nothing in this section shall prohibit the collection, use, transfer, or sale of patient [and prescriber] de-identified data by zip code[,] or geographic region[, or medical specialty] for commercial purposes. In addition to other appropriate remedies under this chapter, a violation of this section is an unfair or deceptive act or practice within the meaning of RSA 358-A:2. Any right or remedy set forth in RSA 358-A may be used to enforce the provisions of this section.
2 Controlled Drug Act; Prescription Data to be Kept Confidential. Amend RSA 318-B:12, IV to read as follows:
IV. [Records relative to prescription information containing patient-identifiable and prescriber-identifiable] Patient-identifiable data in prescription records shall not be licensed, transferred, used, or sold by any pharmacy benefits manager, insurance company, electronic transmission intermediary, retail, mail order, or Internet pharmacy or other similar entity, for any commercial purpose, except for the limited purposes of pharmacy reimbursement; formulary compliance; care management; utilization review by a health care provider, the patient’s insurance provider or the agent of either; health care research; or as otherwise required by law. Commercial purpose includes, but is not limited to, advertising, marketing, promotion, or any activity that could be used to influence sales or market share of a pharmaceutical product, influence or evaluate the prescribing behavior of an individual health care professional, or evaluate the effectiveness of a professional pharmaceutical detailing sales force. Nothing in this paragraph shall prohibit the dispensing of prescription medications to a patient or to the patient’s authorized representative; the transmission of prescription information between an authorized prescriber and a licensed pharmacy; the transfer of prescription information between licensed pharmacies; the transfer of prescription records that may occur in the event a pharmacy ownership is changed or transferred; care management educational communications provided to a patient about the patient’s health condition, adherence to a prescribed course of therapy or other information about the drug being dispensed, treatment options, or clinical trials. Nothing in this section shall prohibit the collection, use, transfer, or sale of patient [and prescriber] de-identified data by zip code[,] or geographic region[, or medical specialty] for commercial purposes. In addition to other appropriate remedies under this chapter, a violation of this paragraph is an unfair or deceptive act or practice within the meaning of RSA 358-A:2. Any right or remedy set forth in RSA 358-A may be used to enforce the provisions of this paragraph.
3 Statement of Intent. The general court recognizes the significance of a patient’s right to privacy as it relates to the entire patient-provider relationship. The general court believes that a patient’s right to privacy protection includes the identity of his or her health care provider to insure confidentiality of the patient’s diagnosis, treatment, or medical condition. Privacy protection should include the identity of the provider without interfering with the uses authorized by state or federal law. The general court finds that a provider’s identity is central to the nature and scope of an individual's medical care. In this era of medical specialization, the identity of a health care provider may clearly identify or imply a medical condition, diagnosis, and treatment course. Because it is the finding of the general court that the patient must be in control of the entire patient-provider relationship, the general court finds that de-identification of a patient from medical information is insufficient to protect the patient’s privacy interest in the patient’s medical information. It is the intent of the general court to provide only very narrow circumstances when medical information can be disclosed without permission from the patient. The general court finds that the purpose of RSA 332-I is not only to ensure that patients have access to their own medical records, but it also provides for patients’ rights to privacy as it relates to the entire patient-provider relationship.
4 New Section; Release of Medical Information. Amend RSA 332-I by inserting after section 2 the following new section:
332-I:2-a Release of Medical Information. Release of medical information to any person, or release by the authorized recipient of medical information, shall be prohibited without written authorization from the patient or the patient’s authorized representative except as allowed by state or federal law, including, but not limited, to release as may be necessary for treatment, payment, or health care operations, as those terms are defined in 45 C.F.R. 164.501, or to law enforcement officials for valid law enforcement purposes. For the purposes of this paragraph, “medical information” means information that directly identifies the patient or the patient’s health care provider and that relates to a patient’s physical, mental, or behavioral condition, personal or family medical history or medical treatment. Medical information does not include information that protects the anonymity of the patient and health care provider by means of encryption or encoding of individual identifiers, or information pertaining to or derived from federally sponsored, authorized, or regulated research governed by 21 C.F.R. parts 50 and 56 and 45 C.F.R. part 46.
5 Effective Date. This act shall take effect upon its passage.