SENATE DOCKET, NO. 2162 FILED ON: 1/20/2023
SENATE . . . . . . . . . . . . . . No. 193
|
The Commonwealth of Massachusetts
_________________
PRESENTED BY:
Mark C. Montigny
_________________
To the Honorable Senate and House of Representatives of the Commonwealth of Massachusetts in General
Court assembled:
The undersigned legislators and/or citizens respectfully petition for the adoption of the accompanying bill:
An Act to protect life-saving electronic health records from reckless corporate greed and corruption.
_______________
PETITION OF:
Name: | District/Address: |
Mark C. Montigny | Second Bristol and Plymouth |
SENATE DOCKET, NO. 2162 FILED ON: 1/20/2023
SENATE . . . . . . . . . . . . . . No. 193
By Mr. Montigny, a petition (accompanied by bill, Senate, No. 193) of Mark C. Montigny for legislation to protect life-saving electronic health records from reckless corporate greed and corruption. Consumer Protection and Professional Licensure. |
The Commonwealth of Massachusetts
_______________
In the One Hundred and Ninety-Third General Court
(2023-2024)
_______________
An Act to protect life-saving electronic health records from reckless corporate greed and corruption.
Be it enacted by the Senate and House of Representatives in General Court assembled, and by the authority of the same, as follows:
SECTION 1. Section 16 of chapter 6D, as appearing in the 2020 Official Edition of the General Laws, is hereby amended by inserting at the end of subsection (a) the following clause:-
(9) assist consumers with questions or concerns relating to electronic health information accessibility requirements established by section 7 of chapter 118I, and record and submit reported violations of said section to the executive office of health and human services, the attorney general, and the Office of the National Coordinator, as defined in section 1 of chapter 118I.
SECTION 2. Section 7 of chapter 118I, as so appearing, is hereby amended by inserting at the end thereof the following paragraph:-
In order to ensure the seamless and secure access, exchange, and use of electronic health information, all providers in the commonwealth shall comply with the requirements imposed by the 21st Century Cures Act of 2016, P.L. 114-255, including, but not limited to, interoperability, patient access through application programming interfaces, and prohibitions on information blocking to health information technology developers, health information exchanges, health information networks, and health care providers. The executive office, in consultation with the commission, shall develop a standardized written notification form for providers to give to patients, informing patients of their rights and obligations as it pertains to their electronic health information and accessibility per federal and state law. Said notification forms may be provided electronically to patients and shall inform said patients on how to report violations of electronic health information access to the office of patient protection, established under section 16 of chapter 6D.
The executive office of health and human services shall promulgate regulations to prohibit the collection, capture, purchase, or transfer of electronic health information by third party application programming interfaces without the express written consent of the patient. Said written consent may be obtained by electronic means in a conspicuous and easy to read format. Said regulations shall prohibit third party application programming interfaces from disclosing, redisclosing, disseminating, selling, leasing, trading, or otherwise profiting from a patient’s electronic health information unless it is to provide direct data access to the patient with their express written consent.
A violation of this section is punishable by a fine in accordance with section 8 of this chapter and shall constitute an unfair or deceptive act in violation of chapter 93A.
SECTION 3. Section 8 of said chapter 118I, as so appearing, is hereby amended by inserting after the words “section 7” in the first sentence the following:- “; provided that violations involving patient access to electronic health information, as reported by the commission’s office of patient protection, shall be no less than $1,000 per day per violation”
SECTION 4. This act shall take effect immediately upon its passage.