DAR File No. 40171
This rule was published in the February 15, 2016, issue (Vol. 2016, No. 4) of the Utah State Bulletin.
Health, Center for Health Data, Health Care Statistics
Health Data Authority Standards for Health Data
Notice of Proposed Rule
DAR File No.: 40171
Filed: 01/29/2016 12:29:24 PM
Purpose of the rule or reason for the change:
The purpose of this amendment is to incorporate a new policy requiring yearly update of contact information by healthcare facilities; to add a new subsection clarifying the process for handling rejected data and subsequent resubmission; to update the title to the new consolidated facilities data submittal guide; to introduce new definitions; and to make minor grammatical edits.
Summary of the rule or change:
The changes are as follows: 1) add new definitions for "Emergency Room Data" and "Healthcare Facility Data"; 2) add one new subsection outlining protocol for rejected data submissions; 3) add one new section requiring healthcare facilities to provide current contact information to the office by September 1 of each year, and within 30 days of learning they will be required to submit under this rule; and 4) update title for the facilities data submittal guide to "Utah Healthcare Facility Data Submission Guide" in Rule R428-2.
State statutory or constitutional authorization for this rule:
- Title 26, Chapter 33a
Anticipated cost or savings to:
the state budget:
This rule amendment makes technical changes and also updates the data submittal guide required for use by Utah healthcare facilities, which are required to submit data to the Utah Department of Health's (UDOH) Office of Health Care Statistics. UDOH determines enactment of these changes and the amended version will not create any cost or savings impact to the state budget or UDOH's budget since the change will not increase workload and can be carried out with existing budget.
This filing does not create any direct cost or savings impact to local governments since they are not directly affected by the rule; nor are local governments indirectly impacted because the rule does not create a situation requiring services from local governments.
None--Small businesses are not impacted by this rule change since all potentially impacted businesses have more than 50 employees. As a result, the rule will have no effect on small business budgets for costs or savings.
persons other than small businesses, businesses, or local governmental entities:
Technical changes will not create any cost or savings to businesses, individuals, local governments, or persons that are not small businesses.
Compliance costs for affected persons:
There are no compliance costs for affected persons. The change clarifies definitions and two requirements, which does not result in compliance costs.
Comments by the department head on the fiscal impact the rule may have on businesses:
There is no fiscal impact on business because technical changes do not add compliance costs to affected businesses.
Joseph Miner, MD, Executive Director
The full text of this rule may be inspected, during regular business hours, at the Division of Administrative Rules, or at:Health
Center for Health Data, Health Care Statistics
CANNON HEALTH BLDG
288 N 1460 W
SALT LAKE CITY, UT 84116-3231
Direct questions regarding this rule to:
- Mike Martin at the above address, by phone at 801-538-9205, by FAX at 801-538-9916, or by Internet E-mail at firstname.lastname@example.org
- Stephanie Saperstein at the above address, by phone at 801-538-6430, by FAX at , or by Internet E-mail at email@example.com
Interested persons may present their views on this rule by submitting written comments to the address above no later than 5:00 p.m. on:
This rule may become effective on:
Joseph Miner, Executive Director
R428. Health, Center for Health Data, Health Care Statistics.
R428-2. Health Data Authority Standards for Health Data.
R428-2-1. Legal Authority.
This rule is promulgated under authority granted by Title 26, Chapter 33a.
This rule establishes definitions, requirements, and general guidelines relating to the collection, control, use and release of data pursuant to Title 26, Chapter 33a.
(1) The terms used in this rule are defined in Section 26-33a-102.
(2) In addition, the following definitions apply to all of Title R428:
(a) "Adjudicated claim" means a claim submitted to a carrier for payment where the carrier has made a determination whether the services provided fall under the carrier's benefit.
(b) "Ambulatory surgery data" means the consolidation of complete billing, medical, and personal information describing a patient, the services received, and charges billed for a surgical or diagnostic procedure treatment in an outpatient setting into a data record.
(c) "Ambulatory surgical facility" is defined in Section 26-21-2.
(d) "Carrier" means any of the following Third Party Payors as defined in 26-33a-102(16):
(i) an insurer engaged in the business of health care or dental insurance in the state of Utah, as defined in Section 31A-1-301;
(ii) a business under an administrative services organization or administrative services contract arrangement;
(iii) a third party administrator, as defined in Section 31A-1-301, licensed by the state of Utah that collects premiums or settles claims of residents of the state, for health care insurance policies or health benefit plans, as defined in Section 31A-1-301;
(iv) a governmental plan, as defined in Section 414 (d), Internal Revenue Code, that provides health care benefits;
(v) a program funded or administered by Utah for the provision of health care services, including Medicaid, the Utah Children's Health Insurance Program created under Section 26-40-103, and the medical assistance programs described in Title 26, Chapter 18 or any entity under a contract with the Utah Department of Health to serve clients under such a program;
(vi) a non-electing church plan, as described in Section 410 (d), Internal Revenue Code, that provides health care benefits;
(vii) a licensed professional employer organization as defined in Section 31a-40-102 acting as an administrator of a health care insurance plan;
(viii) a health benefit plan funded by a self-insurance arrangement;
(ix) the Public Employees' Benefit and Insurance Program created in Section 49-20-103;
(x) a pharmacy benefit manager, defined to be a person that provides pharmacy benefit management services as defined in Section 49-20-502 on behalf of any other carrier defined in subsection R428-2-3.
(e) "Claim" means a request or demand on a carrier for payment of a benefit.
(f) "Covered period" means the calendar year on which the data used for calculation of HEDIS measures is based.
(g) "Data element" means the specific information collected and recorded for the purpose of health care and health service delivery. Data elements include information to identify the individual, health care provider, data supplier, service provided, charge for service, payer source, medical diagnosis, and medical treatment.
(h) "Discharge data" means the consolidation of complete billing, medical, and personal information describing a patient, the services received, and charges billed for a single inpatient hospital stay into a discharge data record.
(i) "Electronic media" means a compact disc, digital video disc, external hard drive, or other media where data is stored in digital form.
(j) "Electronic transaction" means to submit data directly via electronic connection from a hospital or ambulatory surgery facility to the Office according to Electronic Data Interchange standards established by the American National Standards Institute's Accredited Standards Committee, known as the Health Care Transaction Set (837) ASC X 12N.
(k) "Eligible Enrollee" means an enrollee who meets the criteria outlined in the NCQA survey specifications.
l]) "Enrollee" means any individual who
has entered into a contract with a carrier for health care or on
whose behalf such an arrangement has been made.
(n) "Health Insurance" has the same meaning as
found in Section 31A-1-301.]
o]) "HEDIS" means the Healthcare
Effectiveness Data and Information Set, a set of standardized
performance measures developed by the NCQA.
p]) "HEDIS data" means the complete set
of HEDIS measures calculated by the carriers according to NCQA
specifications, including a set of required measures and voluntary
measures defined by the department, in consultation with the
q]) "Hospital" means a general acute
hospital or specialty hospital as defined in Section 21-21-2 that
is licensed under Rule R432.
r]) "Level 1 data element" means a
required reportable data element.
s]) "Level 2 data element" means a data
element that is reported when the information is available from the
patient's hospital record.
t]) "NCQA" means the National Committee
for Quality Assurance, a not-for-profit organization committed to
evaluating and reporting on the quality of managed care plans.
u]) "Office" means the Office of Health
Care Statistics within the Utah Department of Health.
v]) "Order" means an action of the
committee that determines the legal rights, duties, privileges,
immunities, or other interests of one or more specific persons, but
not a class of persons.
w]) "Patient Social Security number" is
the social security number of a person receiving health care.
x]) "Performance Measure" means the
quantitative, numerical measure of an aspect of the carrier, or its
membership in part or in its entirety, or qualitative, descriptive
information on the carrier in its entirety as described in
y]) "Public Use Data Set" means a data
extract or a subset of a database that is deemed by the Office to
not include identifiable data or where the probability of
identifying individuals is minimal.
z]) "Report" means a disclosure of data
or information collected or produced by the committee or Office,
including but not limited to a compilation, study, or analysis
designed to meet the needs of specific audiences.
aa]) "Research Data Set" means a data
extract or subset of a database intended for use by investigators
or researchers for bona fide research purposes that may include
identifiable information or where there is more than a minimal
probability that the data could be used to identify
bb]) "Record linkage number" is an
irreversible, unique, encrypted number that will replace patient
social security number.
cc]) "Sample file" means the data file
containing records of selected eligible enrollees drawn by the
survey agency from the carrier's sampling frame.
dd]) "Sampling Frame" means the carrier
enrollment file as described criteria outlined by the NCQA survey
ee]) "Submission year" means the year
immediately following the covered period.
ff]) "Survey agency" means an
independent contractor on contract with the Office of Health Care
gg]) "Utah Health Care Performance
Measurement Plan" means the plan for data collection and
public reporting of health-related measures, adopted by the Utah
Health Data Committee to establish a statewide health performance
hh]) "Uniform billing form" means the
uniform billing form recommended for use by the National Uniform
ii]) [ "Submittal Manual for Inpatient Data" means the
document referenced in Subsection R428-1-4(1). (jj) "Submittal Manual for Ambulatory Surgery
Data" means the document referenced in Subection
kk]) "NCQA Survey Specifications" means
the document referenced in Subsection R428-1-4(
ll]) "NCQA HEDIS Specifications" means
the document referenced in Subsection R428-1-4(
mm]) "Data Submission Guide for Claims
Data" means the document referenced in Subsection R428-1-4(
[ 5]) for data submissions required from April 1,
2015 to February 29, 2016 and the document referenced in Subsection
[ 6]) for data submissions beginning March 1,
R428-2-4. Technical Assistance.
The Office may provide technical assistance or consultation to a data supplier upon request and resource availability. The consultation shall be to enable a data supplier to submit required data according to Title R428.
R428-2-5. Data Classification and Access.
(1) Data collected by the committee are not public, and as such are exempt from the classification and release requirements specified in Title 63g, Chapter 2, Government Records Access and Management Act.
(2) Any person having access to data collected or produced by the committee or the Office under Title 26, Chapter 33a shall not:
(a) take any action that might provide information to any unauthorized individual or agency;
(b) scan, copy, remove, or review any information to which specific authorization has not been granted;
(c) discuss information with unauthorized persons which could lead to identification of individuals;
(d) give access to any information by sharing passwords or file access codes.
(3) Any person having access to data collected or produced by the committee or the Office under Title 26, Chapter 33a shall:
(a) maintain the data in a safe manner which restricts unauthorized access;
(b) limit use of the data to the purposes for which access is authorized;
(c) report immediately any unauthorized access to the Office or its designated security officer.
(4) A failure to report known violations by others is subject to the same punishment as a personal violation.
(5) The Office shall deny a person access to the facilities, services and data as a consequence of any violation of the responsibilities specified in this section.
R428-2-6. Editing and Validation.
(1) Each data supplier shall review each required record prior to submission. The review shall consist of checks for accuracy, consistency, completeness, and conformity.
(2) The Office may subject submitted data to edit checks. The Office may require the data supplier to correct data failing an edit check as follows:
(a) The Office may, by first class U.S. mail or email, inform the submitting data supplier of any data failing an edit check.
(b) The submitting data supplier shall make necessary corrections and resubmit all corrected data to the Office within 10 business days of the date the Office notified the supplier.
R428-2-7. Error Rates.
The committee may establish and order reporting quality standards based on non-reporting or edit failure rates.
R428-2-8. Data Disclosure.
(1) The committee may disclose data received from data suppliers or data or information derived from this data as specified in Title 26, Chapter 33a.
(2) The Office may prepare reports relating to health care cost, quality, access, health promotion programs, or public health. These actions may be to meet legislative intent or upon request from individuals, government agencies, or private organizations. The Office may create reports in a variety of formats including print or electronic documents, searchable databases, web-sites, or other user-oriented methods for displaying information.
(3) Unless otherwise specified by the committee, the time period for data suppliers and health care providers to prepare a response as required in Subsections 26-33a-107(1) and 26-33a-107(3) shall be 15 business days. If a data supplier fails to respond in the specified time frame, the committee may conclude that the information is correct and suitable for release.
(4) The committee may note in a report that accurate appraisal of a certain category or entity cannot be presented because of a failure to comply with the committee's request for data, edit corrections, or data validation.
(5) The Office may release to the data supplier or its designee any data elements provided by the supplier without notification when a data supplier requests the data be so supplied.
(6) The committee may disclose data in computer readable formats.
(7) The Director of the Office may approve the disclosure of a public use data set upon receipt of a written request that includes the following:
(a) the name, address, e-mail and telephone number of the requester;
(b) a statement of the purpose for which the data will be used;
(c) agreement to other terms and conditions as deemed necessary by the Office.
(8) The committee may approve the release of a research data set to an institution, association or organization for bona fide research of health care cost, quality, access, health promotion programs, or public health issues. The requester must provide:
(a) the name, address, e-mail and telephone number of the requester and for each person who will have access to the research data set;
(b) a statement of the purpose for which the research data set will be used;
(c) the starting and ending dates for which the research data set is requested;
(d) an explanation of why a public use data set could not be used for to accomplish the stated research purposes, including a separate justification for each element containing identified data requested;
(e) evidence of the integrity and ability to safeguard the data from any breach of confidentiality;
(f) evidence of competency to effectively use the data in the manner proposed;
(g) a satisfactory review from an Office-approved institutional review board;
(h) a guarantee that no further disclosure will occur without prior approval of the Office;
(i) a signed agreement to comply with other terms and conditions as stipulated by the committee.
(1) The Office may apply civil penalties or subject violators to legal prosecution.
(2) Sections 26-23-6 and 26-33a-110 specify civil and criminal penalties for failure to comply with the requirements of Title R428 or Title 26, Chapter 33a.
(3) Notwithstanding Subsection R428-2-9(2), any person that violates any provision of Title R428 may be assessed an administrative civil money penalty not to exceed $3,000 upon an administrative finding of a first violation and up to $5,000 for a subsequent similar violation within two years. A person may also be subject to penalties imposed by a civil or criminal court, which may not exceed $5,000 or a class B misdemeanor for the first violation and a class A misdemeanor for any subsequent similar violation within two years.
(4) Notwithstanding Subsection R428-2-9(2) and R428-2-9(3), a data supplier that violates any provision of Title R428 may be assessed an administrative civil money penalty for each day of non-compliance. Fines may be imposed as follows:
(a) Not to exceed the sum of $10,000 per violation
(b) Each day of violation is a separate violation
(c) Deadlines established in separate sections of Title R428 are considered as separate provisions.
(5) The Office may impose a fine on any data supplier that misses a deadline to submit data required in Title R428 as follows:
(a) A fine of $250 per violation shall be imposed until the data has been supplied as required
(b) The fines shall increase to $500 per violation for each violation when any data supplier that is currently in violation misses another deadline
(c) After forty-five consecutive calendar days of violation, the Office may adjust the per day penalty subject to the limits in (4)(a) taking into account the following aggravating and mitigating circumstances:
(i) Prior violation history and history of compliance
(ii) Good faith efforts to prevent violations
(iii) The size and financial capability of the data supplier.
R428-2-10. Exemptions and Extensions.
(1) The committee may grant exemptions or extensions from reporting requirements in Title R428 to data suppliers under certain circumstances.
(2) The committee may grant an exemption to a data supplier when the supplier demonstrates that compliance imposes an unreasonable cost.
(a) A data supplier may request an exemption from any particular requirement or set of requirements of Title R428. The data supplier must submit a request for exemption no less than 30 calendar days before the date the supplier would have to comply with the requirement.
(b) The committee may grant an exemption for a maximum of one calendar year. A data supplier wishing an additional exemption must submit an additional, separate request.
(3) The committee may grant an extension to a data supplier when the supplier demonstrates that technical or unforeseen difficulties prevent compliance.
(a) A data supplier may request an extension for any deadline required in Title R428. For each deadline for which the data supplier requests an extension, the data supplier must submit its request no less than seven calendar days before the deadline in question.
(b) The committee may grant an extension for a maximum of 30 calendar days. A data supplier wishing an additional extension must submit an additional, separate request.
(4) The supplier requesting an extension or exemption shall include:
(a) The data supplier's name, mailing address, telephone number, and contact person;
(b) the dates the exemption or extension is to start and end;
(c) a description of the relief sought, including reference to specific sections or language of the requirement;
(d) a statement of facts, reasons, or legal authority in support of the request; and
(e) a proposed alternative to the requirement or deadline.
(5) A carrier that covers fewer than 2,500 individual Utah residents as of January 1 of a given year is exempt from all requirements of this title except that once a carrier has covered a cumulative total of 2,500 such individuals during a calendar year, they are no longer considered exempt for the remainder of that year.
R428-2-11. Contractor Liability.
(1) A data supplier may contract with another entity to submit required data elements on their behalf under Title R428. In such cases, the data supplier must notify the Office of the identity and contact information of the contractor.
(2) Regardless of the existence of a contractor, the responsibility for complying with all requirements of Title R428 remains solely with the data supplier.
KEY: health, health policy, health planning
Date of Enactment or Last Substantive Amendment: [
November 30, 2015]
Notice of Continuation: November 30, 2011
Authorizing, and Implemented or Interpreted Law: 26-33a-104
More information about a Notice of Proposed Rule is available online.
The Portable Document Format (PDF) version of the Bulletin is the official version. The PDF version of this issue is available at https://rules.utah.gov/publicat/bull-pdf/2016/b20160215.pdf. The HTML edition of the Bulletin is a convenience copy. Any discrepancy between the PDF version and HTML version is resolved in favor of the PDF version.
Text to be deleted is struck through and surrounded by brackets ([
example]). Text to be added is underlined (). Older browsers may not depict some or any of these attributes on the screen or when the document is printed.
For questions regarding the content or application of this rule, please contact Mike Martin at the above address, by phone at 801-538-9205, by FAX at 801-538-9916, or by Internet E-mail at firstname.lastname@example.org; Stephanie Saperstein at the above address, by phone at 801-538-6430, by FAX at , or by Internet E-mail at email@example.com. For questions about the rulemaking process, please contact the Division of Administrative Rules.