- (1) These rules establish requirements applicable to providers, PHPs, and allied agencies that want to conduct electronic data transactions with the Department. These rules govern the conduct of all web portal or EDI transactions with the Department. These rules only apply to services or items that are paid for by the Department. If the service or item is paid for by a plan or an allied agency, these rules do not apply.
- (2) These rules establish the Department’s electronic data transaction requirements for purposes of the Health Insurance Portability and Accountability Act of 1996, 42 USC 1320d–1320d-8, Public Law 104-191, sec. 262 and sec. 264, and the implementing standards for electronic transactions rules. Where a federal HIPAA standard has been adopted for an electronic data transaction, this rule implements and does not alter the federal standard.
- (3) These rules establish procedures that must be followed by any provider, PHP, or allied agency in the event of a security or privacy incident, regardless of whether the incident is related to the use of an electronic data transaction.
Statutory/Other Authority
ORS 409.050 & 414.065
Statutes/Other Implemented
ORS 414.065
History
Renumbered from 410-001-0110, DHSD 1-2008, f. & cert. ef. 2-1-08
DMAP 30-2007(Temp), f. 12-31-07, cert. ef. 1-1-08 thru 6-28-08
OMAP 55-2003, f. & cert. ef. 8-22-03
OMAP 25-2003(Temp), f. & cert. ef. 3-21-03 thru 9-8-03