TITLE 16

Health and Safety

Delaware Health Information Network

CHAPTER 103. Delaware Health Information Network

Subchapter II. The Delaware Health Care Claims Database

§ 10311. The Delaware Health Care Claims Database — Findings; purpose; creation.

(a) The General Assembly finds that:

(1) The establishment of effective health-care data analysis and reporting initiatives is essential to achieving the “Triple Aim” of the State’s ongoing health-care innovation efforts: improved health, health-care quality and experience, and affordability for all Delawareans.

(2) The ongoing work of the Delaware Center for Health Innovation to transform the State’s health-care system from a fee-for-service system to a value-based system that rewards health-care providers for quality and efficiency of care is a worthy effort, and, to that end, the General Assembly supports the establishment of a health-care claims database to assist in the State’s efforts to achieve the Triple Aim.

(3) Claims data is an important component of population health research and analysis, and that appropriate access to claims data can facilitate the development of value-based health-care purchasing and the study of the prevalence of illness or injury across the broader population of Delaware and in particular communities or neighborhoods.

(4) Providers and other health-care entities accepting financial risk for managing the health-care needs of a population, including the State as a self-insured employer, should have access to claims data as necessary to effectively manage that risk.

(b) The purpose of this subchapter is to create a centralized health-care claims database to enable the State to more effectively understand utilization across the continuum of health care in Delaware and achieve the Triple Aim.

(c) DHIN, assisted by the Department of Health and Social Services and the Delaware Health Care Commission as necessary, shall administer a centralized health-care claims database, known as the “Delaware Health Care Claims Database.”

(d) The Delaware Health Care Claims Database is created within DHIN to facilitate data-driven, evidence-based improvements in access, quality, and cost of health care and to promote and improve the public health through increased transparency of accurate health-care claims data and information. DHIN shall collect and maintain claims data under this subchapter.

80 Del. Laws, c. 329, §  583 Del. Laws, c. 137, § 10

§ 10312. Definitions [Amendments to paragraph (5) of this section by 83 Del. Laws, c. 137, § 11, subject to contingent repeal under § 17 of that act].

As used in this chapter, unless amended, supplemented, or otherwise modified by regulations adopted under this chapter:

(1) “Board” means the Delaware Health Information Network Board of Directors.

(2) “Claims data” includes required claims data and additional health-care claims information that a voluntary reporting entity may elect, through entry into an appropriate data submission and use agreement under this subchapter, to submit to the Delaware Health Care Claims Database.

(3) “DHIN” means the Delaware Health Information Network.

(4) “Health-care services” means as defined in § 6403 of Title 18.

(5) “Health insurer” means as defined in § 4004 of Title 18. “Health insurer” does not include a provider of any of the following:

a. Casualty insurance, as “casualty insurance” is defined under § 906 of Title 18.

b. Group long-term care insurance, as “group long-term care insurance” is defined in § 7103 of Title 18.

c. A dental plan, as “dental plan” is defined under § 3802 of Title 18.

d. A dental plan organization, as “dental plan organization” defined under § 3802 of Title 18.

(6) “Mandatory reporting entity” means each of the following entities, to the extent permitted under federal law:

a. 1. The State Employee Benefits Committee and the Office of Management and Budget, under each entity’s respective statutory authority to administer the State Group Health Insurance Program in Chapter 96 of Title 29.

2. A health insurer, third-party administrator, or other entity that receives or collects charges, contributions, or premiums for, or adjusts or settles health claims for, a State employee, or a spouse or dependent of a State employee, participating in the State Group Health Insurance Program. However, a carrier, as defined in § 5290 of Title 29, that the State Group Health Insurance Program has selected to offer supplemental insurance program coverage under Chapter 52C of Title 29 is not included in the definition of “mandatory reporting entity” .

b. The Division of Medicaid and Medical Assistance, with respect to services provided under programs administered under Titles XIX and XXI of the Social Security Act (42 U.S.C. §§ 1396 et seq. and 1397aa et seq.).

c. A health insurer or other entity that is certified as a qualified health plan on the Delaware Health Insurance Marketplace for plan year 2017 or a subsequent plan year. However, a health insurer or other entity that is not otherwise required to provide claims data as a condition of certification as a qualified health plan on the Delaware Health Insurance Marketplace for plan year 2017 or a subsequent plan year is not included in the definition of “mandatory reporting entity” .

d. A federal health insurance plan providing health-care services to a resident of this State, including Medicare and the Federal Employees Health Benefits Plan.

e. A health insurer providing health-care coverage to a resident of this State.

(7) “Pricing information” includes all of the following:

a. The preadjudicated price that a provider or facility charges to a reporting entity for health-care services.

b. The amount a patient or insured individual pays, including copays and deductibles.

c. The postadjudicated price that a reporting entity pays to a provider for health-care services.

(8) “Provider” means a hospital or health-care practitioner that is licensed, certified, or authorized under state law to provide health-care services. “Provider” includes a hospital or health-care practitioner participating in a group arrangement, including an accountable care organization, in which the hospital or health-care practitioner agrees to assume responsibility for the quality and cost of health care for a designed group of beneficiaries.

(9) “Reporting date” means a calendar deadline that is scheduled on a regularly recurring basis, by which a mandatory reporting entity must submit required claims data to the Delaware Health Care Claims Database.

(10) “Required claims data” includes the basic claims information that a mandatory reporting entity must submit to the Delaware Health Care Claims Database by the reporting date, including all of the following:

a. Basic demographic information, including the patient’s gender, age, and geographic area of residency.

b. Basic information relating to an individual service, encounter, visit, or episode of care, including all of the following:

1. The date and time of a patient’s admission and discharge.

2. The identity of the health-care services provider.

3. The location and type of facility, such as a hospital, office, or clinic, where the service, encounter, visit, or episode of care was provided.

c. Information describing the nature of health-care services provided to the patient in connection with the service, encounter, visit, or episode of care, including diagnosis codes.

d. Health insurance product type, such as HMO or PPO.

e. Pricing information.

(11) “Third-party administrator” means as defined in § 102 of Title 18.

(12) “Voluntary reporting entity” includes, except as prohibited under applicable federal law, any of the following entities, unless the entity is a mandatory reporting entity:

a. A health insurer.

b. A third-party administrator.

c. An entity that is not a health insurer or third-party administrator, if the entity receives or collects charges, contributions, or premiums for, or adjusts or settles health-care claims for, residents of this State.

80 Del. Laws, c. 329, §  581 Del. Laws, c. 79, §  3281 Del. Laws, c. 392, § 383 Del. Laws, c. 137, §§   11, 17

§ 10313. Submission of required claims data by mandatory reporting entities; submission of claims data by voluntary reporting entities.

(a) Requirements for submission of required claims data by a mandatory reporting entity.

(1) A mandatory reporting entity shall submit required claims data to the Delaware Health Care Claims Database by the reporting date.

(2) DHIN is subject to the provisions of this subchapter and regulations promulgated under this subchapter, and shall collect the required claims data from mandatory reporting entities by the reporting date.

(3) DHIN shall, under § 10306 of this title, promulgate a template form for a data submission and use agreement for a mandatory reporting entity to use to submit required claims data.

(4) DHIN and each mandatory reporting entity must execute a mutually acceptable data submission and use agreement. The agreement must include procedures for submission, collection, aggregation, and distribution of claims data and must provide for, at a minimum, all of the following:

a. The protection of patient privacy and data security under this chapter and state and federal privacy laws, including all of the following:

1. The Health Insurance Portability and Accountability Act (P.L. 104-191).

2. Titles XIX and XXI of the Social Security Act (42 U.S.C. §§ 1396 et seq. and 1397aa et seq.).

3. The Health Information Technology for Economic and Clinical Health (HITECH) Act (42 U.S.C. §§ 300jj et seq. and 17901 et seq.).

4. All other applicable state and federal laws relating to the privacy and security of protected health information.

b. The identification of claims data that the mandatory reporting entity elects to submit to the Delaware Health Care Claims Database in addition to the required claims data.

c. A detailed summary of how claims data that the mandatory reporting entity submits may be used for geographic, demographic, economic, and peer group comparisons.

d. A representation and warranty that DHIN shall, to the fullest extent possible, abide by nationally recognized data collection standards and methods, including the standards promulgated by the APCD Council or successor organization, to establish and maintain the database in a cost-effective manner and facilitate uniformity among various health-care claims databases of other states and specification of data fields included in submitted claims. DHIN may allow for an exemption when a submitting entity does not collect the specified data or pay on a per-claim basis.

(5) Exclusions from required claims data reporting requirement. The required claims data reporting requirements under this subchapter, and rules and regulations promulgated under this chapter, do not apply to required claims data created for an employee welfare benefit plan or other employee health plan that is regulated by the Employee Retirement Income Security Act of 1974 (ERISA), 88 Stat. 829, as amended, 29 U.S.C. § 1001 et seq., unless otherwise permitted by federal law or regulation.

(b) Submission of claims data by a voluntary reporting entity.

(1) DHIN shall collect claims data from a voluntary reporting entity under the terms and conditions of the applicable data submission and use agreement.

(2) DHIN may promulgate regulations to clarify the types of claims data that a voluntary reporting entity may submit.

(3) DHIN and a voluntary reporting entity that elects to submit claims data to the Delaware Health Care Claims Database shall execute a mutually acceptable data submission and use agreement. DHIN shall publish a template form data submission and use agreement that includes the required data submission and use agreement provisions under paragraph (a)(4) of this section.

(c) Unless modified or supplemented by regulations promulgated under this chapter, if more than 1 entity is involved in the administration of a policy, the health insurer is responsible for submitting the claims data on policies that it has written, and the third-party administrator is responsible for submitting claims data on self-insured plans that it administers.

80 Del. Laws, c. 329, §  583 Del. Laws, c. 137, § 12

§ 10314. External and public reporting of claims data.

(a) DHIN shall provide Delaware health-care payers, providers, and purchasers with access to the Delaware Health Care Claims Database for the purpose of facilitating the design and evaluation of alternative delivery and payment models, including population health research and provider risk-sharing arrangements.

(1) Claims data provided to the Delaware Health Care Claims Database may be provided to a requesting person only when a majority of the DHIN Board of Directors, or of a subcommittee established under DHIN’s bylaws for purposes of administering the Health Care Claims Database, determines that the claims data should be provided to the requesting person to facilitate the purposes of this subchapter or to the Delaware Health Care Commission.

a. A written determination under this paragraph (a)(1) must be provided to the requesting person.

b. A determination under this paragraph (a)(1) is final and not subject to appeal. A requesting person does not have a private right of action against DHIN or another person to enforce this section.

(2) DHIN shall, in consultation with the Delaware Health Care Commission, promulgate rules and regulations regarding the appropriate form and content of an application to receive claims data, providing examples of requests for claims data that will generally be deemed consistent with the purposes of this subchapter.

(b) Claims data provided to a requesting person under this section must be provided under DHIN’s existing confidentiality and data security protocols and in compliance with applicable state and federal laws relating to the privacy and security of protected health information, including compliance, to the fullest extent practicable consistent with the purposes under this subchapter, with guidance found in Statement 6 of the Department of Justice and Federal Trade Commission Enforcement Policy regarding the exchange of price and cost information. A provider or purchaser must maintain individually identifiable patient health information under all applicable state and federal laws relating to the confidentiality and security of protected health information, including privacy and security requirements under regulations promulgated under this chapter.

(c) (1) For the purposes of public health improvement research and activities, DHIN shall provide access, at no cost, to all claims data reported by the Delaware Health Care Claims Database under this subchapter to the following state agencies:

a. Office of Management and Budget.

b. State Employee Benefits Committee.

c. Division of Public Health.

d. State Council for Persons with Disabilities.

e. Division of Medicaid and Medical Assistance.

f. Department of Insurance.

g. Delaware Health Care Commission.

(2) A state agency under paragraph (c)(1) of this section may enter into an appropriate agreement with DHIN to allow DHIN to perform data warehousing and analytics functions that the state agency, or an entity on behalf of the state agency, has performed under the state agency’s authority.

(d) DHIN may promulgate regulations to make available to the public certain data extracts and analyses that is not individually identifiable, as DHIN determines is consistent with, and necessary to, achieve the goals and policies of this subchapter. Before the data extracts and analyses, the process under subsection (e) of this section must be completed.

(e) (1) DHIN shall promulgate regulations to notify a mandatory reporting entity or voluntary reporting entity when claims data that the mandatory reporting entity or voluntary reporting entity submitted may be released for a purpose permitted under this subchapter.

(2) DHIN shall provide the mandatory reporting entity or voluntary reporting entity with an opportunity to comment on the data release request prior to its release.

(3) Prior to the data release, DHIN shall review, consider, and respond to comments that a mandatory reporting entity or voluntary reporting entity submits during the comment period.

(4) If a mandatory reporting entity or voluntary reporting entity identifies a party requesting the release of data as a potential competitor of the reporting entity, DHIN shall limit disclosure of pricing information that includes postadjudicated claims data, to the fullest extent practicable and consistent with the purposes of this subchapter, to a summary format that allows for analysis without revealing contracted pricing information.

(5) If a mandatory reporting entity or voluntary reporting entity identifies a person requesting the release of data as a potential competitor of the reporting entity, DHIN shall limit disclosure of pricing information that includes postadjudicated claims data, to the fullest extent practicable and consistent with the purposes of this subchapter, to a summary format that allows for analysis without revealing contracted pricing information.

(f) The DHIN shall promulgate regulations to ensure confidentiality, privacy, and security protections of health-care data and all other information that DHIN collects, stores, or releases, subject to applicable state and federal health-care privacy, confidentiality, and data security laws.

80 Del. Laws, c. 329, §  581 Del. Laws, c. 392, § 482 Del. Laws, c. 156, § 182 Del. Laws, c. 229, § 183 Del. Laws, c. 137, § 13

§ 10315. Funding the Delaware Health Care Claims Database.

(a) DHIN may not require any mandatory reporting entity, voluntary reporting entity, or provider to pay a cost or fee to submit or verify the accuracy of claims data or otherwise to enable the operation of the Delaware Health Care Claims Database with respect to required claims data submissions.

(b) DHIN may enter a contract under § 10303(a)(11) of this title with a person that voluntarily subscribes to access the database.

(c) DHIN, with the assistance of the Department of Health and Social Services, shall develop short-term and long-term funding strategies for the creation and operation of the Delaware Health Care Claims Database. The strategies may include any of the following:

(1) Public and private grant funding.

(2) Subscriptions for access to data reports, access fees, and revenue for specific data projects, subject to the limitations of this section.

80 Del. Laws, c. 329, §  583 Del. Laws, c. 137, § 14