Indiana Code 16-38-5-3. Confidentiality of information; release of information to certain persons; data use agreement; release of statistics
(b) The state department may release information from the immunization data registry to the individual or to the individual’s parent or guardian if the individual is less than eighteen (18) years of age.
Terms Used In Indiana Code 16-38-5-3
- Guardian: A person legally empowered and charged with the duty of taking care of and managing the property of another person who because of age, intellect, or health, is incapable of managing his (her) own affairs.
- United States: includes the District of Columbia and the commonwealths, possessions, states in free association with the United States, and the territories. See Indiana Code 1-1-4-5
(1) The immunization data registry of another state.
(2) A provider or a provider’s designee.
(3) A local health department.
(4) An elementary or secondary school that is attended by the individual.
(5) A child care center that is licensed under IC 12-17.2-4 in which the individual is enrolled.
(6) A child care home that is licensed under IC 12-17.2-5 in which the individual is enrolled.
(7) A child care ministry that is registered under IC 12-17.2-6 in which the individual is enrolled.
(8) The office of Medicaid policy and planning or a contractor of the office of Medicaid policy and planning.
(9) A child placing agency licensed under IC 31-27.
(10) A college or university (as defined in IC 21-7-13-10) that is attended by the individual.
(11) An entity, including a private entity, for the purpose of outreach and education to increase immunization rates, if the following conditions are met:
(A) The entity provides the following written information to the state department:
(i) Information concerning the proposed outreach and education, including the information the entity needs from the immunization data registry.
(ii) How the entity intends to use the information.
(iii) The safeguards the entity will take to protect the identity of each individual whose records will be released.
(B) The state department determines the proposed safeguards are adequate to protect the identity of each individual whose records will be released.
(C) An agreement is executed between the state department and the entity that specifies the entity’s permitted use of the records and prohibits the release of names of individuals or any facts that may lead to the identification of an individual.
(12) The United States Centers for Disease Control and Prevention.
(13) An Indiana nonprofit entity that performs health data services for health care providers, if the state department executes a data use agreement with the entity that specifies the permitted use and disclosure of any released information.
(d) Before immunization data may be released to a person or an entity, the person or entity must enter into a data use agreement with the state department that provides that information that identifies a patient will not be released to any other person or entity without the written consent of the patient unless the release is to a person or entity described in subsection (c).
(e) The state department may release summary statistics regarding information in the immunization data registry to a person or entity that has entered into a data use agreement with the state department.
As added by P.L.231-1999, SEC.14. Amended by P.L.135-2003, SEC.3; P.L.161-2009, SEC.2; P.L.122-2012, SEC.7; P.L.171-2014, SEC.10; P.L.96-2017, SEC.3; P.L.218-2019, SEC.6; P.L.130-2021, SEC.14.