HB 3057 passed both houses authorizing Oregon Health Authority to disclose individually identifiable information related to COVID-19 to certain persons and under certain circumstances. Sunsets June 30, 2022. Declares emergency, effective on passage.
Senator Boquist provided a Vote Explanation stating:
“HB 3057 is an Oregon Health Authority end run on HIPAA confidential patient health information very likely in violation of federal law. Likely a statute designed to shield OHA from its illegal activities during the symptomatic Covid-19 political pandemic in which OHA locked seniors in homes to intentionally perish. Classic crimes against humanity. Oddly, the bill attempts to re-define Covid-19 directly to only cases of SARSCoV-2 instead of their own OHA CDC definition of symptomatic Covid-19 which is 16 times broader per the CDC’s own data. It the bill’s definition were strictly applied cases would plummet, however, the definition cannot be correct. Nor does OHA display any competency what-so-ever to be given any additional authority. The Carrier was quite clear the intent was to allow nurses and bureaucrats not involved in patient care to access a citizens medical records on a computer system without either the patient or patient’s providers knowledge. The Carrier stated the intent was to protect nurses from exposure that were not patient providers. The Carrier could not provide a reason for the need of this bill at this time when questioned. The Carrier could not identify a fiscal impact except computer access above. The bill certainly allows a completely incompetent Oregon Health Authority to weaponize patient data in Section 1(1)(b) for bureaucrats to target patient providers while covering both their criminal and civil liability. Sections 4, 5 and 6 were repudiated by the Carrier in lieu of a widespread computer access by non-providers while Section 7 then attempts to indicate the exact opposite of the bill’s stated intent claiming the patient information cannot be released. Page 2 Line 3 allows OHA to release patient information for any reason it deems necessary. Written Testimony in OLIS in support does not appear to match the text of the bill just as the Carrier’s statements do not match the bill.”
The Legislature rationalized the passage by posting:
According to the United States Department of Health and Human Services Office of Civil Rights (OCR), the federal Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule allows law enforcement, paramedics, and public health authorities to disclose protected health information (PHI) of an individual infected with, or exposed to, COVID-19. For public health purposes, federal law allows covered entities such as hospitals to disclose PHI with federal, state, and local health departments, if authorized to collect or receive PHI for public health surveillance and investigations. On Dec. 18, 2020, OCR issued guidance to clarify HIPAA and disclosure of PHI during the COVID-19 pandemic through health information exchanges (HIEs). HIEs allow organizations to share information electronically, often through electronic health record systems (EHRs). OCR’s guidance clarifies that certain health care entities may disclose PHI to an HIE organization if reporting is for public health activities and disclosure is required by federal, state, or local law. HB 3057 allows the Oregon Health Authority to disclose protected health information for public health purposes during the COVID-19 pandemic.
Date: 2021-05-17 02:40