CHAPTER 368dd

HEALTH INFORMATION TECHNOLOGY
EXCHANGE OF CONNECTICUT

Table of Contents

Sec. 19a-750. Health Information Technology Exchange of Connecticut. Definitions. Powers of the authority. Board of directors. Chief executive officer. Grants. Advisory committee on patient privacy and security. Reports.

Sec. 19a-751. Establishment of subsidiaries.

Sec. 19a-752. State pledge to contractors.

Sec. 19a-753. Tax exemption.

Sec. 19a-754. Lead health information exchange organization for the state. Responsibilities.

Secs. 19a-755 to 19a-899. Reserved


Sec. 19a-750. Health Information Technology Exchange of Connecticut. Definitions. Powers of the authority. Board of directors. Chief executive officer. Grants. Advisory committee on patient privacy and security. Reports. (a) There is hereby created as a body politic and corporate, constituting a public instrumentality and political subdivision of the state created for the performance of an essential public and governmental function, the Health Information Technology Exchange of Connecticut, which is empowered to carry out the purposes of the authority, as defined in subsection (b) of this section, which are hereby determined to be public purposes for which public funds may be expended. The Health Information Technology Exchange of Connecticut shall not be construed to be a department, institution or agency of the state.

(b) For purposes of this section and sections 19a-751 to 19a-754, inclusive, “authority” means the Health Information Technology Exchange of Connecticut and “purposes of the authority” means the purposes of the authority expressed in and pursuant to this section, including the promoting, planning and designing, developing, assisting, acquiring, constructing, maintaining and equipping, reconstructing and improving of health care information technology. The powers enumerated in this section shall be interpreted broadly to effectuate the purposes of the authority and shall not be construed as a limitation of powers. The authority shall have the power to:

(1) Establish an office in the state;

(2) Employ such assistants, agents and other employees as may be necessary or desirable, which employees shall not be considered state employees under the provisions of chapters 66, 67 and 68;

(3) Establish all necessary or appropriate personnel practices and policies, including those relating to hiring, promotion, compensation, retirement and collective bargaining, which need not be in accordance with the provisions of chapter 66, 67 or 68, and the authority shall not be considered an appointing authority, as defined in subdivision (3) of section 5-196, or an employer, as defined in subsection (a) of section 5-270;

(4) Engage consultants, attorneys and other experts as may be necessary or desirable to carry out the purposes of the authority;

(5) Acquire, lease, purchase, own, manage, hold and dispose of personal property, and lease, convey or deal in or enter into agreements with respect to such property on any terms necessary or incidental to the carrying out of these purposes;

(6) Procure insurance against loss in connection with its property and other assets in such amounts and from such insurers as it deems desirable;

(7) Make and enter into any contract or agreement necessary or incidental to the performance of its duties and execution of its powers. The contracts entered into by the authority shall not be subject to the approval of any other state department, office or agency. However, copies of all contracts of the authority shall be maintained by the authority as public records, subject to the proprietary rights of any party to the contract;

(8) To the extent permitted under its contract with other persons, consent to any termination, modification, forgiveness or other change of any term of any contractual right, payment, royalty, contract or agreement of any kind to which the authority is a party;

(9) Receive and accept, from any source, aid or contributions, including money, property, labor and other things of value;

(10) Invest any funds not needed for immediate use or disbursement in obligations issued or guaranteed by the United States of America or the state and in obligations that are legal investments for savings banks in this state;

(11) Account for and audit funds of the authority and funds of any recipients of funds from the authority;

(12) Sue and be sued, plead and be impleaded, adopt a seal and alter the same at pleasure;

(13) Adopt regular procedures for exercising the power of the authority not in conflict with other provisions of the general statutes; and

(14) Do all acts and things necessary and convenient to carry out the purposes of the authority.

(c) (1) The Health Information Technology Exchange of Connecticut shall be managed by a board of directors. The board shall consist of the following members: The Lieutenant Governor, or his or her designee; the Commissioners of Public Health, Social Services, Consumer Protection and Administrative Services, or their designees; three appointed by the Governor, one of whom shall be a representative of a medical research organization, one of whom shall be an insurer or representative of a health plan and one of whom shall be an attorney with background and experience in the field of privacy, health data security or patient rights; three appointed by the president pro tempore of the Senate, one of whom shall have background and experience with a private sector health information exchange or health information technology entity, one of whom shall have expertise in public health and one of whom shall be a physician licensed under chapter 370 who works in a practice of not more than ten physicians and who is not employed by a hospital, health network, health plan, health system, academic institution or university; three appointed by the speaker of the House of Representatives, one of whom shall be a representative of hospitals, an integrated delivery network or a hospital association, one of whom shall have expertise with federally qualified health centers and one of whom shall be a consumer or consumer advocate; one appointed by the majority leader of the Senate, who shall be a primary care physician whose practice utilizes electronic health records; one appointed by the majority leader of the House of Representatives, who shall be a consumer or consumer advocate; one appointed by the minority leader of the Senate, who shall be a pharmacist or a health care provider utilizing electronic health information exchange; and one appointed by the minority leader of the House of Representatives, who shall be a large employer or a representative of a business group. The Secretary of the Office of Policy and Management and the Healthcare Advocate, or their designees, shall be ex-officio, nonvoting members of the board. The Commissioner of Public Health, or his or her designee, shall serve as the chairperson of the board.

(2) All initial appointments to the board shall be made on or before October 1, 2010. The initial term for the board members appointed by the Governor shall be for four years. The initial term for board members appointed by the speaker of the House of Representatives and the majority leader of the House of Representatives shall be for three years. The initial term for board members appointed by the minority leader of the House of Representatives and the minority leader of the Senate shall be for two years. The initial term for the board members appointed by the president pro tempore of the Senate and the majority leader of the Senate shall be for one year. Terms shall expire on September thirtieth of each year in accordance with the provisions of this subsection. Any vacancy shall be filled by the appointing authority for the balance of the unexpired term. Other than an initial term, a board member shall serve for a term of four years. No board member, including initial board members, may serve for more than two terms. Any member of the board may be removed by the appropriate appointing authority for misfeasance, malfeasance or wilful neglect of duty.

(3) The chairperson shall schedule the first meeting of the board, which shall be held not later than November 1, 2010.

(4) Any member appointed to the board who fails to attend three consecutive meetings or who fails to attend fifty per cent of all meetings held during any calendar year shall be deemed to have resigned from the board.

(5) Notwithstanding any provision of the general statutes, it shall not constitute a conflict of interest for a trustee, director, partner, officer, stockholder, proprietor, counsel or employee of any person, firm or corporation to serve as a board member, provided such trustee, director, partner, officer, stockholder, proprietor, counsel or employee shall abstain from deliberation, action or vote by the board in specific respect to such person, firm or corporation. All members shall be deemed public officials and shall adhere to the code of ethics for public officials set forth in chapter 10.

(6) Board members shall receive no compensation for their services, but shall receive actual and necessary expenses incurred in the performance of their official duties.

(d) The board shall select and appoint a chief executive officer who shall be responsible for administering the authority’s programs and activities in accordance with policies and objectives established by the board. The chief executive officer shall serve at the pleasure of the board and shall receive such compensation as shall be determined by the board. The chief executive officer (1) may employ such other employees as shall be designated by the board of directors; and (2) shall attend all meetings of the board, keep a record of all proceedings and maintain and be custodian of all books, documents and papers filed with the authority and of the minute book of the authority.

(e) The board shall direct the authority regarding: (1) Implementation and periodic revisions of the health information technology plan submitted in accordance with the provisions of section 74 of public act 09-232*, including the implementation of an integrated state-wide electronic health information infrastructure for the sharing of electronic health information among health care facilities, health care professionals, public and private payors, state and federal agencies and patients; (2) appropriate protocols for health information exchange; and (3) electronic data standards to facilitate the development of a state-wide integrated electronic health information system, as defined in subsection (a) of section 19a-25d, for use by health care providers and institutions that receive state funding. Such electronic data standards shall: (A) Include provisions relating to security, privacy, data content, structures and format, vocabulary and transmission protocols; (B) limit the use and dissemination of an individual’s Social Security number and require the encryption of any Social Security number provided by an individual; (C) require privacy standards no less stringent than the “Standards for Privacy of Individually Identifiable Health Information” established under the Health Insurance Portability and Accountability Act of 1996, P.L. 104-191, as amended from time to time, and contained in 45 CFR 160, 164; (D) require that individually identifiable health information be secure and that access to such information be traceable by an electronic audit trail; (E) be compatible with any national data standards in order to allow for interstate interoperability, as defined in subsection (a) of section 19a-25d; (F) permit the collection of health information in a standard electronic format, as defined in subsection (a) of section 19a-25d; and (G) be compatible with the requirements for an electronic health information system, as defined in subsection (a) of section 19a-25d.

(f) Applications for grants from the authority shall be made on a form prescribed by the board. The board shall review applications and decide whether to award a grant. The board may consider, as a condition for awarding a grant, the potential grantee’s financial participation and any other factors it deems relevant.

(g) The board may consult with such parties, public or private, as it deems desirable in exercising its duties under this section.

(h) The board shall establish an advisory committee on patient privacy and security. All members of such advisory committee shall be appointed by the chairperson of the board, provided any such appointed member shall have expertise in the field of privacy, health data security or patient rights. Appointed members of the advisory committee shall include, but not be limited to, a representative from a nonprofit research and educational organization dedicated to improving access to health care, a representative from a patient advocacy group, an ethicist, an attorney with expertise in health information technology and the protections set forth in the Health Insurance Portability and Accountability Act of 1996, P.L. 104-191 (HIPAA), the chief information officer of a hospital, an insurer or representative of a health plan and a primary care physician, engaged in active practice, who utilizes electronic health records. The advisory committee shall monitor developments in federal law concerning patient privacy and security relating to health information technology and shall report to the board on national and regional trends and federal policies and guidance set forth in this area. The board shall include information supplied by the advisory committee in the report submitted by the board pursuant to subsection (i) of this section. The chairperson of the advisory committee shall be appointed by the Lieutenant Governor from among the membership.

(i) Not later than February 1, 2011, and annually thereafter until February 1, 2016, the chief executive officer of the authority shall report, in accordance with section 11-4a, to the Governor and the General Assembly on (1) any private or federal funds received during the preceding year and, if applicable, how such funds were expended, (2) the amount and recipients of grants awarded, (3) the current status of health information exchange and health information technology in the state, and (4) the development of privacy practices and procedures to notify patients concerning the collection of patient health information and use of such information in the state-wide health information exchange, as described in section 19a-754.

(P.A. 10-117, S. 82; P.A. 11-51, S. 76; 11-242, S. 74; P.A. 12-197, S. 46.)

*Note: Section 74 of public act 09-232 is special in nature and therefore has not been codified but remains in full force and effect according to its terms.

History: P.A. 10-117 effective June 8, 2010; pursuant to P.A. 11-51, “Chief Information Officer of the Department of Information Technology” was changed editorially by the Revisors to “Commissioner of Administrative Services” in Subsec. (c)(1), effective July 1, 2011; P.A. 11-242 added new Subsec. (h) re advisory committee on patient privacy and security and redesignated existing Subsec. (h) as Subsec. (i), effective July 1, 2011; P.A. 12-197 amended Subsec. (a)(2) by replacing provision re employees exempt from classified service with provision re employees not considered state employees, amended Subsec. (a)(3) by adding provision re authority not an appointing authority and making technical changes and amended Subsec. (i) by adding Subdiv. (4) re privacy practices and procedures, effective June 15, 2012.

Sec. 19a-751. Establishment of subsidiaries. (a) The Health Information Technology Exchange of Connecticut may establish or designate one or more subsidiaries for the purpose of creating, developing, coordinating and operating a state-wide health information exchange, or for such other purposes as prescribed by resolution of the authority’s board of directors, which purposes shall be consistent with the purposes of the authority. Each subsidiary shall be deemed a quasi-public agency for purposes of chapter 12. The authority may transfer to any such subsidiary any moneys and real or personal property. Each such subsidiary shall have all the privileges, immunities, tax exemptions and other exemptions of the authority. A resolution of the authority shall prescribe the purposes for which each subsidiary is formed.

(b) Each such subsidiary may sue and shall be subject to suit, provided the liability of each such subsidiary shall be limited solely to the assets, revenues and resources of such subsidiary and without recourse to the general funds, revenues, resources or any other assets of the authority or any other subsidiary. Each such subsidiary shall have the power to do all acts and things necessary or convenient to carry out the purposes for which such subsidiary is established, including, but not limited to: (1) Solicit, receive and accept aid, grants or contributions from any source of money, property or labor or other things of value, subject to the conditions upon which such grants and contributions may be made, including, but not limited to, gifts, grants or loans from any department, agency or quasi-public agency of the United States or the state, or from any organization recognized as a nonprofit organization under Section 501(c)(3) of the Internal Revenue Code of 1986, or any subsequent corresponding internal revenue code of the United States, as amended from time to time; (2) enter into agreements with persons upon such terms and conditions as are consistent with the purposes of such subsidiary; and (3) acquire, take title, lease, purchase, own, manage, hold and dispose of real and personal property and lease, convey or deal in or enter into agreements with respect to such property.

(c) Each such subsidiary shall act through its board of directors, not less than fifty per cent of whom shall be members of the board of directors of the authority or their designees.

(d) The provisions of section 1-125 and this section shall apply to any officer, director, designee or employee appointed as a member, director or officer of any such subsidiary. Neither any such persons so appointed nor the directors, officers or employees of the authority shall be personally liable for the debts, obligations or liabilities of any such subsidiary as provided in said section 1-125. Each subsidiary shall, and the authority may, provide for the indemnification to protect, save harmless and indemnify such officer, director, designee or employee as provided by said section 1-125.

(e) The authority or any such subsidiary may take such actions as are necessary to comply with the provisions of the Internal Revenue Code of 1986, or any subsequent corresponding internal revenue code of the United States, as amended from time to time, to qualify and maintain any such subsidiary as a corporation exempt from taxation under said Internal Revenue Code.

(f) The authority may make loans or grants to, and may guarantee specified obligations of, any such subsidiary, following standard authority procedures, from the authority’s assets and the proceeds of its bonds, notes and other obligations, provided the source and security, if any, for the repayment of any such loans or guarantees is derived from the assets, revenues and resources of such subsidiary.

(P.A. 10-117, S. 83.)

History: P.A. 10-117 effective June 8, 2010.

Sec. 19a-752. State pledge to contractors. The state of Connecticut does hereby pledge to and agree with any person with whom the Health Information Technology Exchange of Connecticut may enter into contracts pursuant to the provisions of sections 19a-750 to 19a-753, inclusive, that the state will not limit or alter the rights hereby vested in the authority until such contracts and the obligations thereunder are fully met and performed on the part of the authority, provided nothing contained in this section shall preclude such limitation or alteration if adequate provision shall be made by law for the protection of such persons entering into contracts with the authority.

(P.A. 10-117, S. 84.)

History: P.A. 10-117 effective June 8, 2010.

Sec. 19a-753. Tax exemption. The Health Information Technology Exchange of Connecticut shall be and is hereby declared exempt from all franchise, corporate business, property and income taxes levied by the state or any municipality, provided nothing in this section shall be construed to exempt from any such taxes, or from any taxes levied in connection with the manufacture or sale of any products which are the subject of any agreement made by the authority, any person entering into any agreement with the authority.

(P.A. 10-117, S. 85.)

History: P.A. 10-117 effective June 8, 2010.

Sec. 19a-754. Lead health information exchange organization for the state. Responsibilities. (a) The Department of Public Health shall be the lead health information exchange organization for the state from July 1, 2009, to December 31, 2010, inclusive. The department shall seek private and federal funds, including funds made available pursuant to the federal American Recovery and Reinvestment Act of 2009, for the initial development of a state-wide health information exchange.

(b) On and after January 1, 2011, the Health Information Technology Exchange of Connecticut, created pursuant to section 19a-750, shall be the lead health information organization for the state. The authority shall continue to seek private and federal funds for the development and operation of a state-wide health information exchange. The Department of Public Health may contract with the authority to transfer unexpended federal funds received by the department pursuant to the federal American Recovery and Reinvestment Act of 2009, P.L. 111-05, if any, for the initial development of a state-wide health information exchange. The authority shall, within available resources, provide grants for the advancement of health information technology and exchange in this state, pursuant to subsection (f) of section 19a-750.

(c) The department shall facilitate the implementation and periodic revisions of the health information technology plan after the plan is initially submitted in accordance with the provisions of section 74 of public act 09-232*, including the implementation of an integrated state-wide electronic health information infrastructure for the sharing of electronic health information among health care facilities, health care professionals, public and private payors, state and federal agencies and patients until December 31, 2010. On and after January 1, 2011, the Health Information Technology Exchange of Connecticut shall be responsible for the implementation and periodic revisions of the health information technology plan.

(P.A. 09-232, S. 75; P.A. 10-117, S. 86.)

*Note: Section 74 of public act 09-232 is special in nature and therefore has not been codified but remains in full force and effect according to its terms.

History: P.A. 09-232 effective July 8, 2009 (Revisor’s note: In Subsec. (a), a reference to Sec. 19a-25d was changed editorially by the Revisors to Sec. 19a-25h for accuracy); this section was originally published as Sec. 19a-25g in the 2010 Supplement to the General Statutes; P.A. 10-117 amended Subsec. (a) by providing that Department of Public Health shall be lead health information exchange organization from July 1, 2009, to December 31, 2010, and deleting provision re department’s use of private or federal funds for health information technology pilot and grant programs described in Sec. 19a-25h, added new Subsec. (b) designating Health Information Technology Exchange of Connecticut as lead health information organization on and after January 1, 2011, redesignated existing Subsec. (b) as Subsec. (c) and amended same to delete former Subdiv. (2) re development of standards and protocols for privacy in sharing electronic health information and add provision re responsibility of Health Information Technology Exchange of Connecticut for health information technology plan, effective June 8, 2010.

Secs. 19a-755 to 19a-899. Reserved for future use.

Note: Chapters 368ee to 368kk are also reserved for future use.