Section 246-08-390. Acquisition, retention and security of health care information.  

This section sets forth the process by which the department of health or disciplining authority obtains and protects health care information under RCW 70.02.050. This section does not apply to health care information obtained by the department through other sources.

(1) Acquisition.

(a) The department shall request health care information in writing.

(b) Health care providers shall provide the requested information pursuant to RCW 70.02.050.

(2) Retention. The department shall maintain health care information obtained under this section as long as necessary to perform agency functions.

(3) Security. The department shall secure the records and protect confidentiality.

(a) The manager of the program within the department that requested the records shall act as the custodian of records, and shall provide access to the information only as necessary to perform agency responsibilities.

(b) The custodian shall monitor the location and security of the information.

(4) The department shall not make health care information obtained under RCW 70.02.050 available for public inspection and copying except as may be required by chapter 42.17 RCW. No health care information containing patient identifying data shall be made available for public inspection and copying under chapter 42.17 RCW. Health care information obtained under this section may be released to public agencies or entities as required by law or upon agreement by the agency or entity that the health care information will be used only for authorized statutory purposes and will not be disclosed further.