Home Table of Contents

§ 991.2131. Confidentiality

Purdon's Pennsylvania Statutes and Consolidated StatutesTitle 40 P.S. Insurance

Purdon's Pennsylvania Statutes and Consolidated Statutes
Title 40 P.S. Insurance (Refs & Annos)
Chapter 2. Insurance Companies (Refs & Annos)
Article XXI. Quality Health Care Accountability and Protection (Refs & Annos)
(e) Confidentiality
40 P.S. § 991.2131
§ 991.2131. Confidentiality
(a) A managed care plan and a utilization review entity shall adopt and maintain procedures to ensure that all identifiable information regarding enrollee health, diagnosis and treatment is adequately protected and remains confidential in compliance with all applicable Federal and State laws and regulations and professional ethical standards.
(b) To the extent a managed care plan maintains medical records, the plan shall adopt and maintain procedures to ensure that enrollees have timely access to their medical records unless prohibited by Federal or State law or regulation.
(c)(1) Information regarding an enrollee's health or treatment shall be available to the enrollee, the enrollee's designee or as necessary to prevent death or serious injury.
(2) Nothing in this section shall:
(i) Prevent disclosure necessary to determine coverage, review complaints or grievances, conduct utilization review or facilitate payment of a claim.
(ii) Deny the department, the Insurance Department or the Department of Public Welfare access to records for purposes of quality assurance, investigation of complaints or grievances, enforcement or other activities related to compliance with this article and other laws of this Commonwealth. Records shall be accessible only to department employes or agents with direct responsibilities under the provisions of this subparagraph.
(iii) Deny access to information necessary for a utilization review entity to conduct a review under this article.
(iv) Deny access to the managed care plan for internal quality review, including reviews conducted as part of the plan's quality oversight process. During such reviews, enrollees shall remain anonymous to the greatest extent possible.
(v) Deny access to managed care plans, health care providers and their respective designees for the purpose of providing patient care management, outcomes improvement and research. For this purpose, enrollees shall provide consent and shall remain anonymous to the greatest extent possible.


1921, May 17, P.L. 682, No. 284, § 2131, added 1998, June 17, P.L. 464, No. 68, § 1, effective Jan. 1, 1999.
40 P.S. § 991.2131, PA ST 40 P.S. § 991.2131
Current through 2020 Regular Session Act 140. Some statute sections may be more current, see credits for details.
End of Document© 2021 Thomson Reuters. No claim to original U.S. Government Works.