Article - Health - General
(a) (1) In this section the following words have the meanings indicated.
(2) “Authorized user” means:
(i) A child care facility;
(ii) A health care provider;
(iii) A health insurer;
(iv) A health maintenance organization;
(v) An institution of higher learning;
(vi) A local health department;
(vii) A long–term care facility;
(viii) A managed care organization;
(ix) A nonprofit health service plan;
(x) A patient;
(xi) A school;
(xii) A school–based health center;
(xiii) In the case of a minor child, a parent or guardian; and
(xiv) Any other user designated by the Secretary.
(3) “Health care provider” means a licensed health care practitioner authorized under the Health Occupations Article to administer vaccines in the State.
(4) “ImmuNet” means a computerized information and reminder system to:
(i) Improve the timely and appropriate delivery of immunizations;
(ii) Provide a coordinated network for reminder notices when immunizations are due;
(iii) Provide and collect information to be shared by authorized users; and
(iv) Provide a quality indicator for the insurers’ health care provider practices and public health purposes.
(5) “Immunization” means the process by which an individual becomes protected against a disease including, as the result of having a disease, receiving a vaccination, or receiving preformed antibodies.
(6) “Refusal to permit” means the right of an individual or the parent or guardian of a minor to prevent disclosure to authorized users of individual identifiable information that was reported to ImmuNet.
(7) “Vaccination” means the administration of a killed or weakened infectious organism to prevent disease caused by that organism.
(8) “Vaccine” means a substance that:
(i) May be administered by injection, mouth, or aerosol; and
(ii) Produces immunity that protects the body from a disease.
(b) There is an ImmuNet program in the Department.
(c) Subject to subsection (d) of this section, an authorized user may use the information in ImmuNet for the following purposes:
(1) To provide coordinated immunization services, including sending reminder notices to individuals who need immunizations;
(2) To obtain an individual immunization history;
(3) To identify geographic areas or population groups that are underimmunized;
(4) To compile aggregate data and distribute statistical reports on the status of immunizations in geographic areas and population groups;
(5) To assist in the management of State and local immunization programs;
(6) To monitor the safety of vaccines;
(7) To assess compliance with immunization requirements by monitoring admissions to schools, institutions of higher learning, and child care facilities; and
(8) For any other purpose that the Secretary deems necessary to prevent the spread of communicable diseases.
(d) (1) An individual, or the parent or guardian of a minor child who has received a vaccination, may refuse to permit disclosure of confidential information collected by ImmuNet, to an authorized user.
(2) If the individual or the parent or guardian of a minor child does not want the release of the individual’s or child’s confidential information, the individual or the parent or guardian of a minor child shall complete a “refusal to permit” form, provided by the Department, to be returned to the Department.
(3) The Secretary shall make available “refusal to permit” forms to each health care provider who gives vaccinations.
(4) The Department shall:
(i) Develop brochures about ImmuNet that:
1. Describe the benefits of ImmuNet for authorized users;
2. Describe privacy protections in ImmuNet;
3. Notify an individual of the right to refuse to permit disclosure to an authorized user;
4. Notify an individual that the individual may correct any inaccurate information;
5. Provide a list of addresses where an individual may obtain a form to request the correction or removal of inaccurate information from ImmuNet;
6. Explain the right of an individual who has received a vaccination to have the individual’s personal information kept confidential;
7. Describe the kind of information collected and retained by ImmuNet about an individual who receives a vaccination;
8. Describe who has access to the information in ImmuNet; and
9. Describe how the information is used by ImmuNet; and
(ii) Make the brochure available to each health care provider who administers vaccines.
(5) Prior to administering vaccines to a newborn child, each birth hospital or birthing center shall distribute the form and the brochure described in paragraphs (2) and (4) of this subsection to the parent of a newborn child.
(6) (i) Except as provided in subparagraph (ii) of this paragraph, a health care provider who administers a vaccine, or the agent of the health care provider, shall:
1. Provide the individual with a copy of the form and the brochure described in paragraphs (2) and (4) of this subsection;
2. Notify the individual or the parent or guardian of a minor of the right to refuse to disclose to ImmuNet; and
3. Report to ImmuNet all vaccines administered.
(ii) Subparagraph (i) of this paragraph does not apply to a health care provider, or an agent of a health care provider, who administers a vaccine in a nursing facility, an assisted living program, a continuing care retirement community, or a medical day care program.
(e) Subject to the provisions of subsection (d) of this section, information for ImmuNet may be obtained from:
(1) Any records owned or controlled by the Department, including Medicaid records, clinic records, and vital records;
(2) Any authorized user; and
(3) Any other source of information authorized by the Secretary for use.
(f) Authorized users may not use the information in ImmuNet:
(1) To release or disclose information in ImmuNet that an individual has refused to disclose;
(2) To solicit new patients or clients; or
(3) For any other purpose unless authorized by the Secretary.
(g) (1) A local health department may operate a local immunization system.
(2) A local health department operating a local immunization system shall be subject to the provisions of subsections (c) through (f) of this section.
(3) A local health department is required to submit information maintained in a local immunization system to ImmuNet in accordance with regulations adopted by the Secretary.
(h) An authorized user who in good faith discloses or does not disclose information to ImmuNet is not liable in any cause of action arising from the disclosure or nondisclosure of that information.
(i) An authorized user, including an officer or employee of a governmental unit, who knowingly and willfully violates subsection (f) of this section is guilty of a misdemeanor and on conviction is subject to a fine not exceeding $1,000 for the first offense and not exceeding $5,000 for each subsequent offense.
(j) If the confidentiality of records of Maryland citizens is protected, the Secretary may enter into collaborative agreements with other states for the purpose of sharing information about immunizations.
(k) The Secretary shall adopt regulations to implement this section, including regulations specifying:
(1) The type and kind of information to be collected;
(2) Procedures for protecting the confidentiality of information in ImmuNet;
(3) The permissible use of information compiled by ImmuNet; and
(4) Standards for maintaining security and reliability of collected information in the system.