OAR 409-021-0150
Denial of Requests to Inspect or Obtain Copies of Health Data


The Office shall deny requests to inspect health data, receive copies of public use health data sets, and receive copies of restricted health data sets in order to prevent uses that are not consistent with current agreements, policies, rules, regulations, or statutes.

(1)

The Office shall deny requests to examine health data or receive copies of health data for reasons that include, but are not limited to:

(a)

Fulfilling the request violates one or more of the Office’s current data use agreements with one or more other persons.

(b)

Fulfilling the request requires unreasonable interference with the Office’s regular discharge of duties.

(c)

Fulfilling the request requires disclosures that violate HIPAA privacy rules (45CFR parts 160 and 164).

(d)

Fulfilling the request requires disclosures that are an unreasonable invasion of privacy. If a request is denied for this reason, the burden is on the requestor to provide the Office clear and convincing evidence that fulfilling the data request is not an unreasonable invasion of privacy and that the public interest requires disclosing the requested data.

(2)

Nothing in these rules authorizes the Office to disclose health data in a form that allows easy and precise identification of individual patients or individual licensed health care professionals.

Source: Rule 409-021-0150 — Denial of Requests to Inspect or Obtain Copies of Health Data, https://secure.­sos.­state.­or.­us/oard/view.­action?ruleNumber=409-021-0150.

Last Updated

Jun. 8, 2021

Rule 409-021-0150’s source at or​.us