2018 Maryland Code
Health - General
Title 18 - Disease Prevention
Subtitle 1 - General Responsibilities of Secretary
§ 18-109. ImmuNet Program
(a) Definitions. --
(1) In this section the following words have the meanings indicated.
(2) "Authorized user" means:
(i) A child care facility;
(ii) A health care provider;
(iii) A health insurer;
(iv) A health maintenance organization;
(v) An institution of higher learning;
(vi) A local health department;
(vii) A long-term care facility;
(viii) A managed care organization;
(ix) A nonprofit health service plan;
(x) A patient;
(xi) A school;
(xii) A school-based health center;
(xiii) In the case of a minor child, a parent or guardian; and
(xiv) Any other user designated by the Secretary.
(3) "ImmuNet" means a computerized information and reminder system to:
(i) Improve the timely and appropriate delivery of immunizations;
(ii) Provide a coordinated network for reminder notices when immunizations are due;
(iii) Provide and collect information to be shared by authorized users; and
(iv) Provide a quality indicator for the insurers' health care provider practices and public health purposes.
(4) "Refusal to permit" means the right of an individual or the parent or guardian of a minor to prevent disclosure to authorized users of individual identifiable information that was reported to ImmuNet.
(b) Established. -- There is an ImmuNet program in the Department.
(c) Use. -- Subject to subsection (d) of this section, an authorized user may use the information in ImmuNet for the following purposes:
(1) To provide coordinated immunization services, including sending reminder notices to individuals who need immunizations;
(2) To obtain an individual immunization history;
(3) To identify geographic areas or population groups that are under-immunized;
(4) To compile aggregate data and distribute statistical reports on the status of immunizations in geographic areas and population groups;
(5) To assist in the management of State and local immunization programs;
(6) To monitor the safety of vaccines;
(7) To assess compliance with immunization requirements by monitoring admissions to schools, institutions of higher learning, and child care facilities; and
(8) For any other purpose that the Secretary deems necessary to prevent the spread of communicable diseases.
(d) Confidential information. --
(1) An individual, or the parent or guardian of a minor child who has received an immunization, may refuse to permit disclosure of confidential information collected by ImmuNet, to an authorized user.
(2) If the individual or the parent or guardian of a minor child does not want the release of the individual's or child's confidential information, the individual or the parent or guardian of a minor child shall complete a "refusal to permit" form, provided by the Department, to be returned to the Department.
(3) The Secretary shall distribute "refusal to permit" forms to each health care provider who gives immunizations.
(4) The Department shall:
(i) Develop brochures about ImmuNet that:
1. Describe the benefits of ImmuNet for authorized users;
2. Describe privacy protections in ImmuNet;
3. Notify an individual of the right to refuse to permit disclosure to an authorized user;
4. Notify an individual that the individual may correct any inaccurate information;
5. Provide a list of addresses where an individual may obtain a form to request the correction or removal of inaccurate information from ImmuNet;
6. Explain the right of an individual who has received an immunization to have the individual's personal information kept confidential;
7. Describe the kind of information collected and retained by ImmuNet about an individual who receives an immunization;
8. Describe who has access to the information in ImmuNet; and
9. Describe how the information is used by ImmuNet; and
(ii) Distribute copies of the brochure to each health care provider who administers immunizations.
(5) Prior to administering immunizations to a newborn child, each birth hospital or birthing center shall distribute the form and the brochure described in paragraphs (2) and (4) of this subsection to the parent of a newborn child.
(6) A health care provider who administers an immunization, or the agent of the health care provider, shall:
(i) Provide the individual with a copy of the form and the brochure described in paragraphs (2) and (4) of this subsection; and
(ii) Notify the individual or the parent or guardian of a minor of the right to refuse to disclose to ImmuNet.
(e) Obtaining information. -- Subject to the provisions of subsection (d) of this section, information for ImmuNet may be obtained from:
(1) Any records owned or controlled by the Department, including Medicaid records, clinic records, and vital records;
(2) Any authorized user; and
(3) Any other source of information authorized by the Secretary for use.
(f) Limitation of use of information. -- Authorized users may not use the information in ImmuNet:
(1) To release or disclose information in ImmuNet that an individual has refused to disclose;
(2) To solicit new patients or clients; or
(3) For any other purpose unless authorized by the Secretary.
(g) Local immunization system. --
(1) A local health department may operate a local immunization system.
(2) A local health department operating a local immunization system shall be subject to the provisions of subsections (c) through (f) of this section.
(3) A local health department is required to submit information maintained in a local immunization system to ImmuNet in accordance with regulations adopted by the Secretary.
(h) Liability. -- An authorized user who in good faith discloses or does not disclose information to ImmuNet is not liable in any cause of action arising from the disclosure or nondisclosure of that information.
(i) Penalties. -- An authorized user, including an officer or employee of a governmental unit, who knowingly and willfully violates subsection (f) of this section is guilty of a misdemeanor and on conviction is subject to a fine not exceeding $ 1,000 for the first offense and not exceeding $ 5,000 for each subsequent offense.
(j) Collaborative agreements. -- If the confidentiality of records of Maryland citizens is protected, the Secretary may enter into collaborative agreements with other states for the purpose of sharing information about immunizations.
(k) Regulations. -- The Secretary shall adopt regulations to implement this section, including regulations specifying:
(1) The type and kind of information to be collected;
(2) Procedures for protecting the confidentiality of information in ImmuNet;
(3) The permissible use of information compiled by ImmuNet; and
(4) Standards for maintaining security and reliability of collected information in the system.