§ 61.12 - Requesting information from the Healthcare Integrity and Protection Data Bank.  

(a) Who may request information and what information may be available. Information in the HIPDB will be available, upon request, to the following persons or entities, or their authorized agents—

(1) Federal and State Government agencies;

(2) Health plans;

(3) A health care practitioner, provider, or supplier requesting information concerning himself, herself or itself; and

(4) A person or entity requesting statistical information, which does not permit identification of any individual or entity. (For example, researchers can use statistical information to identify the total number of practitioners excluded from the Medicare and Medicaid programs. Similarly, health plans can use statistical information to develop outcome measures in their efforts to monitor and improve quality care.)

(b) Procedures for obtaining HIPDB information. Eligible individuals and entities may obtain information from the HIPDB by submitting a request in such form and manner as the Secretary may prescribe. These requests are subject to fees set forth in §61.13. The HIPDB will comply with the Department's principles of fair information practice by providing each subject of a report with a copy when the report is entered into the HIPDB.

(c) Information provided in response to self-queries. (1) At the time subjects request information as part of a “self-query,” the subject will receive—

(i) Any report(s) in the HIPDB specific to them; and

(ii) A disclosure history from the HIPDB of the name(s) of any entity (or entities) that have previously received the report(s).

(2) The disclosure history will be restricted in accordance with the Privacy Act regulations set forth in 45 CFR part 5b.