Contexture maintains various policies and procedures on how participants may use the data within the Arizona HIE.  These policies and procedures are reviewed and approved by our Board of Directors. Contexture may also use health information provided by HIE Participants as required by law and as necessary to perform services for healthcare providers, health plans and others participating with the Arizona HIE.  The most current policies and procedures are listed below and can be downloaded for review.

HIE Policy Manual
On January 26, 2021, our Board of Directors approved changes to Arizona HIE Policy to address the new federal Information Blocking Rule, which took effect on April 1, 2021. Now consolidated into a health information exchange (HIE) Policy Manual, the following policies describe Contexture and Participants’ responsibilities for accessing data and making data available through the HIE. These updates are aimed at improving the functionality of the Arizona HIE and ensuring compliance with state and federal laws and regulations. Click here to review the Arizona HIE Policy Manual.

Brief summaries of the documents in the HIE Policy Manual are below:

Definitions Policy – consolidates definitions used throughout the HIE Policy Manual into a single reference.

Data Submission Policy – ensures that Data made accessible by Data Suppliers through the HIE is accessible in accordance with Applicable Law. Revised to remove the prohibition against sending genetic information due to amendment of ARS 12-2802.

HIE Notice and Opt Out Policy – combines two existing policies into one to explain Contexture and Participant responsibilities around providing individuals a copy of the Notice of Health Information Practices and the opportunity to opt out.

Permitted Use Policy – describes the specific purposes for which Participants may access Data through the HIE in accordance with Applicable Law and within the technical and operational framework that Contexture and its Participants can reasonably support. Revised to expand limited healthcare operations use case as required by the new Information Blocking Rule.

Minimum Necessary Standard Procedure – describes when the HIPAA minimum necessary standard applies and how to satisfy its requirements. Revised to establish clear process for responding to requests for data to comply with the new Information Blocking Rule.

Information Blocking Policy – supports Contexture’s and Participants’ commitment to facilitating the timely access, exchange and use of electronic health information (EHI) in compliance with Applicable Law. Outlines the exceptions described in the new Information Blocking Rule.

Individual Rights Policy – describes how Contexture and Participants will work together to honor individual rights (e.g., right to request copy of data available, accounting of disclosures) with respect to Data that is accessible through the HIE.

HIE Security and Maintenance Policy – describes the security and maintenance practices that are reasonable and necessary to protect the confidentiality, integrity, and availability of Data, and to maintain and improve the performance of the HIE.

Contexture Information Security Requirements – highlights some of Contexture’s Information Security Requirements for our Participants using our services.