CHAPTER 1 HEALTH GENERAL PROVISIONS
PART 31 STATEWIDE HEALTH CARE CLAIMS
DATABASE
7.1.31.1 ISSUING
AGENCY: New Mexico Department of Health.
[7.1.31.1 NMAC - N, 04/20/2021]
7.1.31.2 SCOPE: These
regulations govern the creation and maintenance of a repository of healthcare
claims data to be used to increase the quality and effectiveness of health care
delivered in New Mexico.
[7.1.31.12 NMAC - N, 04/20/2021]
7.1.31.3 STATUTORY
AUTHORITY: The requirements set forth herein are promulgated by the
secretary of the department of health pursuant to the authority granted under
Subsection E of Section 9-7-6, NMSA 1978, and the Health Information System
Act, 24-14A-1 et seq. NMSA 1978.
[7.1.31.3 NMAC - N, 04/20/2021]
7.1.31.4 DURATION: Permanent.
[7.1.31.4 NMAC - N, 04/20/2021]
7.1.31.5 EFFECTIVE
DATE: April
20, 2021, unless a later date is cited at the end of a section.
[7.1.31.5 NMAC - N, 04/20/2021]
7.1.31.6 OBJECTIVE: The
objective of this rule is to establish provisions that govern the creation,
maintenance, and usage of a repository of healthcare claims data for the
purpose of improving health care cost and quality.
[7.1.31.6 NMAC - N, 04/20/2021]
7.1.31.7 DEFINITIONS:
A. “Allowed
amount” means the negotiated amount
eligible for payment for a health care service or item rendered by a provider.
B. “Billed amount” means
the amount billed by a provider requesting payment for health care services or
items rendered.
C. “Claim”
means a financial accounting of or a request for payment for health care items
or services rendered by a provider.
D. “Data” means the data required by this
rule to be submitted to this database, including data on the following health
factors: mortality and natality, including accidental causes of death;
morbidity; health behavior; disability; health system costs, availability, utilization
and revenues; environmental factors; health personnel; demographic factors;
social, cultural and economic conditions affecting health, including language
preference; family status; medical and practice outcomes as measured by
nationally accepted standards and quality of care; and participation in
clinical research trials.
E. “Data provider” means a person that
possesses health information, including any public or private sector licensed
health care practitioner, primary care clinic, ambulatory surgery center,
ambulatory urgent care center, ambulatory dialysis unit, home health agency,
long-term care facility, hospital, pharmacy, third-party payer and any public
entity that has health information.
F. “Database” means
the statewide all-payer health care claims database established in this rule.
G. “Department”
means the department of health.
H. “Direct patient identifier” means a data variable that identifies an individual,
I. “ERISA plan"
means an employee welfare benefit plan to the extent that the plan provides
medical care to employees or their dependents under the Employee Retirement
Income Security Act of 1974 directly or through insurance, reimbursement or
other means.
J. “Health information” or “health data” means any data relating
to health care; health status, including environmental, social and economic
factors; a health system or provider; health costs, financing, and including
data that would customarily be collected in the ordinary course of business for
the data provider; annual audited financial statements customarily prepared by
a data provider; information on major capital expenditures; data established by
regulation to be collected to carry out the requirements of the Health
Information System Act; data required to be collected by other state or federal
laws; and annual surveys or collection of data may be used as an alternative to
collection of health data from some health service providers to the extent it
can be shown that the information collected will meet validity and quality
standards.
K. “Health
information system” or “HIS” means
the health information system established by the
Health Information System Act,
Sections 24-14A-1 to 24-14A-10, NMSA 1978.
L. “Health insurance carrier” means any
entity that offers the following:
(1) group health and
dental coverage governed by the provisions of the Health Care Purchasing Act;
(2) individual health and dental
insurance policies, health benefits plans and certificates of insurance
governed by the provisions of Chapter 59A, Article 22 NMSA 1978;
(3) health and dental multiple-employer
welfare arrangements governed by the provisions of Section 59A-15-20 NMSA 1978;
(4) group and blanket health and dental
insurance policies, health benefits plans and certificates of insurance
governed by the provisions of Chapter 59A, Article 23 NMSA 1978;
(5) individual and group health and
dental health maintenance organization contracts governed by the provisions of
the Health Maintenance Organization Law Chapter 59A, Article 46 NMSA 1978; and
(6) individual and group health and
dental nonprofit health benefits plans governed by the provisions of the
Nonprofit Health Care Plan Law Chapter 59A, Article 47 NMSA 1978.
M. “Indirect
patient identifier” means a data variable that may identify an individual
when combined with other information.
N. “Proprietary financial information” means information that derives independent economic value, actual
or potential, from not being generally known to and not being readily
ascertainable by proper means by other persons who can obtain economic value
from its disclosure or use; and is the subject of efforts that are reasonable
under the circumstances to maintain its secrecy.
O. “Secretary” means
the secretary of the New Mexico department of health.
P. “Unique identifier” means an obfuscated
identifier assigned to an individual represented in the database to establish a
basis for following the individual longitudinally throughout different payers
and encounters in the data with
[7.1.31.7 NMAC - N, 04/20/2021]
7.1.31.8 STATEWIDE
ALL-PAYER CLAIMS DATABASE–DUTIES-CONTRACT WITH DATA VENDOR:
A. Duties of the department:
(1) The
department shall establish a statewide all-payer claims database to support
transparent public reporting of health care information. The database must improve transparency to: assist patients, providers, and hospitals to make
informed choices about care; enable providers, hospitals, and communities to
improve by benchmarking their performance against that of others by focusing on
best practices, enable purchasers to identify value, build expectations into
their purchasing strategy, and reward improvements over time; and promote
competition based on quality and cost. The
database must systematically collect all medical claims for covered medical
services, pharmacy claims, dental claims, member eligibility and enrollment
data, and provider data with necessary identifiers from private
and public payers, with data from all settings of care that permit the
systematic analysis of health care delivery.
(2) The
department shall convene subcommittees to the HIS advisory committee with the
approval of the secretary, including:
(a) a
subcommittee on data policy development;
(b) a
subcommittee to establish a data release process consistent with the
requirements of this rule and to provide advice regarding formal data release
requests. The advisory subcommittees
must include in-state representation from
(c) other
subcommittees as needed.
B. Duties
of the department in contract with data vendor:
(1) The
department will conduct, or may engage a data vendor to perform, data
collection, processing, aggregation, extracts, and analytics. The department or
data vendor must:
(a) establish
a secure data submission process with data providers;
(b) review
data submitters’ files per standards established by the department;
(c) assess
each record’s alignment with established format, frequency, and consistency
criteria;
(d) maintain
responsibility for quality assurance, including, but not limited to:
(i) the
(ii) accuracy
of dates of service spans;
(iii) maintaining
consistency of record layout and counts; and
(iv) identifying
duplicate records;
(e) assign
unique identifiers, as defined in this rule, to individuals represented in the database;
(f) ensure
that direct patient identifiers, indirect patient identifiers, and proprietary
information are released only in compliance with federal and state privacy laws
and the terms of applicable confidentiality requirements;
(g) demonstrate
internal controls and affiliations with separate organizations as appropriate
to ensure safe data collection, security of the data with state of the art
encryption methods, actuarial support, and data review for quality assurance;
(h) store
data in a manner compliant with the federal
(i) maintain
state of the art security standards for transferring data to approved data
requestors.
(2) The
data vendor must submit detailed descriptions to the department’s chief
information security officer to ensure robust security methods are in place.
(3) The
department is responsible for internal governance, management, funding, and
operations of the database. The department shall work with the data vendor to:
(a) collect
(b) design
data collection mechanisms with consideration for the time and cost incurred by
data providers and others in submission and collection and the benefits that
measurement would achieve, ensuring the data submitted meet quality standards
and are reviewed for quality assurance;
(c) ensure
protection of collected data and store and use of data in a manner that
protects patient privacy and complies with this section. All
(d) consistent
with requirements of this rule, make information from the database available as
a resource for public and private entities, including carriers, employers,
providers, hospitals, and purchasers of health care;
(e) report
performance on cost and quality pursuant to this rule.
(f) develop
protocols and policies, including prerelease review by any entity identified by
the department
(g) the department may not charge providers or data providers fees
other than fees directly related to requested reports.
[7.1.31.8 NMAC - N, 04/20/2021]
7.1.31.9 SUBMISSION OF CLAIMS DATA TO
DATABASE:
A. All-payer claims database data providers:
(1) Data
providers must submit
(2) Any
data provider used by an entity that participates in the database such as a
third-party administrator or pharmacy benefit manager must provide
(3) The
following plans or entities may voluntarily provide claims data to the database
within the time frames and in accordance with procedures established by the
department:
(a) Employer
sponsored plans subject to the Employee Retirement Income Security Act of 1974;
and
(b) any governmental
or tribal program or facility that provides health care services to American
Indians and Alaska Natives.
(4) Health
insurance carriers that only offer the following excepted benefit coverages are
not required to report:
(a) specific disease;
(b) accident
or injury;
(c) hospital indemnity and
other fixed indemnity;
(d) disability;
(e) long-term care; and
(f) vision coverage.
(5) Medicaid
managed care organizations provide claims data to the New Mexico human services
division (HSD), and who will then submit that data to the department of health.
(6) Health insurance carriers covering
less than 500 individuals are not required to submit files to the database but are
required to report the number of individuals with coverage during the previous
year on March 1st.
B. Data submission procedures:
(1) The
department shall:
(a) utilize
an internet-based user interface (or similar technology) that allows for secure
submission and acceptance of data submissions;
(b) perform
quality assurance and validation of all submitted data and provide feedback to
the data providers; and
(c) provide
data submissions procedures to data providers in a data submission guide that
is based on a current version of the APCD-Common Data Layout.
(2) Data
submission frequency: data shall be submitted at least monthly.
(3) Data providers
shall make every effort to initially submit complete, accurate, and valid data
in the APCD-Common Data Layout and shall correct all identified errors within
the timelines established by the department or its designee.
(4) An initial
test submission of data may be required.
(5) Data dating
to January 1, 2020 must be submitted initially.
(6) The
department may sanction data providers who do not comply with this rule.
(7) Data
shall be submitted beginning January 1, 2023.
[7.1.31.9 NMAC -
N, 04/20/2021; A, 4/25/2023]
7.1.31.10 CLAIMS DATA AND DATABASE - EXEMPTIONS
FROM PUBLIC DISCLOSURE:
A. Public record:
(1) The
claims data provided to the database, the database itself, including the data
compilation, and any raw data received from the database are not public records
and are generally exempt from public disclosure in accordance with the Inspection
of Public Records Act, Subsections A and H of Section 14-3-1, NMSA 1978, the
Health and Hospital Records Act, 14-6-1, NMSA 1978, and the Health Information
Systems Act, Sections 24-14A-6 & 8, NMSA 1978.
(2) Claims
data obtained, distributed, or reported in the course of
activities undertaken pursuant to or supported under this rule are strictly
confidential and shall not be a matter of public record or accessible to the
public. The department shall not
disclose data except to the extent that they are included in a compilation of
aggregate data. Any forms of data
collected by and furnished for the department shall not be public records
subject to inspection pursuant to Section 14-2-1 NMSA 1978. The department may release or disseminate
aggregate data, which shall be public records if the release of these data does
not violate state or federal law relating to the privacy and confidentiality of
individually identifiable health information. In accordance with Paragraph (6) of Subsection
D of Section 24-14A-3 NMSA 1978, Section 24-14A-4.3 NMSA 1978, and Subsection D
of Section 24-14A-6, NMSA 1978 of the HIS Act, data may be reported routinely
to authorized federal, state, and local public agencies.
[7.1.31.10 NMAC - N, 04/20/2021]
7.1.31.11 GENERAL PROVISIONS ON ACCESS TO
THE CLAIMS DATABASE DATA:
A. Access requirements:
Data and reports based on the claims
database may be obtained only in accordance with the requirements of the HIS
Act and this rule. Any request for
information that would not be contained in previously prepared and published
reports will require a
B. Evaluation of requests: In
addition to other requirements stated in this rule, all requests for claims
data and reports, other than routine reports, shall be evaluated by the
department and shall not be released unless the requests satisfy the following
criteria for approval.
(1) The
specific intended use of the data shall comport with the purposes of the HIS
Act, as stated in 24-14A-3A, NMSA 1978 and rules promulgated pursuant to the HIS
Act, including use of data to assist in:
(a) the
performance of health planning, policy making functions, and research conducted
for the benefit of the public;
(b) informed
health care decision making by consumers;
(c) surveillance
for the control of disease and conditions of public health significance as
required by Public Health Act, Subsection C of 24-1-3 NMSA 1978, and
(d) administration,
monitoring, and evaluation of a statewide health plan.
(2) The
request shall be consistent with the responsibilities of the department in
accomplishing the priorities of the HIS.
C. Request procedures: All requests for data shall be made to the
department.
D. Fees: Fees
for access to data and reports shall be paid pursuant to the requirements of this
rule.
E. Time period to fulfill request: The
department will endeavor to fulfill requests within one month of receiving the
request, although the time period for fulfillment of a
request may vary depending on the complexity of the request and other factors.
F. Restrictions on access to confidential sensitive data: The
department shall deny access to
information from the claims database where the use or
disclosure of the information could result in a violation of health information
confidentiality or purposes for which the department has determined is not
consistent with the purposes or intent of the act.
G. Compliance with other laws: The
department shall ensure that any access to data that is subject to restrictions
on use pursuant to state, federal, or tribal law or regulation, or any other
legal agreement, complies with those restrictions.
H. Disclaimer: The department shall include a disclaimer in all claims data
and reports released pursuant
I. Agency contractors:
(1) A
state or federal agency that receives claims data or reports under an agreement
with the department pursuant to this rule shall be solely responsible for
fulfillment of the agreement, including responsibility for the actions of any
subcontractor engaged to perform services that require access to claims data or
reports.
(2) A
state or federal agency subcontractor that is provided access to claims data or
reports shall be subject to the full provisions of the HIS Act and this rule.
J. Proprietary and confidential information:
(1)
(2) A
data provider that objects to the potential release of its reported data or
information derived from its reported data shall submit to the department a written
request to exempt its data from such disclosures. By the end of each fiscal year (June 30th),
data providers must notify the department in writing regarding data items that
they deem proprietary. Application for an exemption must be addressed by a
representative of the data provider to the department.
[7.1.31.11 NMAC - N, 04/20/2021]
7.1.31.12 ACCESS TO HEALTH CARE DATA
REPORTS:
A. Access to routine and published reports: The
department shall release reports to the public on a periodic schedule as
determined by the department and in accordance with the HIS Act.
C. Access to data and reports for state
agencies: The department shall
establish policies and procedures for access to data and reports by state
agencies.
[7.1.31.12 NMAC - N, 04/20/2021]
7.1.31.13 FEES FOR DATA AND REPORTS:
A. Fees for routine reports:
(1) Generally: The
fees for copies of available reports produced for public use shall be as
follows:
(a) single
copies of any claims data reports or annual reports shall be provided free of charge
upon request; and
(b) all other
reports shall be
(2) Data providers: Data providers may
receive one free copy of the department’s routine reports upon request.
B. Previously-prepared reports: The fee for copies
of available previously-prepared, non-routine reports provided to persons other
than the original requestor for whom the report was prepared shall be $20.00
per report.
C. Fees for data and non-routine reports: The fee for preparing
data and non-routine reports that have not been previously prepared shall be
charged at the hourly rate of the analyst(s) preparing the data or report, as
follows:
(1) data
providers shall be charged a rate of $50.00 per analyst hour;
(2) state
agencies shall be charged a rate of $75.00 per analyst hour; and
(3) all others
shall be charged a rate of $100.00 per analyst hour.
D. Electronic media reports: Fees for reports made available on electronic
media may include charges for the cost of the magnetic tape, diskette, CD-ROM,
or other electronic media, in addition to the fees required by this section.
E. Waiver or reduction of fees:
(1) Standard for waiver or reduction: The department may reduce or waive the fee for
routine reports, data, and non-routine reports when the department determines
that the requestor’s proposed use of the information would be of value to the
department in fulfilling its statutory mandates to a degree equal to or greater
than the fee reduction or waiver.
(2) Payment upon failure to perform: When a fee waiver or reduction has been
granted, and the research for which the fee was waived or reduced is not
completed or the product for which the fee was waived or reduced is not delivered
to the department, the full fee shall be assessed in accordance with this rule.
F. Statement of fees: The department shall
prepare a statement of the fee for requests made pursuant to this rule and
provide it to the requestor prior to tender of the
requested data or report. Payment is required
in advance of the requestor receiving the data or report.
[7.1.31.13 NMAC - N, 04/20/2021]
HISTORY OF
7.1.31 NMAC: [RESERVED]