Section



[Code of Federal Regulations]
[Title 12, Volume 1]
[Revised as of January 1, 2003]
From the U.S. Government Printing Office via GPO Access
[CITE: 42CFR480.107]

[Page 470-471]
 
                         TITLE 42--PUBLIC HEALTH
 
  CHAPTER IV--CENTERS FOR MEDICARE & MEDICAID SERVICES, DEPARTMENT OF 
                 HEALTH AND HUMAN SERVICES--(Continued)
 
PART 480--ACQUISITION, PROTECTION, AND DISCLOSURE OF PEER REVIEW INFORMATION--Table of Contents
 
     Subpart B--Utilization and Quality Control Quality Improvement 
                          Organizations (QIOs)
 
Sec. 480.107  Limitations on redisclosure.

    Persons or organizations that obtain confidential QIO information 
must not further disclose the information to any other person or 
organization except--
    (a) As directed by the QIO to carry out a disclosure permitted or 
required under a particular provision of this part;
    (b) As directed by CMS to carry out specific responsibilities of the 
Secretary under the Act;
    (c) As necessary for CMS to carry out its responsibilities for 
appeals under section 1155 of the Act or for CMS to process sanctions 
under section 1156 of the Act;
    (d) If the health care services furnished to an individual patient 
are reimbursed from more than one source, these sources of reimbursement 
may exchange confidential information as necessary for the payment of 
claims;
    (e) If the information is acquired by the QIO from another source 
and the

[[Page 471]]

receiver of the information is authorized under its own authorities to 
acquire the information directly from the source, the receiver may 
disclose the information in accordance with the source's redisclosure 
rules;
    (f) As necessary for the General Accounting Office to carry out its 
statutory responsibilities;
    (g) Information pertaining to a patient or practitioner may be 
disclosed by that individual provided it does not identify any other 
patient or practitioner;
    (h) An institution may disclose information pertaining to itself 
provided it does not identify an individual patient or practitioner;
    (i) Governmental fraud or abuse agencies and State licensing or 
certification agencies recognized by CMS may disclose information as 
necessary in a judicial, administrative or other formal legal proceeding 
resulting from an investigation conducted by the agency;
    (j) State and local public health officials to carry out their 
responsibilities, as necessary, to protect against a substantial risk to 
the public health; or
    (k) As necessary for the Office of the Inspector General to carry 
out its statutory responsibilities.

[50 FR 15359, Apr. 17, 1985; 50 FR 41886, Oct. 16, 1985. Redesignated at 
64 FR 66279, Nov. 24, 1999]