DE SB88

Permits the Delaware Health Information Network (DHIN) to provide clinical data to healthcare payers, providers, purchasers, and researchers for purposes including improving healthcare quality, access, and lowering per capita costs, subject to HIPAA compliance and Board approval.

Requires DHIN Board of Directors or an established subcommittee to approve all clinical data requests by majority vote, with fully deidentified data exempt from full Board review but limited and identifiable datasets requiring Board review.

Mandates patient written consent before DHIN releases individually-identifiable patient data and requires DHIN to notify data-sending organizations when their clinical data may be released, allowing opportunity for comment.

Codifies patient rights to access their own health information held by DHIN and requires DHIN to establish regulations allowing residents to direct disclosure of their health information to approved third parties, both subject to HIPAA and data-sending organization contract limitations.

Maintains existing protections that DHIN health information is exempt from Freedom of Information Act requests and court subpoenas, with violations subject to prosecution under Delaware Criminal Code or federal law.