The state of Minnesota has a number of laws that regulate access to health insurance information.  The law does not allow an insurance company to disclose personal information without the individual’s written authorization, unless it is necessary to detect or prevent criminal activity, fraud, or misrepresentation.  Written authorization is not needed if the disclosure of personal information is for research purposes, as long as the information does not identify the individual.1  The law also prevents health insurance plans or health maintenance organizations from disclosing individually identifiable information relating to an insured’s treatment, diagnosis or health to any other person.  The law provides an exception and allows health information to be disclosed to the Commissioner of Health, as long as it is de-identified or released with the insured’s consent.2

        Minnesota law also imposes certain obligations on health insurers operating in the state.  Health plans are required to provide access to personal information to patients, upon written request.3  Minnesota also requires that upon an insured’s written request to modify, amend or delete personal information contained in the record, a health insurance company must comply within 30 days of the request or notify the insured of its decision not to modify, amend or delete the requested information, with the reason for refusal.4

        Other obligations imposed on health plans include quality measure reporting.  Health plans are authorized to require contracted providers to report standardized quality measures.5  Health plans must also send quality data to the Commissioner of Health, who may use the information to strengthen incentives to use high quality low cost providers.6  Most recently, in an effort to enhance care coordination, all health plans in Minnesota are required to include health care homes a part of their provider networks, and develop payment terms of the health care home.7