Header

Info Agency Main Banner Content

Article

Policies

Practitioner & Pharmacist Access and Use Policy 

Practitioner Delegate Access and Use Policy

Law Enforcement Access and Use Policy

Court Staff & Probation Officer Access and Use Policy

Licensing Board Access and Use Policy

INSPECT Staff Confidentiality & Security

Practitioner & Pharmacist Access and Use Policy

PURPOSE
To ensure the protection of patient confidentiality when using the INSPECT System

SCOPE
This policy applies to all registered Practitioner accountholders.

STATEMENT OF POLICY
Each practitioner granted access to INSPECT holds a position of trust and must preserve the security and confidentiality of the INSPECT data they use. INSPECT practitioners must meet specific eligibility requirements and must abide by all applicable Federal and State guidelines including, but not limited to, IC-35-48-7 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The misuse of INSPECT data constitutes a criminal offense and may result in the suspension or revocation of a user’s account access privileges, or in some cases, action against the offending accountholder’s professional license.

REFERENCE
IC-35-48-7-11.1

USAGE GUIDELINES

  1. Establishing an Account: Only health practitioners who are licensed to prescribe or dispense controlled substances in the United States may establish an INSPECT account and request an INSPECT History Report via the PMP.
  2. Contents of Report: An INSPECT Patient Report provides an overview of a patient’s prescription activity over a certain period of time. The information contained in the report is submitted to INSPECT by the dispensing pharmacy within twenty-four (24) hours from the date on which the drug was dispensed to the patient. There may be a lag of up to four (4) days before the prescription data is available for review on INSPECT. 
  3. Requesting Report: Health Practitioners may only request reports on patients for whom they are providing treatment or evaluating the need for treatment. This includes patients who have made appointments for an initial office visit or persons who have presented a prescription to a pharmacist. Health Practitioners may not request a report on staff, prospective employees, or anyone else for whom there is no medical chart or record available on-site for review at the pharmacy location or practitioner’s office.
  4. Limited Use of Report: The INSPECT Patient Report must be used only for purposes of making medical treatment decisions. Users should always take steps to verify that the information contained in the report is accurate. The report should be one factor in a comprehensive assessment of a patient.
  5. Sharing Report: The information contained in the INSPECT Patient Report is privileged medical treatment information and must not be discussed with anyone who is not involved in the direct provision of medical treatment for the patient. Practitioners may contact other health providers to discuss the care of a mutual patient. If another provider wishes to have a copy of the INSPECT Patient Report, they must establish an account and submit a request for their own copy of the report. The report, or the contents of the report, should never be faxed, mailed, emailed or otherwise disseminated. A practitioner or pharmacist who in good faith discloses information based on a report from the INSPECT program to a law enforcement agency is immune from criminal or civil liability. A practitioner that discloses information to a law enforcement agency is presumed to have acted in good faith.
  6. Storing Report: If the INSPECT Patient Report is stored along with a patient’s other medical records, it must be clearly marked “Do Not Copy.” It should never be included when sending a patient’s medical records to another health provider.
  7. Role of INSPECT Staff: Practitioners will not receive confidential prescription information from INSPECT staff over the phone. Practitioners should not expect INSPECT Staff to serve in a liaison role between themselves and law enforcement.

Practitioner Delegate Access and Use Policy

Law Enforcement Access and Use Policy

PURPOSE
To ensure the protection of patient and practitioner confidentiality when law enforcement users access INSPECT data.

SCOPE
This policy applies to all registered law enforcement accountholders.

STATEMENT OF POLICY
Each member of federal, state, or local law enforcement granted access to INSPECT holds a position of trust and must preserve the security and confidentiality of the INSPECT data they use. INSPECT law enforcement users must meet specific eligibility requirements and must abide by all applicable Federal and State guidelines including, but not limited to, IC-35-48-7 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The misuse of INSPECT data constitutes a criminal offense and may result in the suspension or revocation of a user’s account access privileges. Misuse of INSPECT data constitutes a criminal offense and may result in the suspension/revocation of the user’s account access privileges.

REFERENCES

IC-35-48-7-11.1

USAGE GUIDELINES

  1. Establishing an INSPECT Account: All local, state and federal law enforcement officers are eligible for INSPECT accounts. This includes sworn officers, prosecutors, county coroners, Board of Pharmacy compliance officers, and investigators affiliated with the Indiana Attorney General.
  2. Contents of Report: An INSPECT Patient or Practitioner Report provides an overview of a patient or practitioner’s prescription activity for a specific period of time. The information contained in the report is submitted to INSPECT by the dispensing pharmacy within twenty-four (24) hours from the date on which the drug was dispensed to the patient. There may be a lag of up to four (4) days before the prescription data is available for review on INSPECT. 
  3. Requesting a Report: A law enforcement user is authorized to request an INSPECT Report if:
    a)The law enforcement user is currently engaged in an active, ongoing investigation pertaining to the subject of the request; and
    b)The investigation involves controlled substances.

    Law enforcement users may not request an INSPECT Report for any purpose other than to assist in an active, ongoing investigation pertaining to controlled substances. Misuse includes, but is not limited to, requesting an INSPECT Report to aid in the search for a fugitive, to track a parolee, to hold an arrestee, or to bolster a tax evasion case.

    Law enforcement users are also not permitted to request an INSPECT Report based solely on the contents or findings of another INSPECT Report.
     
  4. Case Identifier: Law Enforcement users must include a case number with every Patient or Practitioner Report request issued to INSPECT.
  5. Limited Use of Report: An INSPECT Report is not evidence. It is a tool intended to make the evidence gathering process more efficient. The contents of the report must be thoroughly verified and reviewed before any formal action is taken against the subject of the INSPECT report.
  6. Sharing Report: The information contained in the INSPECT Patient Report is privileged medical treatment information and must not be discussed with anyone who is not involved in an active, ongoing investigation of the patient or practitioner for whom the report was generated. Law enforcement users working within the same agency or office may share reports; however, if law enforcement personnel from outside the agency or office wish to obtain a copy of the report, they must establish an account with INSPECT and submit a request for their own copy of the report. The report, or the contents of the report, should never be faxed, mailed, emailed or otherwise disseminated.
  7. Storing Report: If the INSPECT Patient Report is stored by a registered accountholder within an office or agency location, it must be clearly marked confidential and “Do Not Copy” and properly secured to prevent unauthorized access.
  8. Role of INSPECT Staff: INSPECT will never provide prescription information to members of Law Enforcement over the phone. As INSPECT staff has no personal or prior knowledge of the contents of INSPECT Rx History Reports, they should never be subpoenaed or formally called upon by law enforcement to examine, explain, interpret, or otherwise participate in the evaluation of an INSPECT Rx History Report.
  9. Misuse/Misconduct: The misuse of INSPECT data constitutes a criminal offense and may result in the suspension or revocation of a user’s account access privileges.

Court Staff / Probation Officer Access and Use Policy

PURPOSE
To guide access to and use of INSPECT by court staff in order to maintain the confidentiality of INSPECT data.

SCOPE
This policy applies to all court staff that are registered INSPECT accountholders.

DEFINITIONS

Court staff means:

  1. Indiana certified probation officers (IC 11-13) employed by an Indiana probation department,
  2. Court alcohol and drug program staff employed by or contracted to provide certified court alcohol and drug program services (IC 12-23-14) to a court in Indiana, and
  3. Problem-solving court staff employed by or contracted to provide certified problem-solving court services (IC 33-23-16) to a court in Indiana.

 

Community supervision means the monitoring of an individual in the community by a court in Indiana under an active case number by a probation department, a court alcohol and drug program pursuant to IC 12-23-14 or problem-solving court pursuant to IC 33-23-16.

STATEMENT OF POLICY

Each court staff member granted access to INSPECT holds a position of trust and must preserve the confidentiality of the INSPECT data. INSPECT court staff users must meet specific eligibility requirements and must abide by all applicable federal and state laws including, but not limited to, IC-35-48-7, 42 CFR Part 2, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and Indiana Administrative Rule 9. INSPECT users must also utilize the system in accordance with Indiana Board of Pharmacy approved usage guidelines. Misuse of INSPECT data may result in civil or criminal liability in addition to the suspension/revocation of the user’s account access privileges.

REFERENCE

IC-35-48-7-11.1

USAGE GUIDELINES

1.INSPECT Account Eligibility and Approval: certain designated court staff are eligible for INSPECT accounts. Court staff eligible for INSPECT access are:

(a) A chief probation officer of a probation department and/or their designee(s)

*no more than two individuals per probation department may have access;

(b) A court alcohol and drug program director and/or their designee(s)

*no more than two individuals per court alcohol and drug program may have access; and

(c) A problem-solving court coordinator and/or their designee(s)

*no more than two individuals per problem-solving court may have access.

Requests for exceptions to the eligibility policy based on the number of authorized users per department, program or court may be considered on a case-by-case basis.

2. Requesting a Report: An accountholder may request an INSPECT Report only for the following reasons:
(a) In the course of completing a presentence investigation (PSI) pursuant to IC 35-38-1-9 in order to assist the court in determining sentencing matters, including the conditions of community supervision;
(b) In the course of determining eligibility or suitability for a program, service or community supervision condition; and/or,
(c) In the course of case managing an individual on community supervision, either pre- or post-conviction, if the individual’s conditions of community supervision and/or program participation require the individual to abstain from the use of controlled substances or undergo chemical testing to detect and confirm the presence of a controlled substance.

A registered accountholder must verify their authority to submit a request for each INSPECT Report in conjunction with one of the authorized reasons by submitting the case number associated with the active case.

Only the registered accountholder may use their INSPECT username and password. Each individual who seeks access to INSPECT must be an authorized and approved user pursuant to this policy.

A registered accountholder is not permitted to request an INSPECT Report based solely on the contents or findings of another INSPECT Report.

3. Contents of Report: An INSPECT Patient Report provides an overview of a patient prescription activity for a specific period of time. The information contained in the report is submitted to INSPECT by the dispensing pharmacy within twenty-four (24) hours from the date on which the drug was dispensed to the patient. There may be a lag of up to four (4) days before the prescription data is available for review on INSPECT.

An INSPECT Patient Reports provide only a snapshot of information regarding a patient at a given point in time and may not be complete dependent upon when a prescription was filled and when information was submitted to INSPECT. INSPECT Reports should be updated regularly to ensure that the contents are current.

4. Limited Use of Report Information: The information contained in the INSPECT Patient Report is not evidence and is a decision-making and supervision tool only. INSPECT data alone cannot be used to sanction, terminate or revoke an individual under a court’s jurisdiction.

5. Report Information Sharing: The information contained in the INSPECT Patient Rx History Report is privileged medical treatment information and confidential pursuant to law. Registered accountholders may share INSPECT information with:
(a) The court charged with implementing or monitoring the community supervision of the subject of the INSPECT Report,
(b) Other individuals within the authorized user’s agency/department who need this information in order to carry out assigned employment responsibilities,
(c) Parties to the case if the authorized user is completing a PSI on the subject of the INSPECT Report, and
(d) The problem-solving court team if the subject of the INSPECT Report is being considered for problem-solving court participation or is a problem-solving court participant.

The report, or the contents of the report, should never be faxed, mailed, emailed or otherwise disseminated.

6. Storing Report Information: If the INSPECT Patient Report is stored by a registered accountholder within an office or agency location, it must be clearly marked confidential and “Do Not Copy” and properly secured to prevent unauthorized access.

7. Role of INSPECT Staff: No accountholder will receive confidential prescription information from the INSPECT staff over the phone. No accountholder should expect the INSPECT staff to serve in a liaison role between themselves and the courts. INSPECT staff has no personal or prior knowledge of the contents of INSPECT Reports, and they should never be subpoenaed or formally called upon by a court to examine, explain, interpret, or otherwise participate in the evaluation of an INSPECT Report.

Licensing Board Access & Use Policy

PURPOSE
To ensure that professional licensing boards, board members, and board directors fully validate INSPECT materials and meet a reasonable investigatory standard before they utilize INSPECT materials for board-related matters.

SCOPE
This policy applies to all Board of Pharmacy compliance officers, professional licensing boards, board members, and board directors

STATEMENT OF POLICY
According to IC-35-48-7-11.1, the INSPECT Program may release confidential patient information to professional licensing boards, provided the board is engaged in an investigation, adjudication, or prosecution of a violation under a state or federal law pertaining to controlled substances. However, it is not INSPECT’s policy to extend individual account access privileges to boards, board members or board directors. Should a board require an INSPECT report for a specific licensee, they must issue a formal request to the applicable Board of Pharmacy compliance officer, depending on the geographic location of the licensee, and use the system in accordance with approved board request procedures (see below).

Individual board members are still permitted to establish practitioner or law enforcement accounts with INSPECT should they want and qualify for one. However, any INSPECT Report generated from an individual board member’s own INSPECT account cannot be used for board-related purposes.

REFERENCES

IC-35-48-7-11.1

BOARD REQUEST PROCEDURES

  1. Initiating an Investigation on a Licensee: If a licensing board seeks to obtain INSPECT records for a particular licensee, they must first submit a formal request to a Pharmacy Compliance Officer.
  2. Meeting Reasonable Investigatory Standard: The Compliance Officer will then proceed to collect additional information related to the matter, begin a case file, and, if warranted, generate an INSPECT Report. The primary role of the Compliance Officer is evidence-gathering and validation.
  3. Validation of INSPECT Report: Because INSPECT cannot guarantee the veracity of the information contained in the INSPECT Report, a Compliance Officer, upon receipt of the INSPECT Report, must take steps to validate the contents of the report.
  4. Review by Board/Board Designee: Once the contents of the INSPECT Report have been fully validated, the INSPECT Report may be reviewed by the Board and/or the Board Designee.

INSPECT Staff Confidentiality & Security

PURPOSE
To establish standards for the conduct of INSPECT staff as it relates to protecting confidential patient information and storing and retaining sensitive documents and media.

SCOPE
This policy applies to staff of the Indiana Scheduled Electronic Collection and Tracking (INSPECT) Program.

STATEMENT OF POLICY
Given the sensitive nature of daily operational activities at INSPECT, all INSPECT staff are expected to meet strict confidentiality and security standards, including applicable Indiana laws and Federal HIPAA Standards. The staff must not share or discuss details of any INSPECT - specific activities, whether of a technical or non-technical nature, with persons not currently employed by INSPECT or the Professional Licensing Agency. This includes, but is not limited to, sharing or discussing details pertaining to patient medical treatment histories; sharing or discussing details related to INSPECT software functionalities; or sharing or discussing sensitive internal procedural matters. Egregious disregard for the confidentiality and security policy will result in disciplinary action commensurate with the offense.

PROCEDURES

  1. Requesting Patient/Practitioner Information: INSPECT Staff may submit requests on the PMP to review information referenced by a user, or to evaluate or test the technical performance of the PMP. Any other type of request constitutes a violation of the security and confidentiality policy.
  2. Media Storage/Retention: INSPECT will store and secure all diskettes, CDs and other forms of media received by reporting pharmacies for a period of no longer than two calendar years. After two years, the media will be destroyed by a third-party vendor.