Nonliability for disclosing or using information
- • confidentiality of information
- • removal of information
(1) An authorized user and the employees or agents of an authorized user are not liable for sharing or using information from the immunization registry regarding a client’s immunization record or tracking and recall record as provided in ORS 433.094 (Development of immunization registry and tracking and recall system).
(2) Information in an immunization registry regarding a client’s immunization record or tracking and recall record, or derived from the registry or record, is confidential and may not be disclosed to any person who is not specifically authorized to receive information under ORS 433.090 (Definitions for ORS 433.090 to 433.102) to 433.102 (Parental responsibility for immunization).
(3) When a client who is 18 years of age or older requests in writing that the client’s immunization record be removed from an immunization registry, the agency that maintains the registry shall purge the client’s immunization record from the registry as soon as is reasonably possible.
(4) Before sharing data with any immunization registry, an immunization registry maintained in Oregon shall ensure that the immunization registry receiving the data has confidentiality and security policies at least as stringent as the policies of the registry sharing the data. [1993 c.297 §8; 2003 c.573 §3; 2007 c.196 §5; 2011 c.71 §3]
3 OregonLaws.org assembles these lists by analyzing references between Sections. Each listed item refers back to the current Section in its own text. The result reveals relationships in the code that may not have otherwise been apparent.