CO APCD Oversight and Governance
As outlined below, oversight for the CO APCD comes from many different areas. Click here to see how all of the parts work together.
- Per the original statute, HB 10-1330:
- The CO Department of Health Care Policy and Financing (HCPF) promulgates all rules associated with the CO APCD including how data is protected and released.
- A statewide, multi-stakeholder CO APCD Advisory Committee, reauthorized in 2013 through SB 13-149, makes recommendations to CIVHC for administration of the database.
- A separate Data Release Review Committee (DRRC), established by HCPF rules, develops protocols for data release, reviews requests for CO APCD reports and advises CIVHC on the appropriateness of those requests.
- As the appointed Administrator of the CO APCD (by HCPF), CIVHC is required by law and contract to:
- Strictly adhere to HIPAA, HITECH and related state and federal laws.
- Annually report data requests and uses, and immediately report any breaches of data to HCPF.
- Submit annual reports to HCPF and the Colorado General Assembly.
- As a non-profit organization, CIVHC is governed by a Board of Directors with a fiduciary duty and financial liability related to the organization’s operation of the CO APCD.
On an annual basis, CIVHC is required to submit an Annual Report on the improvements, uses and sustainability of the CO APCD. Visit our Annual Reports page for more information.