Section 5.03 - Requests from Government Agencies(1) All Government Agency requests for Data shall be made in writing as set forth in an agreement between the parties or as provided on CHIA's Website.(2) When requesting Protected Health Information, Government Agencies shall identify the public purposes for which the Data is sought and the security measures designed to protect the Data from inadvertent and/or unauthorized disclosure.(3) CHIA shall fulfill Government Agency requests for Protected Health Information to the extent permissible under state and federal laws protecting patient privacy and data security. To the extent required by such laws, Government Agencies may be required to establish to CHIA's satisfaction that they are seeking the minimum amount of Protected Health Information necessary to accomplish the public purpose for which access to such data is given and that appropriate data security measures are in place.(4) Government Agencies requesting Protected Health Information of Medicaid recipients will be required to demonstrate compliance with 42 U.S.C. § 1396a(a)(7) to the satisfaction of both CHIA and the Executive Office of Health and Human Services.(5) Government Agencies requesting Medicare Data will be required to demonstrate compliance with CMS requirements regarding access and use of such Data.(6) Prior to the receipt of any Data, Government Agencies shall enter into a written agreement with CHIA governing its use and disclosure.Amended by Mass Register Issue 1355, eff. 12/29/2017.