Deidentified Negative Screening Test Result Reporting Guidance

Reporting Process 

Deidentified negative screening results must be submitted at least annually* to the Washington State Department of Health Office of Infectious Disease. Please use the Deidentified Negative Flat File (DNFF) Template Form (XLSX): Updated November 2023 using one of the following mechanisms:
  1. Submit results via your organization’s secure email.
  2. Submit results via Managed File Transfer (MFT). If you do not have an established MFT account with the Office of Infectious Disease, please request one by emailing OID Notifiable Conditions.

*Results must be submitted in a single report no less than once per year, but may be submitted more frequently as a single report or as individual screening results. 

Requirement Overview 

Effective January 1, 2023, WAC 246-101-201, lists the agents (conditions) that are notifiable by a laboratory director. Included in the list are chlamydia trachomatis, hepatitis C virus, human immunodeficiency virus (HIV), Neisseria gonorrhoeae (gonorrhea), and treponema pallidum (syphilis). 

In the context of this section of rule, “deidentified negative screening result” means an initial test result that indicates the absence of disease and that has personally identifiable information removed from it in alignment with the Health Insurance Portability and Accountability Act (HIPAA).  

A deidentified negative screening result does not include a negative test result associated with a previous positive test result, such as a negative nucleic acid or viral load test that is performed after a positive antibody or antigen test.  

WAC 246-101-201 also states deidentified negative screening tests must be submitted at least annually for these agents.  

“At least annually" means deidentified negative screening results must be submitted in a single report no less than once per year, but may be submitted more frequently as a single report or as individual screening results. 

Frequently Asked Questions

Which conditions are impacted?

Report deidentified negative screening results for the following conditions:

  • Chlamydia trachomatis
  • Hepatitis C virus
  • Human immunodeficiency virus (HIV)
  • Neisseria gonorrhoeae (gonorrhea)
  • Treponema pallidum (syphilis)
What is a deidentified negative screening result?

“Deidentified negative screening result” means an initial test result that indicates the absence of disease and that has personally identifiable information (PII) removed from it using the Health Insurance Portability and Accountability Act (HIPAA) of 1996 Safe Harbor Method defined in 45 C.F.R. 164.514. Deidentification is the removal of specific information about a patient that can be used alone or in combination with other information to identify that patient.

What are some examples of a negative screening result?

An initial test result indicating absence of disease performed as a screening test, not a follow-up to a positive test to screen for a condition, such as the following:

  • Rapid Screening Tests (RSTs) for HIV, Hepatitis C, or syphilis
  • HIV antibody and/or antigen detection tests, such as HIV 1/2 Ab and HIV 1/2 Ag/Ab Combo tests
  • Hepatitis C Antibody Detection tests
  • Serological screening tests for syphilis antibodies (treponemal or non-treponemal)
  • Screening tests for chlamydia and gonorrhea

NOTE: A person may screen multiple times for a particular condition over time. All negative screening results from this individual would be reportable.

What is not included in deidentified negative reporting requirements?
  • Confirmatory tests done as a follow-up to a positive test do not fall under the deidentified negative reporting requirement; these are reportable under routine reporting requirements.
  • HIV and hepatitis viral detection and nucleic acid tests (both positive and non-positive) do not fall under the deidentified negative screening result submission requirement; these are reportable under routine reporting requirements. See WAC 246-101.
What is the Safe Harbor Method?

The Safe Harbor Method is a HIPAA-approved method for sharing deidentified protected health information (PHI). Under the HIPAA Privacy Rule deidentification standards, this method involves the removal of 18 specified identifiers of PHI from data, to ensure that the data cannot be traced back to one person and that patient privacy is maintained. See Methods for De-identification of PHI | HHS.gov.

What data should be included?

The following non-identifiable information is requested for deidentified reporting:

 

  • Name of the facility/site submitting the results
  • Patient/Client's age (reported as categorical "90+ years" if over 89 years of age, or "<1" if under 1 year of age)
  • Zip code (first 3 digits ONLY) associated with Patient/Client's physical address
  • Patient/Client's sex, as required in WAC 246-101-011(5)
  • Patient/Client's race, as required in WAC 246-101-011(5)
  • Patient/Client's ethnicity, as required in WAC 246-101-011(4)
  • Patient/Client's preferred language, as required in WAC 246-101-011(6)
  • Name, address, and phone number of facility where Patient/Client received care
  • Requesting health care provider's name, address, and phone number
  • Name and CLIA number of submitting laboratory
  • Specimen type
  • Specimen collection date (year only)
  • Date laboratory received specimen (year only)
  • Date results reported (year only)
  • Test method used (equivalent to test performed)
  • Test result
  • Quantitative result (if applicable), including units and reference range

Refer to the DNFF Template Form (XLSX): Updated November 2023 for additional details including column header names, column header order, and the template for submission.

What data should be excluded?

ALL PATIENT IDENTIFIERS should be excluded, including the following patient/client information (see Safe Harbor Method for further details):

  • First and last name
  • Physical address (except first three digits of zip code)
  • Date of birth
  • Telephone number
  • Medical record number, Accession number, Social Security number
  • Any dates (except year) directly related to an individual patient, including date of specimen collection
In what format should data be submitted?

The Deidentified Negative Flat File (DNFF) Template Form (XLSX): Updated November 2023 is the preferred electronic reporting method for entities to submit deidentified negative screening results to the Washington State Department of Health (DOH). The DNFF meets requirements for laboratory reporting as defined under WAC 246-101 and should only be used for reporting of deidentified negative screening results, as outlined above. We created the DNFF as a more standardized approach for capturing the data, allowing for clear definition of allowable and required fields as well as more efficient maintenance and analysis of the resulting dataset. We are continuing to improve the DNFF based on user feedback. 

What is the difference between the Electronic Laboratory Flat File (ELFF) and the Deidentified Negative Flat File (DNFF)?

The Electronic Laboratory Reporting (ELR) team utilizes the Electronic Laboratory Flat File (ELFF) for reporting COVID-19 data. The Deidentified Negative Flat File (DNFF) is only to be used for deidentified negative data reporting for conditions that fall under WAC 246-101-201.

How should data be submitted?

At present, we are providing two acceptable means of submission, based on preference:

  1. Submit via your organizations secure encrypted email to oid.notifiableconditions@doh.wa.gov
  2. Managed File Transfer (MFT; web portal for secure data upload) – request account through Courtney.Thompson@doh.wa.gov                       

Who is responsible for reporting deidentified negative results?

The organization/facility/laboratory that conducts the test is responsible for reporting the results to the Washington State Department of Health. For example, if a community testing site draws blood for a Sexually Transmitted Infection (STI) test and sends the specimen to a laboratory, the laboratory is responsible for reporting the result. If the community testing site performs the test and receives the results on site, the community testing site is responsible for reporting the results.

Are out-of-state laboratories required to report negative results of deidentified screening tests?

Yes, provided that the out-of-state laboratory has agreed to the reporting requirements of Washington State. Results must be reported by the laboratory that performs the test, but an in-state laboratory that sends specimens to an out-of-state laboratory and receives a report of such findings is also responsible for reporting results in the same way, as if the finding has been made by the referring in-state laboratory, if the results would not be reported otherwise (See WAC 246-101-205).

Are facilities that dispense take-home/at home test kits to clients/patients responsible for reporting those results to public health?

No, home test kits do not fall under the reporting requirement if the test is performed by the patient without direct supervision. You would, however, be required to report the results of take-home collection kits if the test is performed or directly overseen by your facility.

What about testing partners already reporting negative screening test results in EvaluationWeb? (EvalWeb)? Is any further action required to fulfill this new reporting requirement?

Testing partners who are already reporting negative screening test results in EvaluationWeb (EvalWeb) for the indicated conditions are not required to report these results via other mechanisms, including the DNFF form. Submission of results via EvalWeb will be considered sufficient to fulfill the deidentified negative screening result reporting requirement.

Contact 

As we continue to flesh out our guidance and supporting resources around the deidentified negative result reporting requirement, please continue to submit questions/feedback to oid.notifiableconditions@doh.wa.gov. Thank you very much for your ongoing partnership.