If the Hill cipher matrix (I assume you are using a 2x2 matrix?) is called $H$, then we know that $H \cdot \begin{pmatrix} 6 \\ 8 \end{pmatrix} =\begin{pmatrix} 22 \\ 10 \end{pmatrix}$ and $H \cdot \begin{pmatrix} 21 \\ 4 \end{pmatrix} =\begin{pmatrix} 13 \\ 2 \end{pmatrix}$. You could try to solve for $H$ by Gaussian elimination e.g.
In this case we get the following equations in the first row of the encryption matrix, say $[x \,\, y]$:
$$6x + 8y = 22 \\
21x+4y = 13$$
And multiplying the second equation by $30$ (or $4$, but the inverse of $21$ is $5$ hence the $30 = 5 \times 6$) we get:
$$6x+ 16y = 0$$ (reducing modulo $26$ of course).
substracting the other equation, we get $$8b = 13$$ which has no solution as $8b$ is always even and $13$ is odd. So it seems we cannot have GIVE as the start of the plain text.
If you know some basic group/ring theory (or maybe just quadratic residues) this is all easily explainable. Recall that once $E$ is selected, $D$ is dictated as $E^{-1} \bmod \varphi(n)$. In other words, $E$ is selected from the group of units $\mathbb{Z}_{\varphi(n)}^*$ and $D$ is then its inverse in this group. (As pointed out, your edit with $E=D=19$ is wrong regarding $x \mapsto x^E$ being the identity map.)
Now, how large is the group of units $\mathbb{Z}_{\varphi(n)}^*$? By some basic ring theory, this group has size $\varphi(\varphi(n))$. [In general, the ring $\mathbb{Z}_k$ has $\varphi(k)$ units.] For example, with $n=91$, $\varphi(n) = 72$ and sure enough, working mod $72$ there are $\varphi(\varphi(91)) = \varphi(72)=24$ units. In short, you only have $24$ valid choices for $E$ when you work RSA mod $91$.
Your (original) first question was, paraphrased: is $D=E$ always a possibility? And why does this happen? Here is the relevant fact for your question on why $D=E$ is possible. (In fact, it is inescapable: no RSA moduli avoid this phenomenon completely.)
Theorem: When $m \geq 3$, the value of $\varphi(m)$ is even.
The only RSA modulus for which this is false is $n=6$, which gives $\varphi(\varphi(6))=1$, odd. For all other RSA moduli $n$, we have that $\varphi(\varphi(n))$ must always be even.
Hence the group of units $\mathbb{Z}_{\varphi(n)}^*$, from which you selected $E$, has even order. Now any group of even order has at least one (probably more) element of order $2$ (meaning $x^2=1$), and such elements are there own inverses (meaning $x=x^{-1}$). This is what happened in your example. If you get out your modular calculator, set the modulus to $72$ and ask for the multiplicative inverse of $19$, you will see that the answer is itself. This must always happen for at least one key-choice of $E$ because this group has even order.
If this bothers you, then don't use it. Check that $D$ is not $E$, and if it was, then choose again. By probability, it won't happen again.
In your second example, you chose $E=11$ and $D=E^{-1} \bmod 72$ is in fact $D=59$. Nice observation that exponentiation by each results in the same function; this is insightful on your part. I'm not sure of a completely general set of conditions that explain or predict this based on $n$, $p$, $q$, etc. I will point out that, in your example, $n=91=7 \cdot 13$, and $p-1=6$ divides $q-1=12$.
Proposition: Suppose we have an RSA setup $n=pq$ with $E$ and $D$ correctly chosen. Then the encryption function $f: x \mapsto x^E \bmod n$ is the same as the decryption function $g: x \mapsto x^D \bmod n$ if $D$ is simultaneously congruent to $E$ modulo $p-1$ and $q-1$.
The proof of this is basically the same as the proof that RSA works. You can write $D=E + k(p-1)$ for some $k$, and $D = E + j(q-1)$ for some $j$. Show that $x^D \equiv x^E \bmod n$ by arguing mod $p$ and mod $q$ in cases. You'll need to consider when $x$ is divisible by $p$ and not $q$, the vice versa, then neither. It will all work because of Euler's theorem.
It gets worse in some cases. If we additionally knew that $p-1$ divides $q-1$, then we don't have to check both congruences above. This is your "problem," since $91 = 7 \cdot 13$ and $7-1$ divides $13-1$.
Corollary: Suppose we have an RSA setup $n=pq$ where $p < q$ and with $E$ and $D$ correctly chosen. Suppose also that $p-1$ divides $q-1$. Then the encryption function $f: x \mapsto x^E \bmod n$ is the same as the decryption function $g: x \mapsto x^D \bmod n$ if $D$ is congruent to $E$ modulo $q-1$.
Proof. If $q-1$ divides $D-E$ then $p-1$ also divides $D-E$, so the previous result applies. $\Box$
Note: This is exactly your situation. You have $E=11$ and $D=59$, and $D-E=48$ is divisible by $q-1=12$.
Finally, this business of $p-1$ dividing $q-1$ is not sufficient to create this behavior. So, whatever is going on with $n=91$, this isn't the whole explanation.
Example: With $p=11$ and $q=71$ we have $n=781$, $\varphi(n)=700$, and $p-1$ dividing $q-1$. However, plenty of key choices do NOT result in $x \mapsto x^E$ agreeing with $x \mapsto x^D \bmod n$. One example is $(E,D) = (3, 467)$.
There is one general thing you can say about the encryption function agreeing with the decryption function. Let $f : x \mapsto x^E$ be the encryption, and $g: x \mapsto x^D$ be the decryption, all mod $n$. We have $f \circ g =1=g \circ f$ by design. Certainly if $D=E$ then we'll have $f=g$, but as you've pointed out this need not be necessary. If $f=g$ this will say $f \circ f=1$. The converse is also true by uniqueness of inverses for bijective functions: $f \circ f =1$ implies that encryption is decryption. However, $f \circ f =1$ means that $f(f(x))=(x^E)^E = x^{E^2} \equiv x \bmod n$. However, we are now multiplying up in the exponent, so we should work mod $\varphi(\varphi(n))$, not just $\varphi(n)$. Hence we would have $f=g$ if $E^2 \equiv 1 \bmod \varphi(\varphi(n))$.
Sure enough, this is your example! With $n=91$, $\varphi(\varphi(n))=24$, and with $E=11$ we get $E^2 = 121 \equiv 1 \bmod 24$.
Best Answer
Suppose your plaintext is 16 long: $p_1,p_2,\ldots,p_{16}$. Then the ciphertext, when we apply your key $(5,12,3,7,9,6,4,14,1,13,10,8,15,2,11,16)$ as a columnar transposition, equals $c_1 = p_9, c_2 = p_{14}, c_3 = p_3, c_4 = p_7, c_5 = p_1, c_6 = p_6, c_7 = p_4, c_8 = p_{12}, c_9 = p_{5}, c_{10} = p_{11}, c_{11} = p_{15}, c_{12} = p_2, c_{13} = p_{10}, c_{14} = p_8, c_{15} = p_{13}, c_{16} = p_{16}$.
So the key to go back from ciphertext to plaintext equals $(9,14,3,7,1,6,4,12,5,11,15,2,10,8,13,16)$