–
• This policy is developed in accordance with the Privacy Standards for Individually Identifiable Health Information in federal regulations promulgated pursuant to a HIPAA requirement to maintain the process, in writing, that designates to whom, how, and when the Notice of Privacy Policy and Management and Protection of Personal Health Information Policy will be distributed.
• HIPAA requires CCA to assure the privacy and confidentiality of protected personal health information of clients and patients. CCA employees and volunteers shall not permit the unauthorized disclosure of protected health information except as permitted or required by law. Each CCA Staff and Other contracted service providers and volunteers shall be furnished a paper or electronic copy of this policy and is expected to read and comply with CCA policy.
• CCA is required to designate a HIPAA Privacy Officer. The Executive Director of CCA will serve as the HIPAA Privacy Officer and will be the single point of contact for the agency. Any and all potential breaches in PHI shall be reported immediately.
• CCA is responsible for ensuring that employees are provided a Notice of Privacy Policy and that all clients, and parents and guardians of clients, with the exception of forensic clients, are provided a Management and Protection Health Information Policy Practice Statement.
1. The Notice of Privacy Policy shall be maintained and visible at all times in an area or areas that result in the Notice being accessible to all employees.
2. The Management and Protection of Personal Health Information Policy Statement (Attachment 2) shall be visibly posted at any service location serving clients.
3. All patients/clients/parents or guardians of the client/patient, caregivers, foster and adoptive parents, with the exception of forensic clients, will receive the Management and Protection of Personal Health Information Policy at the time of initial face-to-face contact.
4. If a reason exists as to why the Management and Protection of Personal Health Information Policy is not provided to the client, parent, or guardian at the first face-to-face contact, (i.e. incompetent, child in facility and parent/guardian not available, etc.) the record shall be documented accordingly and the policy shall be provided to the guardian, parent, etc. at the first opportunity.
5. The requirement to ensure that each client/patient/parent or guardian of the client/patient, caregiver, foster and adoptive parent will receive a copy of the Management and Protection of Health Information Policy shall be included in each provider’s contract as a compliance requirement.
NOTICES AND DISCLAIMERS
This website was created to comply with the provisions of the Americans with Disabilities Act (ADA) to ensure accessibility for the community we serve.
If you require assistance or accommodations to have the material on this site read or otherwise provided to you, please contact us at 904-204-4211.