HARMONY OUTPATIENT CENTER
PATIENT RECORDS MANAGEMENT SYSTEM
POLICY AND PROCEDURE
It is the policy of Harmony Outpatient Center to secure patient records from unauthorized access and to maintain records in accordance with 42 code of Federal Regulations, Part 2 and section 397.501(7), F.S.
The agency maintains record management procedures regarding content, organization, and use of the clinical records. The record management system shall ensure that all paper records are signed in ink by hand and the electronic medical records are signed using a signature pad or a staff identifier code in lieu of a signature.
The paper charts are to be legible and amendments or marked-through changes initialed and dated by the individual making such changes. Changes in the electronic record are to be made by the addition of an addendum note, addressing the needed change and justification for the alteration.
Documentation contained in the either the paper or electronic patient records are not to be deleted for any reason.
The agency has an Information and Technology Plan to address the agency’s IT and EMR compliance issues.
1. Each patient will have an individual electronic medical record containing all items in accordance with 65D-30, F.A.C.
2. Documentation pertaining to patients is to be entered into the file on the same day of occurrence. If a clinical service is performed by staff other than a Qualified Professional, the agency’s Qualified Professional must co-sign within the time frame stipulated in applicable regulations.
3. Executive Director or designee is responsible to ensure comprehensive contents of patient record and that all required activities are completed within the mandated time frames.
4. Routine review of patient records must be incorporated in the agency’s Continuous Quality Improvement activities.
5. The agency’s hardware and software are maintained in accordance with the Information and Technology Plan which is inclusive of the following:
Disaster recovery preparedness
Programmatic Performance Improvement Activities
Business Performance Improvement Activities
Use of Clinical Records:
1. The agency has job descriptions indicating the need for access to the agency’s medical records;
2. If deemed necessary, the Human Resource Dept. is responsible to send an authorization to the EMR Specialist to establish a log-in and temporary password for the employee;
3. All designated employees are trained on the EMR on the date of hire;
4. All designated staff are trained on the 42 code of Federal Regulations, Part 2 federal confidentiality guidelines and HIPPA Guidelines;
5. Staff are to only access the electronic medical record on agency property, in their assigned office; On-site access is prohibited;
All information is to be released in accordance with applicable codes and regulations with proper releases.
HARMONY OUTPATIENT CENTER
CONFIDENTIALITY POLICY AND PROCEDURE
Harmony Outpatient will comply with Title 42, Code of Federal Regulations, Part 2, titled “Confidentiality of Alcohol and Drug Abuse Patient Records” and with Chapter 397.419(7), paragraphs 397.6751(2)(a)(c), Florida Statues and Section 397.752, Florida Statutes, regarding confidential patient information.
Federal laws and regulations do not protect any information about suspected child abuse or neglect from being reported under state law to the appropriate state or local authorities.
Harmony Outpatient will not acknowledge the presence of a patient or release any information pertaining to the patient’s care without a completed signed release of confidentiality.
1. Harmony Outpatient may not acknowledge the presence or affiliation of a person in the program/residence unless the patient consents to the acknowledgement or affiliation in writing; staff is directed to release information by a legal court order; disclosure is made to medical personnel in a medical emergency or to qualified personnel for research, audit, or program evaluation.
2. Violation of the Federal law and regulations by a program/staff is a crime. Suspected violations may be reported to appropriate authorities in accordance with Federal regulations.
3. Federal law and regulations do not protect any information about a crime committed by a patient either at the program/residence or against any person who works for the agency or about any threat to commit such a crime.
4. Staff, upon initial hire, will be orientated to the Harmony Outpatient policy to comply with Title 42, Code of Federal Regulations, Part 2. Documentation indicating acknowledgement of the Confidentiality policy and protocols is to be included in the individual’s personnel file.
5. Federal laws and regulations do not protect any information about suspected child abuse from being reported under state law to the appropriate state or local authorities.
6. Patients, upon initial admission to the program, will be made aware of the Harmony Outpatient policies and protocols pertaining to the compliance with Title 42, Code of Federal Regulations, Part 2. Documentation indicating acknowledgement of the Confidentiality policy and protocols is to be included in the individual’s clinical file.
All persons employed Harmony Outpatient are required by Federal Law to protect the confidentiality of patients. Intentional or involuntary violation of a patient’s confidentiality may result in punitive action including fine or imprisonment. All employees are required to attend the annual Health Insurance Portability and Accountability Act (“HIPAA”) in-service training.
There are three main issues involving patient confidentiality: (1) maintaining the confidential nature of any patient-related items, (2) safeguarding all of a patient’s paperwork from the sight of third parties and (3) taking care to ensure all conversations regarding patients are done in a manner that other employees, patients and third parties are not within hearing distance.
1. Patient-Related Items:
All employees are reminded that any information with respect to our patient’s records is to be kept strictly confidential. It is imperative that employees take care not to discuss patients outside of the office or in common areas. Cases are not to be discussed with friends, family members, and/or business acquaintances.
2. Patient Medical Information:
All employees are charged with the responsibility of making sure that all patient paperwork is kept away from the view of others. Each document concerning a patient should be kept in a locked, secured area. No copying or distribution of any patient-related document should occur unless authorized by the patient. Management and staff are charged with ensuring that HIPAA and other privacy laws are complied with before any medical documents are reproduced or distributed.
3. Patient Conversations:
All conversations regarding any patient, including assessments, diagnoses, test results, treatment, etc., are to be held in a private location outside the hearing distance of third parties.
Employee confidentiality obligation extends beyond termination of employment Employees cannot discuss any patient information or Harmony Outpatient Center business including, but not limited to personal information, business negotiations, financial information or other business matters, with anyone unless previously approved by management.
Any questions involving confidential patient or business-related information by someone outside the agency be referred to the CRRA.
Personal information regarding any employee-related information shall be kept confidential and shall not be discussed with other employees or third parties. An employee’s breach of any confidentiality policy is grounds for disciplinary action, up to and including dismissal.
This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully:
Harmony Outpatient Center (referred to as “Harmony”) uses confidential personal health information about patients, referred to below as protected health information (“PHI”). Harmony protects the privacy of this information, and it is also protected from disclosure by state and federal law. In certain specific circumstances, pursuant to this Notice of Privacy Practices (“Notice”), patient authorization or applicable laws and regulations, PHI can be used by Harmony or disclosed to other parties. Below are categories describing these uses and disclosures, along with some examples to help you better understand each category.
Uses and Disclosures for Treatment, Payment and Health Care Operations.
Harmony Outpatient Center may use or disclose your PHI for the purposes of treatment, payment and health care operations, described in more detail below, without obtaining written authorization from you
For Treatment. Harmony may use and disclose PHI in the course of providing, coordinating, or managing your medical treatment, including the disclosure of PHI for treatment activities of another health care provider. Information obtained by Harmony will be used to furnish health care services, items and supplies to you. We will document in your record information related to the items dispensed to you and services provided to you.
For Payment. Harmony may use and disclose PHI in order to bill and collect payment for the health care services provided to you. For example, Harmony may contact your insurer or to determine whether it will pay for your health care or to determine the amount of your co-payment. We will bill your health plan for health care items and services supplied to you, and we may bill you as well. The information on the bill may include information that identifies you, as well as items and services you are receiving.
For Health Care Operations. Harmony may use and disclose PHI as part of its operations, including for quality assessment and improvement, such as evaluating the treatment and services you receive and the performance of our staff in caring for you, provider training, compliance and risk management activities, planning and development, and management and administration. Harmony may disclose PHI to attorneys, consultants, accountants, and others to help make sure Harmony is complying with all applicable laws, and to help Harmony continue to provide health care to its patients at a high level of quality.
Other Uses and Disclosures for Which Authorization is Not Required.
In addition to using or disclosing PHI for treatment, payment and health care operations, Harmony may use and disclose PHI without your written authorization under the following circumstances:
As Required by Law and Law Enforcement. Harmony may use or disclose PHI when required to do so by applicable law. Harmony also may disclose PHI when ordered to do so in a judicial or administrative proceeding, to identify or locate a suspect, fugitive, material witness, or missing person, when dealing with gunshot and other wounds, about criminal conduct, to report a crime, the location of the crime or victims, or the identity, description, or location of a person who committed a crime, or for other law enforcement purposes.
For Public Health Activities and Public Health Risks. Harmony may disclose PHI to government officials in charge of collecting information about births and deaths, preventing and controlling disease, reports of child abuse or neglect and of other victims of abuse, neglect, or domestic violence, reactions to medications or product defects or problems, or to notify a person who may have been exposed to a communicable disease or may be at risk of contracting or spreading a disease or condition.
For Health Oversight Activities. Harmony may disclose PHI to the government for oversight activities authorized by law, such as audits, investigations, inspections, licensure or disciplinary actions, and other proceedings, actions or activities necessary for monitoring the health care system, government programs, and compliance with civil rights laws.
Coroners, Medical Examiners, and Funeral Directors. Harmony may disclose PHI to coroners, medical examiners, and funeral directors for the purpose of identifying a decedent, determining a cause of death, or otherwise as necessary to enable these parties to carry out their duties consistent with applicable law.
Organ, Eye, and Tissue Donation. Harmony may release PHI to organ procurement organizations to facilitate organ, eye, and tissue donation and transplantation.
Research. Under certain circumstances, Harmony may use and disclose PHI for medical research purposes.
To Avoid a Serious Threat to Health or Safety. Harmony may use and disclose PHI, to law enforcement personnel or other appropriate persons, to prevent or lessen a serious threat to the health or safety of a person or the public.
Specialized Government Functions. Harmony may use and disclose PHI of military personnel and veterans under certain circumstances. Harmony may also disclose PHI to authorized federal officials for intelligence, counterintelligence, and other national security activities, and for the provision of protective services to the President or other authorized persons or foreign heads of state or to conduct special investigations.
Workers’ Compensation. Harmony may disclose PHI to comply with workers’ compensation or other similar laws. These programs provide benefits for work-related injuries or illnesses.
Prescription Refill/Appointment Reminders; Health-related Benefits and Services; Marketing. Harmony may use and disclose your PHI to contact you and remind you of a prescription refill, or to inform you of treatment alternatives or other health-related benefits and services that may be of interest to you, such as disease management programs. Harmony may use and disclose your PHI to encourage you to purchase or use a product or service through a face-to-face communication or by giving you a promotional gift of nominal value.
Disclosures to You or for HIPAA Compliance Investigations. Harmony may disclose your PHI to you or to your personal representative and is required to do so in certain circumstances described below in connection with your rights of access to your PHI and to an accounting of certain disclosures of your PHI. Harmony must disclose your PHI to the Secretary of the United States Department of Health and Human Services (the “Secretary”) when requested by the Secretary in order to investigate Harmony’s compliance with privacy regulations issued under the federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
Uses and Disclosures to Which You Have an Opportunity to Object.
You will have the opportunity to object to these categories of uses and disclosures of PHI that Harmony may make:
Disclosures to Individuals Involved in Your Health Care or Payment for Your Health Care. Unless you object, Harmony may disclose your PHI to a family member, other relative, friend, or other person you identify as involved in your health care or payment for your health care. Harmony may also notify those people about your location or condition.
Other Uses and Disclosures of PHI for Which Authorization is Required.
Most uses and disclosures of psychotherapy notes, uses and disclosures of PHI for marketing purposes, and disclosures that constitute a sale of PHI require authorization. Other types of uses and disclosures of your PHI not described above will be made only with your written authorization, which with some limitations you have the right to revoke in writing.
Uses and Disclosures Subject to State and Other Laws.
In addition to the federal privacy regulations that require this notice (called the “HIPAA” regulations), there are state and other federal health information privacy laws. These laws on occasion may require your specific written permission prior to disclosures of certain particularly sensitive information (such as mental health, drug/alcohol abuse, or HIV/AIDS information) in circumstances that the HIPAA regulations would permit disclosure without your permission. Harmony is required to comply not only with the HIPAA regulations but also with any other applicable laws that impose stricter nondisclosure requirements. For example, Florida laws provide enhanced protections for the use and disclosure of mental health records and HIV test results. Moreover, Florida law requires Harmony to comply with federal laws governing the confidentiality of patient records regarding alcohol and drug abuse.
Harmony is required by law to maintain the privacy of your PHI, to provide individuals with notice of its legal duties and privacy practices with respect to PHI, to abide by the terms described in this Notice and to notify affected individuals following a breach of unsecured PHI. Harmony reserves the right to change the terms of this Notice and of its privacy policies, and to make the new terms applicable to all the PHI it maintains. Before Harmony makes an important change to its privacy policies, it will promptly revise this Notice and post a new Notice on our Web site.
You have the following rights regarding your PHI:
You may request that Harmony restrict the use and disclosure of your PHI. Except as noted below, Harmony is not required to agree to any restrictions you request, but if Harmony does so it will be bound by the agreed restriction except in emergency situations. Harmony is required to agree to a requested restriction for disclosures to a health plan for payment or health care operations purposes relating solely to an item or service that you have paid for out-of-pocket in full.
You have the right to request that communications of PHI to you from Harmony be made by means or at locations. For instance, you might request that communications be made at your work address, or by e-mail rather than regular mail. Your requests must be made in writing and sent to firstname.lastname@example.org. Harmony will accommodate your reasonable requests without requiring you to provide a reason for your request.
Generally, you have the right to inspect and copy your PHI that Harmony maintains, if you make your request in writing. Within thirty (30) days of receiving your request (unless extended by an additional thirty (30) days), Harmony will inform you of the extent to which your request has or has not been granted. In some cases, Harmony may provide you a summary of the PHI you request if you agree in advance to such a summary and any associated fees. If you request copies of your PHI or agree to a summary of your PHI, Harmony may impose a reasonable fee to cover copying, postage, and related costs. If Harmony denies access to your PHI, it will explain the basis for denial and your opportunity to have your request and the denial reviewed by a licensed health care professional (who was not involved in the initial denial decision) designated as a reviewing official. If Harmony does not maintain the PHI you request, if it knows where that PHI is located it will tell you how to redirect your request.
If you believe that your PHI maintained by Harmony contains an error or needs to be updated, you have the right to request that Harmony correct or supplement your PHI. Your request must be made in writing, and it must explain why you are requesting an amendment to your PHI. Within sixty (60) days of receiving your request (unless extended by an additional thirty (30) days), Harmony will inform you of the extent to which your request has or has not been granted. Harmony generally can deny your request if your request relates to PHI: (i) not created by Harmony; (ii) that is not part of the records Harmony maintains; (iii) that is not subject to being inspected by you; or (iv) that is accurate and complete. If your request is denied, Harmony will provide you a written denial that explains the reason for the denial and your rights to: (i) file a statement disagreeing with the denial; (ii) if you do not file a statement of disagreement, submit a request that any future disclosures of the relevant PHI be made with a copy of your request and Harmony’s denial attached; and (iii) complain about the denial. You generally have the right to request and receive a list of the disclosures of your PHI Harmony has made at any time during the six (6) years prior to the date of your request. The list will not include disclosures for which you have provided a written authorization, and does not include certain uses and disclosures to which this Notice already applies, such as those: (i) for treatment, payment, and health care operations; (ii) made to you; (iii) for Harmony’s patient directory or to persons involved in your health care; (iv) for national security or intelligence purposes; or (v) to correctional institutions or law enforcement officials. You should submit any such request, and within sixty (60) days of receiving your request (unless extended by an additional thirty (30) days), Harmony will respond to your request. You have the right to receive a paper copy of this notice upon request, even if you have agreed to receive this notice electronically.
You may complain to Harmony if you believe your privacy rights with respect to your PHI have been violated by contacting Harmony Outpatient Center and submitting a written complaint. Harmony will in no manner penalize you or retaliate against you for filing a complaint regarding Harmony’s privacy practices. You also have the right to file a complaint with the Secretary of the Department of Health and Human Services.
Harmony Outpatient Center may use paid actors using real testimonials if a client does not want to appear on film, all trademarks are property of their respective owners.
What information is collected by Harmony Outpatient Center and how it is used?
We collect information from those who fill out our contact forms, submit an information request, join a discussion list, subscribe to a newsletter or contact us for support. Some forms may require that you provide your name, email address, phone number, or other details to better assist with any questions you may have.
What measures are in place to protect customer information?
Our form submission process is encrypted using the SSL (Secure Socket Layer) protocol. Your personal information is contained behind secured networks only accessible to a limited number of individuals who have special access and are required to keep that information confidential.
We use “cookies” to help create a more effective and convenient site experience. We use these cookies to determine site activity. We also use this data to better understand your preference based on your navigation of the site. Harmonyoutpatient.com does not store any sensitive information in the cookie.
How do you opt-out of subscriptions and receiving emails?
If, at any time, do not wish to continue receiving emails, calls, and/or newsletters from Harmony Outpatient Center, you may contact us directly via telephone to request to be removed from our system or you may select to “unsubscribe” directly on our site.
This site may contain links to other sites; Harmonyoutpatient.com is not responsible for privacy practices or the content of such websites.