| | - The complainant, with or without the assistance of a Patients' Rights Office (PRO), completes and submits the Beneficiary/Clients Grievance or Appeal and Authorization Form.
- Upon receipt of a completed Beneficiary/Clients or Appeal and Authorization Form, the PRO staff shall log the information.
- If the compliant includes a privacy related matter, PRO staff shall give a copy of the grievance to the DMH Privacy Officer for review and processing.
-
In accord with DMH Policy 200.04 Beneficiary Problem Resolution, PRO shall: - Provide to the complainant receipt of the complaint
- The acknowledgment shall:
- Include the date of receipt
- Provide the name, telephone number and address of the PRO advocate, PRO supervisor and Privacy Officer, if applicable.
- Inform the complainant within five (5) business days that their complaint has been received, by letter or phone call.
- The DMH Privacy Officer shall contact entities required in the HIPAA privacy investigative process.
- The Privacy Officer investigates all privacy complaints.
- The Privacy Officer shall follow all applicable steps in accordance with Policy 506.03, Responding to a Breach of Protected Health Information.
- Upon discovery PHI has been compromised, the DMH Privacy Officer shall provide written notification of the breach to the client within sixty (60) business days.
- The Patients’ Rights Office shall consult with the DMH Privacy Officer, as needed.
- The DMH Privacy Officer shall conduct any additional investigation deemed necessary or appropriate, at their discretion.
- The DMH Privacy Officer shall consult with County Counsel as needed.
- The client privacy complaints will be tracked by the Privacy Office.
- All documents required to be created or completed under this policy and procedure shall be retained for a period of at least 10 years from the date of creation.
| | |
