| To establish Los Angeles County Department of Mental Health (DMH) responsibilities for the implementation of enhanced protection of medical records also known as protected health information (PHI), as defined by the Federal Health Insurance Portability and Accountability Act (HIPAA), Privacy Regulations. (HIPAA, 45 CFR Parts 160 and 164, Standards for Privacy of Individually Identifiable Health Information)
To assure all applicable County, State and Federal laws, rules and regulations pertaining to client rights to access their medical records and their rights to have those records kept private are appropriately incorporated into DMH operations and clearly explained to all DMH clients.
To assure all pertinent sources of information within the purview and responsibility of DMH are maintained and shared in accordance with all
applicable medical records policies, State and Federal regulations and laws.
|
| DMH shall ensure and protect clients’ right to privacy and confidentiality of all sources of their PHI, in accordance with all applicable County, State and Federal laws, policies and procedures, including, but not limited to:
All information and records obtained in the course of providing services to voluntary and involuntary recipients of specified services, including mental health, community mental health, admissions and judicial commitments and mental institutions. (California Welfare and Institutions Code Section 5328) All PHI as specified in the HIPAA.
All County workforce members shall receive HIPAA Privacy Awareness Training and orientation to new, revised policy and procedures and forms connected to the implementation of HIPAA Privacy regulations.
It shall be the responsibility of the program/unit manager to assure that distribution and efforts to communicate DMH Notice of Privacy Practices occurs at first contact with new clients and within 60 days for all currently enrolled clients. DMH Notice of Privacy Practices and DMH Acknowledgement of Receipt may be used when appropriate for the following situations:
-
Walk-in evaluations that do not result in on-going services at the site of evaluation. -
Mobile evaluations that do not result in hospitalization or referral for on-going services at a clinic site. -
Mobile evaluations that result in hospitalizations and the client will not be referred to the team’s clinic site (i.e., out of area client). -
Face to face triage in which the primary activity with the client is interfacing with one or more other agencies to ensure and/or coordinate services. DMH Notice of Privacy Practices shall be available to client upon request.
It shall be the responsibility of the Privacy Officer to assure that the Notice of Privacy Practices is re-released at least every three (3) years and after changes to the practices have been formalized by Federal, State and local law or policy.
At the direction of the program/unit manager, workforce members shall take personal responsibility within the scope of their job description to ensure clients receive and understand all parts of the DMH Notice of Privacy Practices. For purposes of this policy, the term “workforce member” is used broadly and is defined to mean any permanent or temporary employee, unpaid student, intern, volunteer, and any other person who represents DMH in the course of his/her work duties.
It shall be the responsibility of the program/unit manager to ensure that students, volunteers, and interns are oriented to understand Notice of Privacy Practices and know how to use the forms associated with it.
|
| HIPAA, 45 CFR Parts 160 and 164, Standards for Privacy of Individually Identifiable Health Information
HIPAA, 45 CFR Sections 160.103 and 164.500
HIPAA Public Law 104-191
HIPAA, 45 CFR Sections 164.502 and 164.520
HIPAA, 45 CFR Section 164.512
HIPAA, 45 CFR Section 164.508
HIPAA, 45 CFR Parts 160 and 164 Sections 164.522, 164.524, 164.526, and 162.528
California Welfare and Institutions Code Section 5328
|
