LOS ANGELES COUNTY
DEPARTMENT OF MENTAL HEALTH
  Policy 508.02 Confidentiality
 
  PROCEDURES
  1. All County employees, including students, volunteers and interns, shall review, sign and abide by all applicable confidentiality oaths.
     
  2. Confidentiality shall be applied to the use, dissemination or release of all information and records in the course of providing services to either voluntary or involuntary recipients as specified in the State of California W&I Code, Section 5328. All information and records developed in the course of providing services shall be deemed confidential unless otherwise indicated.
     
  3. Employees shall never access or use confidential and/or Sensitive and/or Protected Health Information (PHI) with anyone who does not have the “need to know”. This shall include, but not be limited to, use and storage of passwords in a manner that assures they are not shared with unauthorized persons.
     
  4. Release of client information to any party shall be carried out only upon completion of a valid and current written authorization for use and disclosure. Exceptions shall be made only when release without client/legal representative consent is mandated by legal statute, or when communication without such written consent is legally authorized as specified in W&I Code 5328 and HIPAA Standards as described in DMH Policy No. 502.01, Privacy Practices Notice.
     
  5. Situations mandating release of information with or without consent include, but are not limited to, the following:
     
    1. By a mandated reporter who has knowledge of or observes a child in his/her professional capacity or within the scope of his/her employment whom he/she knows or reasonably suspects has been the victim of child abuse (Penal Code Section 11166), refer to DMH Policy No. 303.02, Reporting Suspected Child Abuse and Neglect, for specific procedures.
       
    2. By a mandated reporter who encounters suspected elder or dependent adult abuse or neglect, refer to DMH Policy No. 303.03, Reporting Suspected Elder/Dependent Adult Abuse and Neglect, for specific procedures.
       
    3. When the patient, in the opinion of his/her psychotherapist, presents a serious danger to a reasonably identified victim or victims, refer to DMH Policy No. 303.01, Duty to Warn and Protect Third Parties in Response to a Threat (Tarasoff Decision).
       
    4. Upon the receipt of a properly served subpoena. Subpoenas for consumer (client) records shall be referred to:
Custodian of Records
Standards and Records Division
550 S. Vermont Ave., 10th Floor
Los Angeles, CA 90020
  1. Employees shall refer to the DMH Medical Records Manual, consult with appropriate supervisory personnel and request consultation from the DMH Custodian of Records regarding specific confidentiality matters.
     
  2. Information and records obtained in the course of providing services may be shared in communications between qualified professionals in the provision of services or appropriate referrals (WIC, Section 5328). Among employees, client records or information contained in such records may be released to DMH employees when they are performing their County duties and such information is needed in the fulfillment of their responsibilities.
     
  3. Employees who receive requests for treatment information from consumers and/or family members shall refer to DMH Policy No. 501.01, Clients’ Rights to Access Protected Health Information and Confidential Data or DMH Policy No. 300.05, Providing Notification and Patient Information to Family Members, for specific guidelines.
     
  4. Employees shall not make use of confidential information and records relative to DMH clients in connection with outside work or business interests. Confidential information possessed by DMH and required by professional clinicians in carrying out private services to clients shall be obtained only through appropriate channels. (See DMH Policy No. 608.02, Conflict of Interest).
     
  5. Confidentiality shall be maintained in all programs that are collaborative in nature between DMH and various departments and service delivery systems (e.g., drug and alcohol treatment, developmental disabilities, health services) in keeping with all applicable statutes and regulations. Programs requiring such collaboration across service delivery systems shall develop and implement an appropriate interagency confidentiality policy, such as a Memorandum of Understanding, Trading Partner Agreement or other appropriate document or mechanism to assure all applicable regulations, statutes and procedures regarding confidentiality across all systems are adequately addressed.
     
  6. Employee shall also apply all pertinent confidentiality guidelines to documents not typically included in a clinical record, such as telephone calls to ACCESS or Patients’ Rights, and interpreter services as well as all information maintained in computer or hand tally databases/logs, such as telephone number, name, address and social security number.
     
  7. Employees shall follow the appropriate procedures for maintaining confidentiality in the reporting of incidents involving injuries, deaths and alleged patient abuse in keeping with DMH Policy No. 303.05, Reporting Clinical Events Involving Active Clients.
     
  8. Employees shall assure that client records are distributed, maintained and stored in a manner that will assure access only to those employees authorized to review records. Each program/center manager shall regularly monitor operations to assure client records are distributed and secured in a manner that will assure confidentiality. (See DMH Policy No. 401.01, Legal Responsibility for Uniform Clinical Records.
     
  9. Confidentiality of HIV and AIDS information as it pertains to DMH clients shall be maintained in keeping with DMH Policy No. 310.01, Human Immunodeficiency Virus (HIV) and Acquired Immunodeficiency Syndrome (AIDS) Clinical Documentation and Confidentiality.
     
  10. Information stored in electronic data systems shall be maintained in keeping with all applicable confidentiality regulations. This shall include data from both microcomputer systems (see DMH Policy No. 302.09, Confidential and Sensitive Information on Microcomputer Systems. NOTE: This policy has been deleted) and Network computers/MIS (see DMH Policy No. 1200.05, Networked Information Systems Usage).
     
  11. As a condition of conducting research, employees shall maintain in keeping with DMH policy and Welfare and Institutions Code, Section 5328. This shall include a signed oath of confidentiality as per WIC 5328(e) (see DMH Policy No. 1400.01, Mental Health Research Review).