- TCH PQI Manager shall serve as the Privacy Officer and will be responsible for the development and implementation of department-wide policies and procedures relating to the HIPAA requirements to ensure compliance with federal regulations. The Privacy Officer shall be responsible for, but not limited to, the items listed below:
- Oversee all ongoing activities related to the development, implementation, maintenance of, and adherence to TCH policies concerning privacy.
- Monitor the process for receiving, documenting, tracking, investigating, and taking action on all complaints.
- Ensure that TCH is in compliance with its privacy practices and HIPAA privacy policies for all employees; and
- Training as applicable
- Campus Privacy Officers: At lease one individual at each campus will serve as support for the Privacy Officer and their facility.
- Campus Privacy Officers designees will be responsible for providing information about privacy practices for their facility and coordinating with the Privacy Officer to assist in the investigation of complaints and processing of client requests.
- All TCH employees and business associates will respect and protect the privacy records and health information about clients who request or receive services from TCH.
- All health information regarding TCH clients is confidential and must be safeguarded in accordance with DCS HIPAA privacy policies and procedures. (9.4 Confidential Child-Specific Records Information, 9.5 Access and Release of Confidential Child-specific Information, and 32.4 Administrative, Technical and Physical Safeguards)
- TCH shall not use or disclose PHI unless:
- The client has authorized the use or disclosure in accordance with DCS Policy (32.3 Uses and Disclosures of Client Protected Health Information) or
- The use or disclosure is specifically permitted under DCS policy 32.3, Uses and Disclosures of Client Protected Health Information
- If any State or Federal law or regulation, or order of a court having appropriate jurisdiction, imposes a stricter requirement upon any TCH policy regarding the privacy or safeguarding of information, TCH shall act in accordance with that stricter standard.
- All staff will act in accordance with established policies and procedures outlined in DCS policies 9.4 Confidential Child-Specific Records Information and 9.5 Access and release of Confidential Child-Specific Information regarding the safeguarding and confidentiality of individual information whether health-related or not, in all programs, services and activities.
- The TCH Privacy Officer must be consulted if there are clarifications needed with privacy policies.
- TCH staff must give a copy of the Notice of Privacy Practices to any client age 12 years old or older enrolling in or receiving services from TCH, describing the actions a client may take, or request TCH to take.
- Each client who receives services from TCH must sign an acknowledgement form on their first date of service. This signed acknowledgement must be maintained in the client’s file for a minimum of six (6) years.
- If TCH cannot acquire a signed acknowledgement from the client, the reason must be documented in the client’s case record. This signed acknowledgement or documentation of good faith effort must be maintained on file for six (6) years.
- TCH may be considered a business associate of service providers. If so, PHI may be shared among business associates and covered entities without further consent from the individual.
- The TCH Notice of Privacy Practices will contain all information required under federal regulations regarding the Notice of Privacy practices for PHI under HIPAA.
PRISON RAPE ELIMINATION ACT (PREA) REQUIRES AN AGENCY TO POST THIS NOTICE THROUGHOUT THE FACILITY SIX WEEKS PRIOR TO AN AUDIT OF PREA STANDARDS. THE PREA AUDIT OF THE TENNESSEE CHILDREN’S HOME WILL OCCUR JULY 1-3, 2014. THE PERSON DOING THIS AUDIT IS:Jeff Rogers P.O. Box 1628 Frankfort, Kentucky 40602 Should anyone wish to contact the auditor please feel free to contact Mr. Rogers at the address above. All correspondence is strictly confidential between the person sending the correspondence and Mr. Rogers.
Click Here to view: PREA Spring Hill audit report