1 / 48

Youth Quest

Youth Quest. Confidentiality Training. Section 1 - General Rule. General Rule Definition No acknowledgement or disclosure of any confidential information to anyone, without authorization.

allen-diaz
Download Presentation

Youth Quest

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Youth Quest Confidentiality Training

  2. Section 1 - General Rule • General Rule Definition • No acknowledgement or disclosure of any confidential information to anyone, without authorization. • One of the most difficult issues for many people who receive mental health services is the negative stereotypes and social stigma associated with mental illness, mental retardation, autism, and substance abuse.  • In the course of providing services to our clients, we obtain a lot of personal information, some of it about very private aspects of their lives.  Unauthorized disclosure of this information can result in not only embarrassment and loss of trust but also in clients losing their homes or jobs.  For these reasons confidentiality regarding personal information is protected by professional codes of ethics, by regulations, and by state and federal laws.

  3. What does confidential mean? • Confidentiality - The protection of private, identifying information. If information is accorded a confidential status, that status mandates specific controls, including strict limitations on access and disclosure, so that unauthorized persons cannot access it. These controls must be adhered to by those handling the information. Confidentiality is an inclusive concept that is designed to assure that information will be used responsibly. It is an integral part of professional codes of ethics that regulate the disclosure of information obtained in the course of professional interactions.

  4. Individually identifiable information - • Information, which makes it possible to identify an individual. This may be direct (name, SS#, etc.) or indirect (information from which one can reasonably figure out the identity of an individual).

  5. General Rule ------------- • Youth Quest recognizes and adheres to this general rule. It should serve as the fundamental guideline to all employees. The rule is overstated to emphasize the importance of protecting people’s privacy and our role in safeguarding privacy. • It provides employees with a basis for decisions in situations where people are seeking information about individuals for whom we provide services or about whom we have information. • The emphasis here is on information related to people requesting or receiving services. Administrative information and personnel information can also be confidential, but are governed by different laws and rules.

  6. General Rule ------------- • Key Points: • 1) You know nothing, and you share nothing without an authorization. • 2) You don’t admit knowing or not knowing the person without an authorization. • 3) You do not share information with co-workers, professionals, the client’s family, law enforcement, legislators, the Governor, or your friends or family without an authorization. • The General Rule:No acknowledgement or disclosure of any confidential information to anyone, without authorization.

  7. General Rule ------------- • Here is one way to reply to any formal or informal request for information that is not covered by an authorization to release information. "I’m sorry, I can’t give you any information about anyone without an authorization from the person" • The General Rule:No acknowledgement or disclosure of any confidential information to anyone, without authorization.

  8. General Rule ------------- • It is important to use this response consistently. Saying "I’m sorry, I can’t give you any information about anyone without an authorization from the person" when he/she is a client and saying "No, X is not a client" when he/she is not a client will let anyone figure out fairly quickly that when you refuse to acknowledge individuals without getting an authorization, they must be known to the department. • Requests for information from media, legislators, family members, or the Governor’s office all get the same response. Explain that confidentiality is governed by state and federal law.  If the questioner persists, you may refer them to your consultant or the Director of Youth Quest. • The General Rule:No acknowledgement or disclosure of any confidential information to anyone, without authorization.

  9. General Rule ------------- • 1) Confidentiality still applies after a person’s death. • 2) You are bound by confidentiality after you leave the position in which you acquired confidential information. • 3) Information received from ANY source (client, family/guardian, friends, neighbors, etc.) regarding ANY person receiving services is confidential. • Example: a client’s family member sees you in the grocery store and tells you something. You still treat it as confidential, even if other people were present and could hear the conversation.

  10. General Rule ------------- • Even public information (e.g., available in newspapers, phone books, vital records) which you learn in your work may be confidential because your knowledge of a person or events might imply a professional connection to the person.  This could identify the person as receiving services. • This applies to such things as name, address, and phone number even though these often can be found in the phone book!

  11. General Rule Exceptions • There are specific exceptions in law which allow disclosure of confidential information: • 1) The major exception allows for use and disclosure if the person or their legal guardian has given informed approval and signed a written authorization for the release of information. • 2) Some exceptions allow disclosure without a signed authorization from the person, but it is always best to obtain permission for a disclosure, if possible. • A person cannot be required to sign an authorization of disclosure in order to apply for or receive services.

  12. HIPAA - A Note to the future • It is important to note that, under the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), there may be further changes to this policy.  You will be notified as they occur.

  13. Exercise #1 ------------- • What should you say? 1. You have just been called by a newspaper reporter who is asking for information about a youth being served in your home. What is the correct response to requests for information from the media? • I can only verify that the person is a client. • I can’t give you any information about anyone without an authorization from the person. • Yes I know the person, but I'm not at liberty to say anything else. 2. An client's uncle stops you in the grocery store and wants information about his nephew. What is the correct response to requests for information from family members? • I can't discuss this publicly, please call me at the office. • I’m sorry, I can’t give you any information about anyone without an authorization from the person. • I'm not supposed to say anything, but maybe I can help you. What do you want to know?

  14. Answers • 1. B. is the correct answer. I can’t give you any information about anyone without an authorization from the person. • 2. Again B. is the right answer. It does not matter if it is a family member.

  15. General Rule ------------- Good for you! You have completed the Confidentiality section of training. Hopefully you have learned the basics about the Youth Quest confidentiality policy.  More specifically you covered and learned to: • Define the general rule. • Give the correct response to inquires. • Describe what is confidential. • If you feel that you have learned the training material presented in this section please move on to Section 2 - Informed Consent. • Remember you can request review during in-service of any pre-service training material as often as needed.  The goal of the training is not speed but comprehension.

  16. Section 2 – Informed Consent Great, you have made it to Section #2! Informed Consent. Now you will focus on how to get consumer consent that will allow the release of confidential information. In this section you will learn to: • Define the concept of informed consent. • Outline what the consumer must understand, at a minimum, for consent. • Learn about Consent, Authorization, and the Notice of Privacy Practices.

  17. Informed Consent • Clients must be informed about privacy practices and the laws, rights, and regulations that protect their health information. • They must be provided a summary of these practices. • Here is the Youth Quest Notice of Privacy Practices

  18. Informed Consent -------- • The concept of "Informed Consent" is applicable to authorizing disclosure of confidential information. • Informed consent is freely given and based on an explanation and understanding of what is to be disclosed, to whom, for what purpose, the potential risks and benefits of disclosure or non-disclosure, alternatives to disclosure, and the right to refuse or revoke consent. • There are two different forms for which people are asked to give their informed approval.  One is to give consent to Youth Quest to disclose information for treatment, payment and healthcare operations. 

  19. Notice Of Privacy Practices Important! This notice describes how medical and personal information about you may be used and shared with other agencies and persons and how you get access to certain information. Please review it carefully! This notice is effective on January 1, 2007 Youth Quest Inc. collects and shares information about you in order to provide the highest quality services. All information we know about you is private and “confidential”. This information is protected by Federal and State laws. This Notice of Privacy Practices for Youth Quest Inc. tells you how we will use and share the information about you. At all times, only the minimum amount of information needed will be released. This notice does not describe all precise circumstances, but is an overview. Youth Quest Inc. is required to notify you of our privacy practices and to follow the terms of this privacy practice notice. We reserve the right to revise this notice as necessary. For further information regarding Youth Quest Privacy practices, please contact the Youth Quest Clinical Director; (919) 942-1625. This notice is posted on our website: www.youthquestinc.org CONTINUED……

  20. Youth Quest Inc. May Use and Share Information Without Your Authorization! In Order to Treat You- We will release information when necessary to coordinate your care and treatment. This means that we will share information about you with other mental health providers and they will share information with us in order to help you and to create and fulfill your treatment plan. This could include the referral to a different facility or agency. In Order to Gain Reimbursement Payments for Service-We may release confidential information in order to gain payment for services we render to you. This information is used to determining eligibility, managing claims, determining the needs for services, certifying services, review of services, administrative actions related to this, etc. In Order to Provide Better Service- We may release confidential information to the Mental Health agencies we work with in order to improve the quality of services, improve consumer satisfaction, resolve concerns, and evaluate performance of agencies. We will also release information if needed to inspect or investigate an agency In Order to determine Eligibility- We may share information about you in order to determine if you are eligible for certain programs that could be helpful to your treatment including private or government agencies (example SSI or others). In Order to Ensure Safety- We will share information with others in order to protect you or others from harm or to try and prevent a crime from occurring if it appears it may. In Order to Treat You in an Emergency- We will share information in emergency situations such as a medical emergency or other mental health emergency. In Order To Follow the Law for Certain Situations- We will share information with Public Health Agencies if we suspect you may have a communicable disease. We will share information to Law enforcement when required by law or court order. In Order to Report suspected Abuse, Neglect, or Exploitation- We will share information with government agencies designated to investigate if there is a suspicion of abuse, neglect, or exploitation. In Order to Keep the Team Informed About Your Progress- We will share information about you with a relative, close personal friend, or other person involved in your care if the information is relevant to your care. If you are a minor, we will share information about you and your treatment to your parent, guardian, or other responsible person except in certain circumstances protected by law. Other Information Will Only Be Released with your Written Authorization In other circumstances not listed above when information could be shared with others, we will only release the information after you have signed the “Authorization for the Release of Personal and Health Information”. You have the right to revoke that consent.

  21. You Have Certain Rights Related to Your Privacy • You Have The Right- To question the accuracy or completeness of the information in your record. If something is incorrect you may request us to change it to reflect accuracy. You will need to request in writing what you disagree with and why. A decision will be made about the accuracy of the record and the need for change by the Clinical Director. • You Have The Right- To see and get copies of your records in many cases when it is determined to be in your best interest to receive those records. You should request the copies in writing and you may be charged a reasonable fee for copies. • You Have The Right- To be contacted in a manner that is the most convenient for you. We will agree to any reasonable request to change the manner in which you are typically contacted to insure a strong communication between team members. • You Have the Right- ToYou have the right to request that we limit the use and disclosure of medical information about you for treatment, payment and health care operations. We are not required to agree to your request. If we do agree to your request, we must follow your restrictions (except if the information is necessary for emergency treatment). You may cancel the restrictions at any time. • You Have The Right- Under certain circumstances, to request a list of agencies to which confidential disclosures have been made that were not done to improve treatment, service, communication, or determine government eligibility. This would not include information provided to your team members and your family members and information given with your signed consent. • You Have The Right- To receive updated versions of this Notice Of Privacy Practices and Youth Quest Inc. will make every reasonable effort to insure you have the most recent version available.

  22. You Have The Right to File a Complaint regarding Youth Quest Inc’s Privacy Practices. If you feel that your rights to privacy have been violated or are not satisfied with the procedures of Youth Quest Inc., you may file a complaint with us about this concern. We will not take adverse action against you if you file a complaint but will rather work to the best of our ability to resolve the concern. To file a formal complaint with Youth Quest Inc., please contact one of the Family Teachers or other clinical supervisors and request a copy of the Grievance form. Please fill out and submit the grievance form as quickly as possible so that we as a team can work to resolve the concern. You may also contact the Governor’s Advocacy Council for Persons with Disabilities at www.gacpd.com on the internet or at 1-800-821-6922. Their Fax Number is 1-919-733-9173.Their address is: ] GACPD1314 Mail Service CenterRaleigh, NC 27699-1314 Additionally, you may contact the: Office for Civil Rights US Department of Health and Human Services 61 Forsyth Street, SW. – Suite 3B70 Atlanta, GA 30323 (404) 562-7886; (404) 562-7881 Fax

  23. Signature obtained I understand and have received a copy of this Notice Of Privacy Practices for Youth Quest Inc. Signed _____________________________________Date: ________________ Signature of client/legally responsible person Witnessed: _____________________________________Date: ________________

  24. Informed Consent • The person or guardian must be informed of the privacy practices of Youth Quest, the laws and rules protecting confidentiality of health information, and the exceptions which allow disclosure without the person’s approval.  • This Information has been presented as simply as possible

  25. Informed Consent This is what the consumer must understand, at a minimum, in order to give informed approval for the use or disclosure of health information. 1) PURPOSE 2) TO WHOM OR FROM WHOM INFORMATION IS BEING SENT 3) TIME LIMIT 4) RISKS & BENEFITS 5) ALTERNATIVES 6) CONSEQUENCES 7) REVOCATION

  26. Authorization For Release of Information The other form which requires informed approval is the Authorization to Release Information which allows Youth Quest to obtain specific information from or release specific information to other entities.  AUTHORIZATION TO RELEASE INFORMATION

  27. Informed Consent • Exercise  #2Check Your Knowledge • 1. What concept is applicable to authorizing disclosure of confidential information?A. Explained ConsentB. Informed ApprovalC. Consent Decree • 2. Information should be provided. . .A. in writing.B. verbally.C. in whatever form the person understands best. • 3. On the release of the Authorization for Release of Information form, which of these does not need to be specifically authorized?A. Heart ConditionB. HIV/AidsC. Substance Abuse • 4. Which of the following are the minimal requirements for informed approval?A. Purpose, Time Limit, Risks & Benefits, Alternatives, Consequences, and Revocation.B. Purpose, Time Limit, Laws, Alternatives, Billing Services, and Revocation.C. Purpose, Process, Risks & Benefits, Alternatives, Consequences, and Renewal.

  28. Answers: 1. B. Informed Approval 2. C. in whatever form the person understands best. 3. A. Heart Condition would be included in general health information and does not require a specific authorization within the form 4. A. Purpose, Time Limit, Risks & Benefits, Alternatives, Consequences, and Revocation.

  29. Informed Consent Terrific!  You have already completed two sections. In this section you learned to: • Define the concept of informed consent. • Outline what the consumer at minimum must understand for consent. • You may want to revisit this section if you have questions about the consent or authorization process.  Remember that these training materials are here for your reference any time you need them.

  30. Exceptions -------- You are flying now! The General Rule and Informed Consent sections are done and you can focus on your next section, the Exceptions section. In this section you will learn to: • Identify the 12 categories of exceptions.

  31. We’ve reviewed the informed consent and signed authorization process. There are exceptions which allow for disclosure without the person’s specific approval. The person must be informed of these exceptions when confidentiality is explained. The person should also be informed of disclosures made without their approval whenever possible. Best practice is to have a signed authorization whenever possible.

  32. Exceptions There are 10 categories of Possible Exceptions. 1) EMERGENCY includes any situation where there is clear imminent threat or danger to a person. In an emergency or when there is suspected abuse or neglect, necessary information may be released without the person's consent. This is limited only to that information necessary to accomplish the purpose of disclosure.  Examples of emergencies include:- Suicidal or other danger to self.- Health/medical emergency.- Responsibility to warn others of specific threatened harm 2) INVOLUNTARY ADMISSION requires sufficient information to justify admission.

  33. Exceptions 3) MANDATORY REPORTING of abuse/neglect supercedes confidentiality. This applies whether the person is a victim or perpetrator.  Substance abuse programs can make an initial report of the abuse without an authorization, but any further information will require a specific authorization. 4) FOR PURPOSES OF REIMBURSEMENT – Youth Quest may release information without a signed authorization for payment purposes such as billing Medicaid, or other insurers . 5) SPOUSE OR NEXT OF KIN may be given general information about a person’s physical condition or mental status (for example, "John's condition is stable".) unless the person has restricted disclosure of this information. 6) COURT ORDER: Refer to the "Court Proceedings" section of the Guidelines. A subpoena issued by an attorney or administrative agency  is not a court order. 7) WITHIN A LOCAL MANAGEMENT ENTITY (LME): The LME exception applies to sharing of information among members of an individual’s treatment team. It does not allow wholesale sharing of information between agencies.  Federal Mental Health & Substance Abuse law allows for "Qualified Service Agreements" among programs.

  34. Exceptions…. 8) INTERNAL OPERATIONS: In addition to payment, Youth Quest may also share information internally as needed for treatment and health care operations, including planning and administrative purposes. Still, information should always be limited to a legitimate "need to know" and the minimum necessary. 9) AS OTHERWISE REQUIRED BY LAW: This includes reporting criminal activity or reporting certain diseases to public health officials. 10) RESEARCH must be approved by an Institutional Review Board and requires informed consent for participation. No identifiable information is allowed in research reports. Researchers are required to sign "Non-Employee Understanding of Confidentiality" form.

  35. Exceptions -------- Exercise  #3 Give it a Try! 1. In an emergency situation, necessary information may be released without consent.TRUE 2. Specific threatened harm to others would be considered an emergency.TRUE 3. Involuntary Admission allows for confidential information to be disclosed. TRUE 4. Youth Quest may release information for payment purposes to insurers. TRUE 5. A person may restrict disclosures so that their spouse or next of kin cannot be given any information. TRUE 6. Information may not be shared with members of an individual's LSN treatment team.FALSE

  36. Exceptions -------- Way to Go! There was a lot of content in the pages of this section. This Exceptions section is very important because it defines the times when you do not need to get approval for the release of confidential information. Hopefully, you have learned to: Identify the 10 categories of exceptions. You can now move on to the last content section on security.

  37. Security ---------- If you are keeping track, you know that the Security section is the last one that covers new content. Although you are almost done, pay particular notice to this section.  It reviews policies that impact your everyday work. In this section you will learn to: • Describe the "Need to Know" concept. • Comply with the password policy. • Use proper e-mail, fax, cell phone and computer safeguards. • Secure data in the office environment.

  38. Security • The foremost idea in data security is the "Need To Know" concept. • Need To Know is Youth Quest’s rule used to decide what kind of access to certain health information an employee needs in order to do his or her job. • The  "Need To Know" concept is based on the professional work requirements so that access to confidential information is limited to that needed for employees to perform their job functions. For example, a person who provides transportation for a client does not need to know the client's medical history when it does not affect the transportation.

  39. Security • A word about passwords. • When you go to your work station and crank up your computer using your password you are using security that is based on "need to know".  • NEVER share your passwords with anyone else.  Change your password frequently and do not use a family name or other easy to figure out password to ensure no one knows your passwords. • Because Youth Quest requires that you have access only to the information you need to do your job.

  40. Security • While away from the computer, remember the old World War II saying that loose lips sink ships. Never discuss confidential information in places where you could be overheard by co-workers or visitors who are not authorized to have the information.If you are using cell phones, 2-way radios, e-mail, faxes, answering machines, and other electronic forms of communication, do not send confidential information except when there are safeguards in place to prevent unauthorized access. • Next you will review some of specific policies in transmitting confidential data.

  41. Security • Fax numbers should be verified before a fax is sent, and the person who is receiving the information must be aware that the information is being sent. Cover sheets on the faxes shall identify the enclosed information as confidential and provide clear direction to limit who can receive the information. • E-mail containing protected health information (PHI) can only be sent as follows: A. Email transmissions shall not contain PHI in the body of the message text or in the subject line. B. Any PHI contained in an email must be in the form of a password protected attachment as described below. C. Passwords shall not be communicated over any email transmission. When sharing your password with your intended recipient, communicate the password for the protected file over the telephone or fax machine. D. Shared passwords should be modified on a periodic basis with the goal of preventing unauthorized access. E. Listing of all passwords must be securely protected at all times. At no time shall a printed version of passwords be visible to any passer-by. Supervisors shall have copies of passwords for all protected files. F. Printed material containing PHI must be sent to a printer within an individual’s workgroup or other location where the individual printing the PHI can readily access the material once it is printed. Printers must be located in non-public areas or offices that require security keys, badges, or similar mechanisms in order to limit access. Users and/or their supervisors shall have the administrative privileges of terminating a print job once in the network queue. If printing problems are encountered, user shall delete the print job to prevent unauthorized disclosure of PHI. Analog cell phone and two-way radio signals may be picked up by other receivers and must not be used to convey confidential information. Answering machines whose access is not limited to only the individual receiving the message shall not be used to convey confidential information."

  42. Security • Back to computers. • Remember that you can not leave your computer unattended when you have confidential information open.  Yes, that means those 5 minute breaks do not start until you close access to the files containing the confidential material.  Treat an unattended computer as not just a possible window to your files but a open security threat to all the Department's files.To further deter wandering eyes, always try to keep your computer screens turned away from doorways or areas where unauthorized viewing could occur.

  43. Security • Computer discs, paper records, or any form of stored information must not be left out on desks or in unsecured locations.  That means those accidental copies left in the copying machine or those files you printed out and left at the printer for an hour are security breaches. Ouch!  • When  records are not in use, they must be stored in a locked file cabinet or similar secure location.

  44. Security A few final thoughts on data securityOriginal records are not to be removed from a Youth Quest site unless needed for the compliance of a court order, and then only when a certified copy is not acceptable. If the original record is removed, a complete certified copy of the entire record must be retained.When anyone, other than staff, review records, they must be supervised to assure that no documents are removed from the record and no changes are made to it. This will allow Youth Quest to keep a complete copy of the client’s master file.

  45. Security Quiz • 1. Need To Know is the Youth Quest’s rule used to. . .A. determine consumer eligibility for specific programs.B. assess an employee understanding of Youth Quest’s educational requirements.C. decide what kind of access to certain health information an employee needs in order to do his or her job. • 2. You share your password. . .A. When going on vacation.B. Never.C. When a coworker asks. • 3. Which of the following is not an appropriate location for discussing confidential information?A. In the reception area.B. In your supervisor's office.C. On the phone in your office. • 4. When you take a bathroom break, you should. . .A. do nothing just go.B. make sure both computer and paper files are secure.C. shut off your computer. • 5. When printing information about consumers you should retrieve the information. . .A. hourly.B. immediately.C. at the end of the day.

  46. Answers: • 1. C. decide what kind of access to certain health information an employee needs in order to do his or her job. • 2. B. Never. • 3. A. In the reception area. • 4. B. Make sure both computer and paper files are secure. • 5. B. immediately.

  47. Security ---------- • Good Work! • Remember that you have been given access to confidential information based on the need to know.  You are also responsible to maintain the integrity of the need to know concept when you are using the data. • In this section you learned to: • Describe the "Need to Know" concept • Comply with the password policy. • Use proper e-mail, fax, cell phone and computer safeguards. • Secure data in the office environment. • If you feel comfortable with the material in this section move on to the case example!

  48. Basic Confidentiality Congratulations! You have completed the basic confidentiality content areas of this training. (Provided you did not skip directly to this point) Pat yourself on the back and be sure to request case examples during in-services when possible.

More Related