PSA Art Awakenings takes great care to ensure the privacy of those we serve.  For additional information regarding our policy, please click here.
PSA Art Awakenings    |     home
Our Galleries   |   Contact Information       |   Las Artes   |   ERC   |   Youth Program   |   Privacy Policy
PRIVACYPOLICY

PSA   HIPAA Manual   Policy And Procedure   Privacy Notice Policy

Purpose
The purpose of this policy is to establish guidelines and procedures for implementation of the “Privacy Notice” regulated by HIPAA.

Definitions
Designated Record Set (DRS) - The medical and billing records about an individual and maintained by or for PSA.  Used, in whole or in part, by or for PSA to make decisions about individuals.
Disclosures - Means the release, transfer, provision of access to, or divulging in any other manner of information outside the entity holding the information.
HIPAA - The Health Insurance Portability and Accountability Act of 1996.
Healthcare Operations - We may use and disclose protected healthcare information for business activities occurring during the Agency operations that are necessary to provide and ensure consumers receive quality care.  For example, we may use medical and behavioral health information to review and evaluate treatment services and staff performance.  Client satisfaction surveys will be conducted at treatment staffings and will be given within 60 days of the last survey to ensure quality of care.  The Arizona Department of Behavioral Health Licensure also conducts annual site reviews whereby designated record sets are reviewed with regard to services provided and completeness.
Individual - The person who is the subject of protected health information.
Payment - Protected health information may be used and disclosed so that the treatment and services we provide to may be billed and payment may be colleted from appropriate payers, such as the Arizona Division of Behavioral Health Services (ADBHS), ValueOptions, an insurance company such as AHCCCS or a third party.  For example, we will need to disclose information about treatment services received, progress, estimated length of service, etc., so that the payer can make payment to PSA.  We may disclose medical/behavioral health information to obtain prior approval or authorization for continued services.
Protected Health Information (PHI) 45 CFR 164.501 - Means individually identifiable health information:
Except as provided in paragraph (2) of this definition, that is:
Transmitted by electronic media;
Maintained in any medium described in the definition of electronic media at Section 162.103; or
Transmitted or maintained in any other form or medium.
Excludes individually identifiable health information in:
Education records covered by the Family Education Right and Privacy Act, as amended, 20 U.S.C. 1232g; and
Records described at 20 U.S.C. 1232g (a)(4)(B)(iv).

Treatment - In order to provide quality care, we may use medical and behavioral health information to make decisions with regard to care, treatment, and/or services.  For example, clinicians may use medical and/or behavioral health information to develop treatment plans and schedule appropriate services.  We may disclose medical and behavioral health information to psychiatrists, primary care physicians, nurses, therapists, case managers and other behavioral health professionals who are involved in care.
Use - Means with respect to individually identifiable health information.  The sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information.

General Provisions
An individual has a right to adequate notice of the uses and disclosures of protected health information that may be made by Presbyterian Service Agency and of the individual's right and the Agency's legal duties with respect to PHI.

Policy
It is the policy of he Agency to adhere to the Health Insurance Portability and Accountability Act (HIPAA) requirement to develop a “Privacy Notice” specific to the Agency and develop a process for implementation, modification, and complaints.

Procedure
The Director of Quality Management conducts a “Flow of Analysis” with the Agency's program directors and staff.
The Director of Quality Management writes a Privacy Notice that meets the requirements of 45 CFR 164.520 and all applicable HIPAA regulations.
The Agency's legal counsel will review the Privacy Notice and provide recommendations.
The Program Directors are given “Privacy Notices” for distribution to their staff and implementation to the consumers served on April 14, 2003.
A copy of the “Privacy Notice” will be available at the service delivery site and posted in a clear and prominent location where it is reasonable to expect individuals seeking service from the Agency to be able to read the Notice.
The Privacy Officer will be responsible for any modifications and revisions of the “Privacy Notice”.
The Agency will make the notice available upon request on or after the effective date of any revised Notice and promptly provide the revision at each service delivery site and post it in a clear and prominent location.
PSA may post its Notice on the PSA web site and make the notice available electronically through the web site.
PSA will include the “Privacy Notice” in all of its Intake Packets, and have the consumer sign receipt of the Privacy Notice at Intake.
The Notice will be re-signed any time there is a Notice revision and/or upon 3 years of services, whichever occurs first.
The Medical Records Coordinator will file the signed “Privacy Notices” under the legal section in the consumers' designated record sets.
The Training Coordinator will develop curricula for “Privacy Notice” training along with posttest.
The Privacy Officer and Co-Privacy Officer will oversee the employee training.