top of page

PRIVACY POLICY

Policy

It is the policy of the Gándara Center to keep all information regarding a person receiving services confidential, in compliance with all applicable state and federal laws and regulations. Confidential information includes the person’s name, social security number, address, date of birth, and any other data, which may identify them.  Confidential information also pertains to Protected Health Information (PHI) as delineated in the Health Insurance Portability and Accountability Act (HIPAA) and 42CFR Part 2, “Confidentiality of Alcohol and Drug Abuse Patient Records”.

 

Procedures

Access to Confidential Information:

  1. Access to confidential client information, as defined and described in this Policy, is restricted to authorized agency personnel with a need to know such information in order to provide, supervise, or administer services to the client.

  2. Authorized personnel are restricted from sharing any confidential information with non-authorized personnel.

  3. All personnel have an affirmative responsibility to report any breach of confidentiality to his/her immediate supervisor.

  4. Information may be shared among authorized personnel only as necessary to facilitate effective services. This includes the Case Records Review committee, in order to conduct case record audits and utilization reviews.

  5. Consultants, volunteers, interns, auditors, contractors, and other outside agents shall have access to confidential information only to the extent necessary to conduct authorized functions. Such individuals shall be required to sign an agreement stating they will treat the information in a confidential manner and not disclose such information to unauthorized individuals.

 

Release of Information

Confidential information may only be released under the following conditions:

1. The service recipient (or authorized parent/guardian) has consented in writing to the release of information to a specified person or agency. This release may be valid for a specified length of time and is subject to revocation by the consenting individual. The purpose for the disclosure, and the nature of the information to be released, must be specified in writing. A Consent to Release Information must be signed.

 

2. When child abuse or neglect is suspected.

 

3. When in the service provider’s opinion there is imminent danger to the health or safety of the person receiving services or another individual, or there is a likelihood of the commission of a felony or violent misdemeanor.

 

4. When a physician or other health care provider is providing emergency services to a client. A service provider may exchange only information, which is necessary for the emergency services to be provided.

 

5. In response to a request from a Guardian Ad Litem. Guardian Ad Litems are covered by a blanket court order mandating the release of information regarding a child and/or family members. It is proper to ask for a copy of the order prior to releasing information.

 

6. When a service provider has determined that it is in the best interest of the individual to pursue involuntary commitment or adjudication of incompetence, confidential information may be disclosed for purposes of filing a petition.

 

7. In response to a request from the State Department of Crime Control and Public Safety, information concerning a victim who is filing a Victim’s Compensation claim. This information is limited to the person’s name, social security number, address, date of birth, and/or billing information. Personnel may confirm or deny to an unauthorized person that an individual is receiving, or has received, services at the Agency only with the individual’s written permission.

 

8. Confidential information obtained from a third party (e.g., psychological evaluations, records from a previous therapist at another agency, etc.) shall not be released without the written consent of the service recipient or parent/guardian.

  1.  

 

 

Pre-Employment and In-Service Training

All personnel are required to know and strictly follow all procedures involving the protection of client confidentiality. The Compliance Officer or other designated individual shall provide an orientation to this Policy and Procedures and applicable state and federal laws and regulations to all incoming employees, volunteers, and contractors.  Annual in-service training shall be provided to all personnel on any change in laws and regulations.

bottom of page