The Organization shall insure the privacy of all clients at all sites. It is the Organization's priority to ensure that all clients feel their privacy is protected and the Organization is a safe place for them. As such, the Organization will take all reasonable efforts to protect client privacy.
The Organization does not require clients to waive their rights concerning treatment, payment, or health care operations in order to comply with HIPAA. Any incidents shall be reported immediately to senior staff for corrective action and disciplinary measures.
The Organization shall inform all clients of the Notice of Privacy Practices and make available upon request to all individuals as specified in this policy.
It is the policy of The Organization to accommodate reasonable requests by clients to receive communications of PHI from The Organization by alternative means or at alternative locations.
The Organization shall allow clients to request in writing or orally that PHI from The Organization be received by an alternative means or sent to an alternative location. If the request is received orally The Organization will document in writing the request.
The client does not have to provide an explanation as to the basis of the request.
It is the policy of The Organization to confirm and verify all client personal representative relationships.
The Organization shall treat the valid personal representative of a client as if he or she was the client regarding client access to his or her PHI as well as all relative proceedings, i.e., client amendments, etc. The personal representative must provide verifiable proof for all other types of authority to represent on behalf of the client, i.e., power of attorney.
The Organization shall treat a person as the personal representative, under applicable law, if the person has verifiable authority to act on behalf of the individual in making decisions related to health care. The Organization shall require identification and certification of authority and document and photocopy such within the client case record.
The Organization shall only treat a person as a personal representative of a deceased individual upon receipt of a valid authorization that certifies that person to act on behalf of the deceased individual or the individual's estate.
The Organization may decide that a person will not be treated as the personal representative of an individual if The Organization determines that it is not in the best interest of the individual to treat that person as the personal representative when The Organization has reasonable belief that:
In such instances applicable reporting laws of the State of Ohio shall be followed by The Organization.