2053 Confidentiality | ADMINISTRATION-5600-MANUAL
|
Georgia Division of Aging Services |
|||
Chapter: |
2050 Basic Considerations for Recipients of Services |
Effective Date: |
08/16/2022 |
|
Section Title: |
Confidentiality |
Reviewed or Updated in: |
MT 2023-01 |
|
Section Number: |
2053 |
Previous Update: |
MT 2021-06 |
|
Summary Statement
Any information related to a client is confidential. Release of this information to unauthorized persons or agencies is strictly prohibited.
Basic Considerations
All providers of DAS funded services are responsible for maintaining confidentiality of information obtained in the delivery of services. No information about a consumer may be disclosed in a form that identifies the person without the informed consent of the person or of his or her legal representative unless disclosure is required by court order, for program monitoring/audit by authorized federal, state or local monitoring/auditing agencies.
The consumer must be informed if failure to provide informed consent precludes referral to another service agency.
Case record information (excluding Adult Protective Services and Guardianship records) may be released to the following:
-
The consumer
-
An individual or agency, if the consumer signs Form 5459, Authorization of Release of Information
-
An individual or agency, if the consumer signs a AAA specific release of information document
-
Service delivery partners, as applicable, including
-
The Department of Community Health
-
The Division of Aging Services
-
The Division of Family and Children Services
-
Providers serving the consumer
-
Adult Protective Services case record information may be released to the following:
-
Law Enforcement and/or Emergency Responders
-
As part of an APS report or investigation
-
In emergency situations in which the AAA Director, APS Supervisor or leadership, Guardianship Supervisor or leadership judges that the release is necessary to prevent loss of or risk of life or health.
-
| Refer to MAN 5500, Adult Protective Services and MAN 5800, Public Guardianship for requirement in these programs. |
Informed consent must be obtained prior to referring an individual to an outside agency for services. Such consent may be written or oral; written consent is always preferred.
Example: If a client has called the ADRC seeking a home delivered meal service, you will not have to obtain an additional consent to refer to a meals provider since that was the client’s specific request for service. However, even if that client has indicated memory issues, you cannot directly send information identifying that client to the Alzheimer’s Association without informed consent.
No individual will be denied services or access to services for refusal to provide consent.
The client has the right to withdraw or change consent at any time.
All disclosures involving a client’s protected health information are to be tracked in accordance with HIPAA requirements.
Information contained in the DAS data system (DDS), will be disclosed only in accordance with established DAS procedures. Providers of legal assistance under Title III are not required to reveal any information that is protected by attorney-client privilege.
Lists of consumers in need of services or lists of consumers receiving services are to be used only for the purpose of providing services and may not be disclosed without the informed consent of each individual on the list and then only to those with a verified need to know the information. Deidentified information and statistics about waitlists may be released, such as the number of consumers receiving or waiting for a service and the average time spent on a waitlist.
AAA Employee Cases
Each AAA should develop a plan to address situations where cases involving the relatives or personal friends of employees exist. Every effort should be made to avoid any conflict of interest or even the appearance of a conflict of interest. Refer to Section 3018 in this manual for more information on conflict of interest.
APS Employee Cases
APS cases in which an APS employee of a family member of an employee is the alleged victim or perpetrator must be handled by a worker outside of the region of the employee who is an alleged victim or perpetrator in an APS case.
The Section Manager for Adult Protective Services must be notified immediately of any such case and will coordinate case assignment with relevant District Managers and Supervisors. The case will be handled in accordance with APS Policy 2011 and other relevant policies.
Program Specific Requirements
Programs funded by DAS have unique confidentiality requirements. Refer to the specific program manuals and standards cited in REFERENCES below.
HIPAA
Refer to Section 2054 of this manual, DHS policy, and the Business Associate Agreement for more information on the Health Information Portability and Accountability Act of 1996. The HIPAA law and regulations provide greater detail about restrictions on use of identified and deidentified data as well as usage with consent prior or with notification after specific emergency uses of data.