HIPAA Policy

Policy: 

The Health Insurance Portability and Accountability Act (HIPAA) is enforced at F/EA per F/EA’s HIPAA policy. All F/EA operations are performed in accordance with the HIPAA policy. F/EA staff must complete HIPAA training within 2 weeks of hiring a staff member.

F/EA shares their HIPAA policy with Counselors. Counselors educate consumers on F/EA’s HIPAA policy. After reviewing the policy, consumers sign the HIPAA Policy form included in the Fiscal/Employer Agent Start-Up package (See Policy and Procedure document <<X>>).
 
Per Policy and Procedure document <<X>>, F/EA’s processes each executed Receipt of Privacy Practices form. A copy of each form is maintained separately and forwarded to the F/EA <<Staff Title>> monthly.
 
Following the procedure, F/EA's HIPAA Policy is attached.
 
Procedure: 

 

  1. Counselors share the F/EA HIPAA policy during the in-take and orientation session
  2. The signed HIPAA Policy Form is returned to the  <<department>> with the Fiscal/Employer Agent Start up Package
  3. The <<Staff Title>>  follows Policy and Procedure document <<X>> to process the HIPAA Policy Form
  4. <<Staff Title>> selects the HIPAA Policy Form from Fiscal/Employer Agent Start-Up packages
  5. <<Staff Title>> forwards copies of executed forms to:
Privacy Officer’s address
  1. Privacy Officer maintains all forms for a minimum of 7 years per File Retention Policy.
Internal Controls: 

The internal controls used by F/EA to monitor this process establish responsibility, segregate duties, document procedures and ensure independent internal verification.

  1. Counselors share the F/EA HIPAA policy during the in-take and orientation session.
  2. The signed HIPAA Policy Form is returned to the <<department>> with the Fiscal/Employer Agent Start-up Package.
  3. <<Staff Title>> forwards copies of executed forms to F/EA Privacy Officer.
  4. Privacy Officer maintains all forms for a minimum of 7 years per File Retention Policy.