Confidentiality Policy

All Direct Service Providers must read and be familiar with Achieve Beyond’s Confidentiality Policy.

Highlights of the Policy:

  • How patient records are maintained
  • Offsite storage of records
  • Electronic Records
  • Email and Fax Confidentiality
  • Access to Records
  • Amending Records

Confidential Patient Documents

Anything containing “Personally Identifiable Information” is deemed confidential.

Personally Identifiable Information includes, but is not limited to:

  • Name
  • Date of Birth
  • Social Security Number
  • Plan of Care
  • Precriptions

Documents such as Session Notes, Evaluations, Quarterly Reports, IFSPs, IEPs etc MUST be handled in a secure and controlled manner.

Your Responsibility as a Staff Employee

  • All unattended files must be locked in a cabinet
  • File room should be locked once you are done retrieving files
  • Lock your computer before leaving your desk
  • Only use email to correspond via email
  • Faxes must include Confidentiality Notice (all e-faxes sent from your Achieve Beyond e-mail account automatically include this message)
  • Parents and Guardians have to right to access their child’s file
  • Amendment Requests and Requests from Unauthorized Individuals should go thru your manager or a member of the Compliance Committee
  • EI Records are to be kept for 6 years from date of care, service or billing, which ever is later
  • Any patient we KNOW enters a school-aged program (CPSE/CSE), records must be kept till age 21