Full-Circle Aftercare

  • 888-713-4625
  • info@full-circle.com
Linkedin Instagram Facebook-f Youtube
Menu

Full-Circle Aftercare HIPAA Policy

Purpose

The purpose of this policy is to ensure that Full-Circle Aftercare complies with the Health Insurance Portability and Accountability Act (HIPAA) regulations while assisting Next of Kin family members in closing down their loved ones’ estates after passing. Although Full-Circle Aftercare does not request or handle medical records, this policy outlines procedures to protect any potential incidental exposure to protected health information (PHI).

Scope

This policy applies to all employees, referral partners, and volunteers of Full-Circle Aftercare who have access to clients’ personal information during the provision of services. As a covered business associate, Full-Circle Aftercare adheres to all applicable HIPAA regulations and the HIPAA Omnibus Rule requirements.

Policy Statement

Full-Circle Aftercare is committed to protecting the privacy and security of all personal information, including any potential incidental exposure to PHI, in accordance with HIPAA regulations. Our services are designed to assist Next of Kin family members in managing non-medical aspects of estate closure, and we do not request, access, or store medical records.

Procedures

1. Employee Training

All employees, contractors, and volunteers will receive training on HIPAA regulations and the importance of protecting personal information. Training will include:

  • Understanding the types of information that are protected under HIPAA.
  • Procedures to follow if incidental exposure to PHI occurs.
  • Best practices for maintaining confidentiality and security of personal information.

2. Data Handling and Privacy

  • Non-Medical Information Only: Full-Circle Aftercare services will focus exclusively on non-medical information related to estate closure. Employees should not request or accept medical records from clients.
  • Minimizing Incidental Exposure: Employees must take steps to avoid incidental exposure to PHI. This includes:
    • Limiting discussions to non-medical information.
    • Avoiding situations where medical records may be present.
  • Confidentiality Agreements: All employees, contractors, and volunteers will sign confidentiality agreements acknowledging their responsibility to protect personal information.

3. Incident Management

  • Reporting Incidental Exposure: If an employee, contractor, or volunteer is inadvertently exposed to PHI, they must report the incident to their supervisor immediately.
  • Incident Response: The supervisor will assess the situation and take appropriate action to mitigate any potential risk, including:
    • Documenting the incident.
    • Ensuring the information is not further disclosed.
    • Providing additional training if necessary.

4. Security Measures

  • Access Controls: Access to personal information will be restricted to authorized personnel only.
  • Physical Security: Personal information will be stored in secure locations, such as locked file cabinets or password-protected electronic systems.
  • Electronic Security: Electronic systems containing personal information will be protected with passwords, encryption, and regular security updates.

5. Business Associate Agreements

Full-Circle Aftercare will enter into Business Associate Agreements (BAAs) with any third-party service providers that may have access to PHI in the course of providing services. These agreements will ensure that all parties comply with HIPAA regulations and the HIPAA Omnibus Rule.

6. Review and Update of Policy

This HIPAA policy will be reviewed annually and updated as necessary to ensure continued compliance with HIPAA regulations and to address any changes in our operations or services.

Compliance

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contract. Any questions or concerns about this policy should be directed to the Director of Operations at Full-Circle Aftercare.

Contact Information

For any questions or concerns regarding this HIPAA policy, please contact:

Nikki Schmutz
Director of Operations, Full-Circle Aftercare
P.O. Box 816, Kaysville, UT 84037
888-713-4625
nikki@full-circlecare.com

By implementing this HIPAA policy, Full-Circle Aftercare demonstrates its commitment to protecting the privacy and security of personal information while providing compassionate and professional assistance to Next of Kin family members.

Scroll to Top