mission to deliver exceptional, person ‑ centered care that is both accountable and sustainable. Note: This Budgeting and Financial Reporting policy is subject to periodic review and updating in response to regulatory changes, internal audit findings, and the evolving needs of our organization. Any updates will be communicated through official internal channels and reflected in updated policy documents available on the agency’s secure intranet portal. XXXIX. CONFIDENTIALITY This section details the comprehensive policies and procedures that Simpl Care Services LLC has established to protect the confidentiality of individual information. It is designed to ensure that all personal and protected health information (PHI), whether contained in electronic, paper, or verbal formats, is handled in strict compliance with HIPAA, HITECH, state privacy laws, and other applicable federal regulations. This policy reinforces our commitment to privacy and security, all within the context of delivering high ‑ quality, person ‑ centered care under the Tennessee CAC Waiver (TN.0357.R05.00) and TennCare guidelines. The confidentiality framework outlined below explains the purpose and scope of our policies, provides detailed procedural guidance on handling PHI securely, specifies roles and responsibilities for safeguarding information, and delineates methods for addressing breaches and ensuring continuous training and compliance.
a. Purpose and Scope
Purpose Statement
The primary purpose of our confidentiality policy is to protect the privacy and integrity of all individual information, ensuring that every interaction, documentation, and communication is handled with the highest degree of security and respect. This commitment is essential not only to protect the rights of our clients and staff but also to maintain trust, ensure regulatory compliance, and uphold the ethical standards demanded by the healthcare industry. Specifically, this policy aims to: • Safeguard personal and protected health information (PHI) from unauthorized access, alteration, disclosure, or destruction. • Ensure that all information is recorded, transmitted, and stored in strict compliance with HIPAA, HITECH, and other relevant privacy regulations. • Provide clear, standardized procedures for handling various formats of PHI — including electronic records, paper documents, and verbal communications — to minimize risks of data breaches. • Establish a culture of continuous improvement where confidentiality training, incident reporting, and corrective actions are integrated into daily operations.
Waiver Consulting Group © 2025 | 350
Powered by FlippingBook