Current through Register Vol. XLI, No. 42, October 18, 2024
Section 78-3-8 - Risk Management8.1. The organization shall purchase appropriate types of insurance.8.2. Legal Compliance. The organization shall comply with all applicable federal, state, and local laws, rules and regulations associated with all aspects of service delivery and operations and shall possess all relevant and appropriate licenses.
8.3. Security of Information.8.3.1. The organization shall have policies and procedures regulating access to, storage of, and retention of records of employees and persons served that are in compliance with all state requirements. Regulatory agencies shall be allowed access to all information as necessary to fulfill their statutory duties.8.3.2. The organization shall ensure that records can be located at any time.8.3.3. The organization shall have procedures to protect service and organizational records, from destruction by fire, water, loss, or other damage and from other unauthorized access.8.3.4. Written operational procedures shall govern the retention, maintenance, and destruction of records of former service recipients.8.3.5. The organization shall retain children's records for a minimum of five years following the child's 18th birthday.8.3.6. The organization shall have a policy regarding disposal of records that respects confidentiality and security of child information.8.3.7. The format of electronically transmitted data shall comply with all applicable legal standards and requirements.8.4. Contractual Relationships.8.4.1. The organization shall use written contracts with contractors of non-clinical services and professional contractors of clinical services.8.4.2. If the organization arranges contractually for the provision of clinical services, the organization shall have a written agreement that specifies: 8.4.2.a. Services to be provided;8.4.2.b. Provision of appropriate liability or malpractice insurance either by the contractor or contracting party;8.4.2.c. Procedures for exchange of information;8.4.2.d. Definition of the clients to be served and the services to be provided;8.4.2.e. Timelines for provision of service;8.4.2.f. Terms of payment;8.4.2.g. Assurances that the contracting party shall adhere to state and federal requirements of confidentiality; and8.4.2.h. Expected outcomes as appropriate.8.4.3. The organization shall ensure all contracted professional services are certified or licensed in the service they are providing and evidence of a criminal history fingerprint-based background check.8.4.4. If the organization contracts for professional services with a licensed practitioner who serves children in his or her own location, the organization shall ensure the professional is licensed in the service they are providing.8.4.5. The organization shall ensure that contractual vendors are oriented to and adhere to the organization's policies and procedures regarding professional practices and confidentiality.