5122-1-03 HIPAA requirements, policies and procedures.

(A) Purpose. The purpose of this rule shall be to establish required policies and procedures for department-wide compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the American Recovery and Reinvestment Act of 2009 (ARRA), and implementing regulations.

(B) Procedure. All offices, hospitals, including CSN programs, and workforce members of the Ohio department of mental health (ODMH) are directed to follow all applicable mandates found in the "ODMH HIPAA Requirements, Policies, and Procedures Manual" maintained at each regional psychiatric hospital (RPH), at OSS, and in central office.

Failure to comply with this internal management rule and its referenced document, the "ODMH HIPAA Requirements, Policies, and Procedures Manual", may result in disciplinary sanctions as defined in ODMH policy AH-22, " Code of Conduct and General Work Rules", effective January 1, 2010, and as it may be amended.

Effective: 01/24/2011
Promulgated Under: 111.15
Statutory Authority: 5119.01
Rule Amplifies: 5122.31
Prior Effective Dates: 9/30/02, 12-10-2005, 5-26-2008