Ill. Admin. Code tit. 77, § 2060.325 - Patient/Client Records
a) Licensees
shall maintain a written record for each patient or client. Such record may
also be maintained electronically on a computer but shall be made available in
hard copy upon request for review by the Department.
b) Any written entry on the record shall be
in ink and shall be dated and shall meet all other signatory requirements for
professional staff as specified in Sections
2060.421 and
2060.423 of
this Part.
c) Written signatures or
initials and electronic signature or computer-generated signature codes and
corresponding dates are acceptable as authentication to identify the author of
the record entry by that author and to confirm that the contents are what the
author intended. Signature or initial stamps shall not be utilized.
d) All signatures or initials, whether
written, electronic, or computer-generated, shall include the initials of the
signer's credentials.
e) In order
to utilize electronic signature or computer-generated signature codes and
dates, the organization shall adopt a policy that permits use and
authentication by electronic or computer-generated signature and dates and
shall, at a minimum:
1) identify which staff
are authorized to authenticate records using electronic or computer-generated
signatures and dates;
2) ensure
that each user is assigned a unique identifier that is generated through a
confidential access code;
3)
certify in writing that each identifier is kept confidential; and
4) have each user certify in writing that he
or she is the only person with user access to the identifier and the only
person authorized to use the signature code.
f) Records maintained on computer shall have
a back-up system to safeguard the records in the event of operator or equipment
failure.
g) Any document or entry
made on a document in the record that is in any other language than English
shall have an accompanying English language translation.
h) All records shall be protected in a locked
room, locked file, safe or similar container or in computer records with
secure, limited access.
i) The
record shall document any service provided by the organization at any facility.
Additionally, if the organization provides multiple services that are licensed
by the Department at any facility, one record can document all of such
services.
j) The record shall
contain the signatory document that indicates the patient/client has been
informed of his or her rights.
k)
The record shall contain documentation indicating the consent of the patient,
and any other family members or guardians, for any service.
l) The record shall contain, on a
standardized format, the following information:
1) name;
2) home address;
3) home and work telephone number;
4) date of birth;
5) sex;
6) race or ethnic origin and/or language
preference;
7) emergency
contact;
8) education;
9) religion;
10) marital status;
11) type and place of employment;
12) physical or mental disability, if
any;
13) social security number, if
requested;
14) drivers license
number, county of residence and county of arrest (required only for DUI
evaluation or risk education services);
15) annual household income, if applicable to
any subsidized or reduced fee for service, unless this information is kept in a
separate financial record; and
16)
documentation of any disclosures of protected health information to the extent
required by HIPAA (see Section
2060.325(u)(3)
of this Part).
m) The
record shall contain dates of any admission, change in level of care or
discharge.
n) The record shall
contain a dated service fee statement and proof, if applicable, of any
qualifying documents relative to fee subsidization, including the
"Qualification for DUI Services as an Indigent" form, unless this information
is kept in a separate financial record.
o) The record shall be kept for a period of
five years from the date of discharge, except that required accounting of
disclosures of HIPAA protected health information must be kept for six years.
While organizations may elect to keep records past this five year period, if
the option to delete records is exercised, it shall be done by one of the
following methods:
1) burning or shredding;
or
2) erasure from all computer
files.
p) The record
shall contain the following information or documents for any treatment service:
1) documentation of the treatment assessment
and patient placement process;
2)
documentation of the diagnostic impression and physician confirmed
diagnosis;
3) documentation of
laboratory and/or other diagnostic procedures/results and reports that the
organization directly provided (except for HIV testing unless the patient has
given written informed consent) and documentation of the tuberculin skin test
results, the date given and date read, if applicable;
4) the treatment plan and documentation of
all required signatures and dates;
5) progress notes that document all treatment
services, any subsequent treatment plan reviews and on-going assessment and
documentation of all required signatures and dates;
6) documentation of completion of patient
education specified in Section
2060.409 of
this Part;
7) documentation of any
correspondence or telephone calls received or made relevant to treatment
services; and
8) a copy of the
discharge summary unless the patient left prior to receiving any of these
services.
q) The record
shall contain copies of all referenced forms in Subpart E for any offender
receiving a DUI evaluation or risk education service.
r) A staff member shall be designated who
will have responsibility to ensure that all records are in compliance with this
Part. This staff member shall review, at least annually, the record system to
ensure that the system meets all requirements specified in this Part.
s) Records shall be kept in the facility
where the patient/client is receiving services (or in accordance with Section
2060.203(b)
of this Part, in specific relation to off-site services) and shall be directly
accessible to the professional staff providing those services.
t) Information in the record may be used for
training, research and quality improvement provided that the information is
collected in accordance with any relevant confidentiality
requirements.
u) Licensees who are
covered by HIPAA shall have procedures to comply with HIPAA Privacy and
Security provisions ( 45 CFR 160 and 164 ), including the following:
1) procedure to access the patient's record
as set forth in
45 CFR
164.524;
2) procedure to request amendment to his or
her record as set forth in
45 CFR
164.526;
3) procedure to request an accounting of
disclosures of his or her medical records or portions thereof for the previous
six years as set forth in
45 CFR
164.528; and
4) procedure to file a complaint with the
licensee and with the U.S. Department of Health and Human Services, Office of
Civil Rights in connection with an alleged violation of the HIPAA Privacy
provisions set forth in
45 CFR
160.306.
Notes
Amended at 27 Ill. Reg. 13997, effective August 8, 2003
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
No prior version found.