10A NCAC 26B .0107      SECURITY OF CONFIDENTIAL INFORMATION

(a)  Each area or state facility that maintains records with confidential information shall provide a secure place for the storage of records and shall develop written policies and procedures regarding controlled access to those records.

(b)  Each area or state facility shall ensure that only authorized employees or other individuals authorized by the facility director have access to the records.

(c)  Each area or state facility director shall ensure that a clinical staff member is present in order to explain and protect the record when a client or a client's legally responsible person comes to the facility to review the client record.  A delegated employee shall document such review in the client's record.

(d)  Each area or state facility that maintains confidential information in an automated data processing system shall develop written policies and procedures regarding the provision of safeguards to ensure controlled access to such information.

 

History Note:        Authority G.S. 122C‑52; 131E‑67; 143B‑147(a)(6);

Eff. July 1, 1979;

Amended Eff. February 1, 1986;

Pursuant to G.S. 150B-21.3A, rule is necessary without substantive public interest Eff. June 20, 2015.