MMPR Security Services Ltd. Policy on Client File Management

MMPR Security Services Ltd.

When Minutes Matter…

Client File Management Policy

Document Status: Draft / Final Status upon approval from Solicitor General

Date Issued: May 1st, 2014

Lead Author: Kevin Oulette – Director

Approved by: MMPR Security Services Ltd.

Date for Review: May 1st, 2015

Record of Policy Review: Kevin Oulette - Director

Date Policy was Issued

Date of Review Reason for Review Lead Reviewer

Additional Comments

May 1st, 2014Solicitor General

Approval First Draft – Opening Document

KevinOulette

Submitted for approval

Form P1005 Revised May 1st, 2014 Page 1 of 10

MMPR Security Services Ltd. Policy on Client File Management

Table of Contents for the Client File Management Policy

1. Purpose and Scope……………,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,………….Page 3

2. Definitions…,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,…..Page 3

3. Principles………,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,….Page 4

4. Outcomes………,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,..Page 4

5. Functions and Delegations……,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,…………..Page 4

6. Risk Management……,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,……..Page 5

7. Policy Implementation………,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,.Page 5

8. Policy Detail…………………………………………………………………..Page 5

8.1 Establishment of Client Files…………………………………………Page 5 & 6

8.2 Client File Structure…………………………………………………………Page 6

8.3 Development and Maintenance of Client Files………..…………….....Page 6

8.4 Review of Client Files………………………………………………..……..Page 7

8.5 Retention of Client Files………………………………………………..…..Page 7

8.6 Disposal of Client Files…………………………………………..…………Page 7

8.7 Client Access to Files……………………………………………...…..Page 7 & 8

8.8 Amendment to Client Files……………………………………………Page 8 & 9

8.9`Security of Client Files………………………………………….…………Page 9

8.10 Disclosing Information from Client Files……………………….......…..Page 9

9. References + Resources………………………………………………….Page 10

9.1 Internal…………………………………………………………………...…..Page 10

Form P1005 Revised May 1st, 2014 Page 2 of 10

MMPR Security Services Ltd. Policy on Client File Management

9.2 External………………………………………………………………………Page 10

9.3 Quality and Accreditation Standards…………………………………..Page 10

Client File Management Policy

1. Purpose and Scope

The MMPR Security Service’s client file management system exists to ensure that an information file is created for each client,

that a record of care and treatment is maintained effectively, That our client’s privacy and confidentiality is protected.

The policy applies to all staff, and any volunteers and students, involved in the management of client information.

This policy does not provide detailed information on privacy and confidentiality – refer to the Privacy and Confidentiality Policy.

2. Definitions

Secure refers to reasonable physical, technical and administrative mechanisms in place to prevent privacy and confidentiality breaches.

Reasonable physical safeguards include:

– Locking filing cabinets and unattended storage areas – Physically securing the areas in which the client information is stored – Not storing client information in public areas – Positioning computer terminals and fax machines so that they cannot be seen

or accessed by unauthorised people or members of the public.

Reasonable technical safeguards include:

– Using passwords to restrict computer access, and requiring regular changes to passwords

– Establishing different access levels so that not all staff can view all information – Ensuring information is transferred securely (for example, not transmitting

client information via non-secure email) – Using electronic audit trails

Form P1005 Revised May 1st, 2014 Page 3 of 10

MMPR Security Services Ltd. Policy on Client File Management

– Installing virus protections and firewalls.

Reasonable administrative safeguards include not only the existence of policies and procedures for guidance but also training to ensure staff, Board members, students and volunteers are competent in this area.

3. Principles

Client files are an important source of information about clients, information in client files will be complete, accurate and relevant.

Client files enhance safety and continuity of client care by the accurate recording of client details and history.

The protection of client privacy and confidentiality is a guiding principle in the collection, use and storage of client information.

Effective management of client files enable MMPR Security Services Ltd. to demonstrate the flow of client support and make effective use of staff time.

4. Outcomes

The client file management system is systematic, compliant with legislation and quality standards, informative and protects the interests of the client and MMPR Security Services Ltd.

Client files are effectively established, reviewed, maintained and retained.

Client information is secure, accessible, relevant and used primarily for the benefit of the client.

5. Functions and Delegations

Position Delegation/Task

Board of Directors Endorse Client File Management Policy.

Management Comply with Client File Management Policy and associated procedures.

Be familiar with legislative requirements and ethical standards regarding the collection, storage, use and security of client information.

Monitor systems that are in place to adequately collect, store, use and secure client information.

Form P1005 Revised May 1st, 2014 Page 4 of 10

MMPR Security Services Ltd. Policy on Client File Management

SupervisorReview client files on a regular basis.

Staff Comply with Client File Management Policy and associated procedures in the collection, storage and use of client information.

Be familiar with legislative requirements and ethical standards regarding the collection, storage, use and security of client information.

6. Risk Management

Systems are in place to ensure client privacy and confidentiality. All client documentation is stored securely in a manner so that unauthorised access is prevented.

A staff member is provided with ongoing support and information to assist them to effectively manage client files. Client files are reviewed annually to monitor compliance with the Client File Management Policy.

7. Policy Implementation

This policy is developed in consultation with all staff and approved by the Board of Directors.

This policy is to be part of all staff orientation processes and all employees are responsible for understanding and adhering to this policy.

This policy should be referenced in relevant policies, procedures and other supporting documents to ensure that it is familiar to all staff and actively used.

This policy will be reviewed in line with the quality improvement program and/or relevant legislative changes.

8. Policy Detail

All information related to a client is placed in the client file.

MMPR Security Services Ltd. ensures staff effectively establish, develop, maintain, review, retain, secure and dispose of client files.

8.1 Establishment of Client Files

Form P1005 Revised May 1st, 2014 Page 5 of 10

MMPR Security Services Ltd. Policy on Client File Management

Confidential files are held for all clients accepted into the service/program.

A client file is established following completion of client start up processes and acceptance into the MMPR database. In establishing a client file, the allocated staff member is to clearly explain to the client:

–Information which will be held by MMPR Security Services Ltd.–How information will be kept secure–Under what circumstances information may be disclosed to others–The process for making a complaint in relation to suspected misuse of personal

information.–How to request access to personal information held by the organisation, see

Client Access to File Procedure.

8.2 Client File Structure

Client files will be clearly identified with a name and/or client code and include the following information:

– Start Date– End Date– Sales Contract– Contact/Billing Information– Rights, responsibilities and legal information– Emergency Contact Information – Fire plan– Management and contact notes– Conference minutes and notes – Correspondence– Client feedback– Client exit information.

8.3 Development and Maintenance of Client Files

The client manager of MMPR Security Services Ltd. ensures that all sections of the client file are complete and up-to-date.

All pages of the treatment management plan and progress notes contain:

–The client’s name or client code–Date of entry–Page number.

Form P1005 Revised May 1st, 2014 Page 6 of 10

MMPR Security Services Ltd. Policy on Client File Management

Entries in client files are:

–Brief, timely, accurate and complete–Factual, objective and sequential–Do not contain value judgements or abbreviations–Legible and signed, dated, with name of author printed–Written in black or dark blue ink–To have any mistakes crossed out and initialled, with no liquid paper/white out

used.

8.4 Review of Client Files

The Supervisor will review at least ONE (1) files weekly to ensure all sections of the file are complete and current, and that entries in files are appropriate. The file review will be based on a random selection of current files and will be completed using the Client File Review Tool. Results of the review will be analysed and used to raise issues of concern and to improve record keeping quality.

8.5 Retention of Client Files

Client files are retained at MMPR Security Services Ltd. due to the possibility that:

– The client may return to the service– Litigation or other legal proceedings– There will be a need for MMPR Security Services Ltd. to provide evidence

that it fulfilled its duty of care obligations (for example, if a client became a danger to themselves or others).

Client files will be securely stored for a period of 7 years after the client has ceased receiving services from MMPR Security Services Ltd.

8.6 Disposal of Client Files

After 7 Years, Client files will be stored in a manner which ensures that they cannot be retrieved and protects the privacy of clients and others.

After 7 years, Non-essential Client Files may be destroyed in a manner which ensures that they cannot be retrieved and protects the privacy of clients and others.

8.7 Client Access to Files

Form P1005 Revised May 1st, 2014 Page 7 of 10

MMPR Security Services Ltd. Policy on Client File Management

Clients have the right to access their own information on request except under specific circumstances provided for in the results of an ongoing investigation. The client, or their authorised representative, can make a request to access their MMPR Security Services Ltd. client file in writing or by discussing and documenting (documentation is to be completed by the allocated manager). For more information, refer to the Client File Access Procedure.

MMPR Security Services Ltd. can refuse a client’s access to their personal information only if:

– providing access would pose a serious threat to the life or health of any person

– providing access to the section requested would have would have an unreasonable impact on the privacy of other people

– the information relates to legal proceedings (existing or anticipated) between MMPR Security Services Ltd. and the person

– providing access would be unlawful – denying access is required or authorised under another law or has been

requested by a law enforcement agency – providing access would be likely to prejudice an investigation of possible

unlawful activity – the request for access has been made unsuccessfully on at least one previous

occasion and there are no reasonable grounds for making the request again – the person has been provided with access to their information already and is

making an unreasonable repeated request for access to the same information in the same manner.

If a MMPR Security Services Ltd. staff member is unsure whether to grant a request to access information in a client file, the request should be forwarded to the CEO/Manager. If CEO decides to refuse access, a written reason for the refusal (with the reason relating to the exemptions above) must be given.

MMPR Security Services Ltd. is required to respond to a request for access to information in writing within 30 days of receiving the request.

8.8 Amendment to Client Files

The clients, or their authorised representatives, will make a request to amend their MMPR Security Services Ltd. client file in writing or discussed and documented (documentation is to be completed by the allocated MMPR Security Services Ltd. staff member).

Form P1005 Revised May 1st, 2014 Page 8 of 10

MMPR Security Services Ltd. Policy on Client File Management

If a client, or their authorised representative, requests an amendment to the information held in their client file, you may amend (by way of corrections, deletions or additions) the information to ensure:

– the information is accurate – the information is relevant, up to date, complete and not misleading, taking

into account the purpose for which the information is collected and used.

If a MMPR Security Services Ltd. staff member is unsure whether to grant a request to amend information in a client file (e.g. if the client is questioning security records or an assessment), the request should be forwarded to the CEO/Manager. MMPR Security Services Ltd. may refuse a request to amend information contained in a client file if it is satisfied that the purpose of the amendment does not meet the criteria specified above. If MMPR Security Services Ltd. decides to refuse to amend the client file, a written reason for the refusal (with the reason relating to the exemptions above) must be given.

If the requested amendments are refused, the client may make a statement about the requested changes which is to be attached this to the client file.

MMPR Security Services Ltd. is required to respond to a request to amend information in writing within 30 days of receiving the request.

8.9 Security of Client Files

All client documentation is to be kept securely with consideration given to physical, technical and administrative security safeguards. For more information, refer to the Privacy and Confidentiality Policy.

8.10 Disclosing Information from Client Files

Client information should only be disclosed outside of an organisation for the primary purpose for which the information was collected. Information may be disclosed for secondary purposes if:

– MMPR Security Services Ltd. has the client’s consent– There is a serious threat to the health or welfare of any person – Information is provided to another person or organisation involved in the

ongoing security of the client – Investigating and managing adverse incidents or complaints about care of

client security – Using information for quality improvement activities such as client file reviews– Managing a legal claim made by the client

Form P1005 Revised May 1st, 2014 Page 9 of 10

MMPR Security Services Ltd. Policy on Client File Management

If a request is made for MMPR Security Services Ltd. to disclose client information to an external organisation, the request is to be made in writing, identify the person and organisation requesting the information and indicate the reason why the information is being sought. Any requests to disclose information to an external organisation should be directed to the CEO/Manager.

9. References + Resources

9.1 Internal

Privacy and Confidentiality PolicyFeedback and Complaints Management PolicyClient File Access ProcedureClient File Review ProcedureClient File Review ToolClient Rights and Responsibilities FormInformation for Clients – How to Make a Complaint

9.2 External

Alberta Solicitor General Guidelines

9.3 Quality and Accreditation Standards

Working towards ISO certification

Feel free to edit as required, if you use this document, please give me some credit on my linked in profile. Thank you Kevin Oulette Security Consultant

Form P1005 Revised May 1st, 2014 Page 10 of 10