<<Prev Rule

Texas Administrative Code

Next Rule>>
TITLE 1ADMINISTRATION
PART 15TEXAS HEALTH AND HUMAN SERVICES COMMISSION
CHAPTER 353MEDICAID MANAGED CARE
SUBCHAPTER PMENTAL HEALTH TARGETED CASE MANAGEMENT AND MENTAL HEALTH REHABILITATION
RULE §353.1407Information Systems and Medical Records Systems

(a) Management information system. Managed care organizations (MCOs) and comprehensive provider agencies must ensure their management information systems provide timely, accurate, and accessible information that supports clinical, administrative, and fiscal decision-making.

(b) Maintenance of medical records. MCOs and comprehensive provider agencies must ensure:

  (1) protection against unauthorized access, disclosure, modification, or destruction of medical records, whether accidental or deliberate;

  (2) the availability, integrity, utility, authenticity, and confidentiality of information within the medical record;

  (3) a current, organized, legible, and comprehensive records system that:

    (A) conforms to good professional practice;

    (B) permits effective clinical review and audit; and

    (C) facilitates prompt and systematic retrieval of information;

  (4) a medical records system with sufficient redundancy to ensure access to individual records; and

  (5) a medical records system that ensures compliance with applicable federal and state laws, rules, and regulations, including the Health Insurance Portability and Accountability Act and 42 CFR Part 2.

(c) Documentation retention. A comprehensive provider agency must maintain all records necessary to fully disclose the services delivered. These records must be retained for a period of ten years from the date of the service, or until all audit questions are resolved, whichever is longer. Records and supporting information regarding any payment of claims, as well as premises access, must be made available to HHSC, HHSC OIG, the federal Health and Human Services, the State Auditor's Office, or any person acting on behalf of such entity, upon request.

(d) Disaster recovery plan. A comprehensive provider agency must maintain a written disaster recovery plan for information resources in order to ensure service continuity, and must implement the plan as necessary.


Source Note: The provisions of this §353.1407 adopted to be effective October 17, 2018, 43 TexReg 6816

Link to Texas Secretary of State Home Page | link to Texas Register home page | link to Texas Administrative Code home page | link to Open Meetings home page