(a) Maintenance of medical records. The LMHA, MCO,
and the provider must ensure:
(1) protection against unauthorized access, disclosure,
modification or destruction of medical records, whether accidental
or deliberate;
(2) the availability, integrity, utility, authenticity,
and confidentiality of information within the medical record;
(3) a current, organized, legible, and comprehensive
records system that:
(A) conforms to good professional practice;
(B) permits effective clinical review and audit; and
(C) facilitates prompt and systematic retrieval of
information;
(4) a medical records system with sufficient redundancy
to ensure access to individual records; and
(5) compliance with applicable federal and state laws,
rules, and regulations, including HIPAA, 42 CFR Part 2, and the requirements
described in Chapter 414, Subchapter A of this title (relating to
Protected Health Information).
(b) Disaster recovery plan. The LMHA, MCO, and the
provider must maintain a written disaster recovery plan for information
resources that will ensure service continuity.
|
Source Note: The provisions of this §301.329 adopted to be effective April 29, 2009, 34 TexReg 2603; transferred effective March 15, 2020, as published in the February 21, 2020 issue of the Texas Register, 45 TexReg 1237 |