Our Policies
The Guardian follows strict policies to protect confidentiality and all information, both financial and personal that is needed as part of providing the best services.
All information regarding clients and their personal affairs is to be kept completely confidential. Case histories, confidential papers, the appointment book, and any other client-related documents must be kept out of public view. Discussions with clients are to be conducted privately.
Social Security Privacy Policy
Pursuant to state law, Guardian's policy is to protect the confidentiality of Social Security numbers. No person shall knowingly acquire, disclose, transfer, or unlawfully use the Social Security number of any employee, person served, or other individual, unless in accordance with the procedures and rules established by this policy.
Social Security numbers shall not be placed on identification cards, badges, time cards, employee rosters, bulletin boards, or any other materials or documents designed for public display. Documents, materials, or computer screens that display Social Security numbers or other sensitive information shall be kept out of public view at all times. Only authorized employees
shall have access to Social Security numbers. Social Security numbers of people served must be safeguarded at all times.
Documents containing Social Security numbers shall only be disclosed in cases where state or federal law, rule, regulation, or court order or rule authorizes, permits, or requires that Social Security numbers appear in the document. Documents containing Social Security numbers, which are sent through the mail, shall not reveal the number through the envelope window or otherwise be visible from outside the envelope or package. Social Security numbers shall not be
sent through email unless the connection is secure or the number is encrypted.
All documents or files containing Social Security numbers must be stored in a physically secure manner. Social Security numbers shall not be stored on computers or other electronic devices that are not secured against unauthorized access. Documents or other materials containing Social Security numbers shall not be thrown away in the trash; they shall be discarded or destroyed only in a manner that protects their confidentiality, such as shredding.
Social Security numbers should only be collected where required by federal and state law or as otherwise permitted under the Michigan Social Security Number Privacy Act. If a unique identifier is required, a substitute for the Social Security number must be used. If you have questions about this policy, consult your supervisor.
Client Confidentiality
Confidentiality/HIPAA
It is the policy of Guardian to protect the privacy and confidentiality of protected health information for the people we serve and our employees. Guardian employees are entrusted with confidential information in a position of trust. Any and all medical or health-related information pertaining to the people we serve is considered to be confidential and protected by the Federal HIPAA (Health Insurance Portability Accountability Act) regulations. Information may only be released in accordance with treatment, health care operations, and billing purposes or with proper releases and/or authorizations.
Taking pictures of the people served without written consent is prohibited. This includes all formats for collecting and storing images, such as cell phones, video recorders, flash drives, hard drives, etc.
Failure to protect confidentiality is a serious offense and could result in separation from employment, federal fines of up to $25,000, and possible imprisonment. If an employee is unsure about disclosing information pertaining to the individuals we serve at any time, they should contact their supervisor. State of Michigan licensing rules require that the records of the
people we serve be kept confidential and properly safeguarded at all times. If an employee is aware of a HIPAA violation, they must report this information to their supervisor. HIPAA Security and Electronic Communications
Guardian reserves the right to monitor, access, retrieve, read, and disclose to law enforcement officials, contract agencies, or other third parties, all messages created, sent, received, or stored on the electronic communications systems without prior notice to the originators and recipients of such messages. Authorized employees may monitor the electronic communications of employees to determine whether there have been any violations of law, breaches of confidentiality or security, communications harmful to the business interests of Guardian, or any violations of this policy and any other company policy.
The following safeguards/security measures have been implemented to ensure HIPAA privacy protection:
Employees must take steps to ensure that individuals who do not have a need-to-know or permission to view information regarding the individuals we serve do not have access to any individual records, information, or other sensitive data.
When transporting confidential records, lock records in the trunk, when possible. If records must be left in the vehicle for a short period, ensure the vehicle is locked and the records are out of sight, not visible.
Any electronic devices containing confidential information must be kept secure at all times and must be password-protected. This includes both Guardian owned equipment and employee owned equipment used to conduct agency business (e.g. personal cell phones.)
Employees must ask for identification, such as the last four digits of the client's Social Security number or birthdate, to verify the authority of anyone requesting information. Employees must make reasonable attempts during phone conversations to verify the caller.
Faxing:
a) Employees should make reasonable attempts to verify fax numbers prior to faxing confidential and private information.
b) Employees need to periodically call to verify that the intended recipient receives the faxes.
c) Management will keep fax machines in a reasonably secure location.Computers, Electronic Communications, and Storage Systems:
a) The electronic communications systems, which include, but are not limited to, telephone, electronic mail, voice mail, facsimiles, databases, and computers, are the property of Guardian. All information and messages that are created, sent, received, accessed, or stored on these systems constitute company records and are the property of Guardian. Employees should have no expectation of privacy regarding any information created, stored, sent, or received on the company's computer system.
b) Guardian electronic communications may not contain content that a reasonable person would consider to be defamatory, offensive, harassing, disruptive, or derogatory, including but not limited to comments or images that would offend someone on the basis of race, gender, national origin, political beliefs, disability, sexual orientation, pornography, religious or political beliefs, national origin or disability. Employees who receive emails with this content via company computers or from other employees must report the matter to their supervisor immediately.
c) Guardian electronic communications systems are to be used primarily to conduct company business. Employees may not use the electronic communications systems for political causes, gambling, illegal activities, list serves for non-work purposes, or solicitations or advertisements for unrelated work purposes.
d) All transmissions of confidential information by internet, diskette or any other data storage device must be encrypted as specified by the HIPAA Security Rule.
e) Management must maintain a log-on password and screensaver password on all computers. Passwords must contain a combination of upper and lower case letters, numbers and functions.
f) All information accessed by employees either in electronic or written format will be done so on a need to know basis. Unauthorized access to information not needed to complete job responsibilities is prohibited.
g) Guardian employees may be using electronic systems/databases in conjunction with contract agencies and, therefore, will be required to follow additional security standards (such as no printing of materials) set by those agencies.
HIPAA
While the court appointment grants significant authority to a Guardian, it is important to understand that there are limits to this power. In reality, Guardianship is a balance of cooperation, persuasion and agreement. With a few exceptions, i.e., when a person is at risk of causing harm to themselves or others, a Guardian cannot force a person to:
Take their medications or participate in medical treatments they refuse.
Engage in behaviors or relationships that may be unhealthy or illegal.
Stay in or move to a placement or location they refuse.
Each Guardian Specialist works with multiple clients. It is physically impossible for a Guardian to be in constant contact with all of these individuals. Often, a Guardian is not the first to learn of an event that may affect a client. Guardians must rely upon clients, caregivers, family, and friends to provide important information on the changes and needs in clients’ lives. We view all of these individuals as partners in the client's care.
While we hope to develop a relationship with families as partners in care, this partnership requires equal consideration from the families as well. In the case of large families, it is helpful if one person can be the point of communication and relay information to others. When that is not possible, group emails or other agreements may be necessary to manage communication needs.
Guardians can only purchase or provide living arrangements or services that the client’s resources can afford.
Guardians will apply for, or cooperate with others who are applying for, public benefits on behalf of our guardian clients. Often, these applications rely on the cooperation of others, such as a spouse or family member. Guardian Finances and Advocacy Services does not control the actions of other organizations, such as the Social Security Administration, the Department of Veterans Affairs, the Department of Human Services, or other benefits providers. These application processes may take months to conclude.
Understanding the limitations of what we can and cannot do
The Guardian Board of Directors has affirmed the agency's commitment to non-discrimination as follows:
Guardian does not discriminate on the basis of race, age, gender, gender identity, sexual orientation, religion, national origin, genetic information, disability, marital status or military/veteran status in any of its activities or operations. Guardian's commitment includes, but is not limited to, any legally protected status in the locations where we operate. This commitment includes, but is not limited to, accepting clients, providing services, employment of staff, and selection of directors, volunteers, partner agencies and vendors. We are committed to providing an inclusive and welcoming environment for all clients, staff, volunteers, subcontractors, and vendors.
Guardian has established specific policies and procedures to implement this policy. The Equal Employment Opportunity section of this Handbook expands upon our commitment to nondiscrimination in employment.