QA Investigation Results

Pennsylvania Department of Health
BLESSED HANDS: CATERING TO THE AGING & THE DISABLED, INC.
Health Inspection Results
BLESSED HANDS: CATERING TO THE AGING & THE DISABLED, INC.
Health Inspection Results For:


There are  10 surveys for this facility. Please select a date to view the survey results.

Surveys don't appear on this website until at least 41 days have elapsed since the exit date of the survey.



Initial Comments:


Based on the results of an unannounced complaint investigation survey, conducted on January 29, 2019, to determine compliance for complaint allegations made on December 21, 2018, for Blessed Hands: Catering to the Aging & Disabled, Inc., the state surveyors were unable to determine compliance with the following requirements of 28 Pa. Code, Title 28, Health and Safety, Part IV, Health Facilities, Subpart F. Chapter 601, Home Health Care Agencies and Subpart A. Chapter 51.

As a result, the agency is determined to be not in compliance with the following state licensure tags: M1000, M1005, M1006, M1037 and M9999.












Plan of Correction:




601.3 REQUIREMENT
COMPLIANCE W/ FED, ST, & LOCAL LAWS

Name - Component - 00
601.3 COMPLIANCE WITH FEDERAL,
STATE AND LOCAL LAWS.
The home health agency and its staff
are in compliance with all applicable
Federal, State and Local Laws and
regulations.

Observations:

Based on review of "Title 45 of the Electronic Code of Federal Regulations, Part 164 - SECURITY AND PRIVACY, Subpart E", "OCR HIPAA Privacy December 3, 2002 INCIDENTAL DISCLOSURE", "United States Health & Human Services OCR PRIVACY BRIEF SUMMARY OF THE HIPAA PRIVACY RULE", agency observations (Observation #1), and an interview with a "friend of the owner", it was determined the agency failed to ensure protection of patient medical records from an individual present in the agency who was not an employee or contractor.

Findings include:

According to Title 45 of the Electronic Code of Federal Regulations, Part 164 - SECURITY AND PRIVACY, Subpart E- Privacy of Individually Identifiable Health Information, "164.530 Administrative requirements," "(c)(1) Standard: Safeguards. A covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information." Retrieved from https://www.ecfr.gov/cgi-bin/text-idx?SID=d9614eaf433ed3f49041777883125e47&mc=true&node=se45.1.164_1530&rgn=div8

According to "OCR HIPAA Privacy December 3, 2002 INCIDENTAL DISCLOSURE," "How the Rule Works ... Reasonable Safeguards. See 45 CFR 164.530(c). ... Many health care providers and professionals have long made it a practice to ensure reasonable safeguards for individuals' health information - for instance: ... By isolating or locking file cabinets or records rooms." Retrieved from https://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/understanding/coveredentities/incidentalu%26d.pdf

According to "United States Health & Human Services OCR PRIVACY BRIEF SUMMARY OF THE HIPAA PRIVACY RULE," "HIPPA Compliance Assistance ... Who is Covered by the Privacy Rule ... Last Revised 05/03 ... The Privacy Rule, as well as all the Administrative Simplification rules, apply to ... any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary if HHS has adopted standards under HIPAA ... Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity. These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which HHS has established standards under the HIPAA Transaction Rule." Retrieved from https://www.hhs.gov/sites/default/files/privacysummary.pdf

Observation #1: On 1/29/2019 at approximately 10:00 AM revealed one (1) individual present at the agency, who identified as a "friend of owner", and not an employee or sub contractor. This individual was observed to be in possession of keys to a file cabinet containing patient records and direct access to the fax machine, which could potentially receive an incoming fax with patient medical information. The fax machine was located in the front room of the agency, not in a locked secure room.

An interview with the "friend of the owner" on 1/29/2019 at approximately 10:05 am confirmed that she was not an employee or contractor, and was helping out only to answer phones because the Administrator had personal and staffing issues.








Plan of Correction:

The agency has created the following new policies and procedures and documents effective 03/10/2019, including:
1. Policy: Confidentiality, Protection and Retention of Clinical Records which emphasizes the need to follow the federal HIPAA/Privacy Rule of December 3, 2002 and includes but is not limited to:
a. the agency measures taken to secure clinical records from unauthorized use. All locations where medical records are present are locked, with the agency office locked during non-business hours.
b. Security and access to records is addressed during employee orientation.
c. All agency staff and contractors are expected to protect the patient's right to privacy by keeping all medical (demographic, identification, and clinical data) and non-medical information confidential.
d. All staff and contractors are required to sign confidentiality statements prior to initiation of employment.
e. The clinical record is considered to be the property of the agency. However, the information contained therein is considered privileged communication between the patient and health care professionals. Information about HIPAA (Health Insurance Portability and Accountability Act of 1996) privacy rule and the agency's confidentiality practices are provided to all employees and patients.
f. Employees and contractors may not discuss or access patient information for any reason other than in relation to patient care.
1. Policy: Code of Conduct/Conflict of Interest with Confidentiality Agreement/HIPAA Compliance
a. In order to ensure that all agency personnel, contractors, members of the Professional Advisory Committee (PAC) and Board of Directors demonstrate the highest integrity and avoid conflicts of interest and maintain confidentiality when performing their respective duties on behalf of the Agency, everyone shall sign a conflict of interest statement and confidentiality agreement annually.
b. The conflict of interest and confidentiality/HIPAA compliance forms are reviewed and completed during the orientation to the agency.
2. Policy: Release of Patient Medical Information
a. The policy for patient release of medical information explains the process for patient medical information release for patients with Home Health Medical Records–Non-HIV Related and HIV related.
b. All requests for patient information in the medical record should be referred to the Administrator for processing.
c. Any authorization for release of information must be in writing and must contain the appropriate piece of information such as: the agency's name and address, the name of the person or company who the information is to be sent to, the patient's name, the purpose or disclosure of the specific type of information, the time period to be released, and the date and time of the signature.
3. Employee Handbook which now clearly reflects HIPAA and Confidentiality guidelines as noted above and all staff receive training and sign that have been trained and understand the same at the time of hire.

A mandatory inservice for all staff is to be held by 03/15/2019 to educate personnel and contractors to confidentiality and HIPAA guidelines and all regulated policies and procedures including:
1. Policy: Confidentiality, Protection and Retention of Clinical Records
2. Policy: Code of Conduct/Conflict of Interest with Confidentiality Agreement/HIPAA Compliance
3. Policy: Release of Patient Medical Information
All attendees will be made aware that only employees or contractors are allowed access to confidential patient medical records based on their "need to know" the confidential patient information.
Staff sign-in sheets, agenda and training documentation will be available on site.

All patient faxes are received into the office electronically via computer and not on the fax machine in the front office, which is for outgoing faxes only. The system has been set up to avoid any confidential patient information being accessible to any member of the general public.
The agency office is accessible via punch code access on the front door. Keys to the file cabinets which contain personnel files and patient clinical records are only in the possession of the Administrator and the Alternate Administrator.

A sign-in log book has been created at the front desk so the agency has knowledge of all people in the building at all times and will only allow employees or contractors access to areas where confidential patient information is stored.

Administrator is responsible

Accomplishment date: 03/15/2019




601.21(d) REQUIREMENT
ADMINISTRATOR

Name - Component - 00
601.21(d) Administrator. The
qualified administrator, who may also
be the supervising physician or
registered nurse: (i) organizes and
directs the agency's ongoing
functions, (ii) maintains ongoing
liaison among the governing body, the
group of professional personnel, and
the staff, (iii) employs qualified
personnel and ensures adequate staff
education and evaluations, (iv)
ensures the accuracy of public
information materials and activities,
and (v) implements an effective
budgeting and accounting system. A
qualified person is authorized in
writing to act in the absence of the
administrator.

Observations:


Based on an interview with a "friend of the owner" and observation (Observation #2), it was determined the agency failed to ensure an Administrator or Alternate Administrator was available during operating hours.

Findings include:

Observation #2: On 1/29/2019 at approximately 9:05 AM, office hours observed posted, for the public to view, on the front door of the agency, revealed the agency's office hours to be Monday-Friday, 9:00 AM to 5:00 PM.

In an interview with the sole individual present at the agency, identified as a "friend of the owner", on 1/29/2019 at approximately 10:05 AM , revealed that there was no Administrator or Alternate Administrator present onsite or available by phone. The "friend of the owner" did not know when the Administrator would be available, and did not know of an Alternate Administrator.





Plan of Correction:

All patients have the potential to be affected by this practice, therefore we have updated and implemented the following documents and policies effective 03/15/2019:
1. A dated Organizational Chart that clearly outlines the lines of authority, reporting guidelines and roles/titles of the individuals in the home health agency.
2. Policy: Job Responsibilities that ties to the agency Job Descriptions has been created including Administrator, and Alternate Administrator along with the other agency positions
a. The job description for the Administrator outlines that the position is responsible to:
I. organize and direct the agency's ongoing functions,
ii. maintain ongoing liaison among the governing body, the group of professional personnel, and the staff,
iii. employ qualified personnel and ensure adequate staff education and evaluations,
iv. ensure the accuracy of public information materials and activities, and
v. implement an effective budgeting and accounting system.
b. The job description for the Alternate Administrator specifies in writing that the position is authorized to act in the absence of the administrator;
The Governing Body will meet by 04/01/2019 to verify that the Alternate Administrator has been appointed in writing to act in the absence of the administrator; as outlined in the job description.
Dated meeting minutes will be available on site.

A mandatory orientation for the Administrator and Alternate Administrator is to be held by 03/15/2019 to educate them to their roles and responsibilities. This will be related to the requirement that the Administrator (and Alternate Administrator in his/her absence) shall organize and direct the agency's ongoing functions; maintain ongoing liaison among the governing body, the group of professional personnel and the staff, employ qualified personnel and ensure adequate staff education and evaluations; ensure the accuracy of public information materials and activities; and implement an effective budgeting/accounting system.

100% of personnel records will contain signed job descriptions now filed on site in the agency's office by 04/01/2019. The Administrator and Alternate Administrator will be required to sign their job descriptions which reflect the requirement that one of them is required to be onsite or available by phone at all times at the agency during the times the agency is open for business.
By 04/01/2019, 100% of current personnel records will be audited to ensure evidence of a completed signed job descriptions in all personnel records. Target threshold = 100%.

Ongoing: Upon hire, all personnel will receive/review/sign their job descriptions during orientation to ensure continued compliance with these regulations. The Administrator will audit all personnel records quarterly to ensure that 100% of staff personnel records contain signed job descriptions. Target Threshold = 100%.

The Administrator is responsible.
Accomplishment Date: 04/01/2019



601.21(e) REQUIREMENT
SUPERVISING PHYS OR REGISTERED NURSE

Name - Component - 00
601.21(e) Supervising Physician or
Registered Nurse. The skilled nursing
and other therapeutic services
provided are under the supervision and
direction of a physician or a
registered nurse (with at least one
year of nursing experience). This
person or similarly qualified
alternate, is available at all times
during operating hours and
participates in all activities
relevant to the professional services
provided, including the development of
qualifications and assignment of
personnel.

Observations:


Based on an interview with a "friend of the owner" and observation (Observation #2), it was determined the agency failed to ensure a Supervising Registered Nurse or Alternate Supervising Registered Nurse to be available during operating hours.

Findings include:

Observation #2: On 1/29/2019 at approximately 9:05 AM, office hours observed posted, for the public to view, on the front door of the agency, revealed the agency's office hours to be Monday-Friday, 9:00 AM to 5:00 PM.

In an interview with the sole individual present at the agency, identified as a "friend of the owner", on 1/29/2019 at approximately 10:05 AM , revealed there was no Supervising Registered Nurse or Alternate Supervising Registered Nurse present onsite or available by phone. The "friend of the owner" did not know who from the agency held the title of Supervising Registered Nurse or Alternate Supervising Registered Nurse, and did not know how to contact a Registered Nurse by phone.












Plan of Correction:

All patients have the potential to be affected by this practice, therefore we have updated and implemented the following documents and policies effective 03/15/2019:
1. A dated Organizational Chart that clearly outlines the lines of authority, reporting guidelines and roles/titles of the individuals in the home health agency.
2. Policy: Job Responsibilities that ties to the agency Job Descriptions including Administrator, Alternate Administrator, Director of Nursing (supervising registered nurse) as well as all clinical positions including RN which will include an RN who functions as an Alternate Director of Nursing (alternate supervising registered nurse), LPN, PT, OT, SLP, Social Worker and Home Health Aide.
a. The job description for the Director of Nursing (supervising registered nurse) outlines that the position requires:
I. An RN with at least one year of nursing experience.
ii. An RN responsible to be available at all times during operating hours and
iii. who participates in all activities relevant to the professional services provided, including the development of qualifications and assignment of personnel.
b. The job description for the RN who will function as the Alternate Director of Nursing (alternate supervising registered nurse), outlines that:
I. this position is responsible to act in the absence of the Director of Nursing (alternate supervising registered nurse)
ii. will be available at all times during operating hours when they are acting as the Director of Nursing (alternate supervising registered nurse) and
iii. participates in all activities relevant to the professional services provided, including the development of qualifications and assignment of personnel.
The Governing Body will meet by 04/01/2019 to review and verify that the Alternate Director of Nursing has been appointed in writing to act in the absence of the Director of Nursing; as outlined in the job description.
Dated meeting minutes will be available on site.

A mandatory orientation for the Administrator, Alternate Administrator, Director of Nursing and Alternate Director of Nursing is to be held by 03/15/2019 to educate them to their roles which will include but not be limited to the following Agency Policies: Board of Directors Administration, Supervision, Management and Oversight, Orientation Program; Administrator, Alternate Administrator, Director of Nursing and Alternate Director of Nursing Job Descriptions; Background Check; Acceptance of Patients, Plan of Treatment/Care and Medical Supervision; Professional Advisory Committee; and Personnel-Contractor Records. This all related to the requirement that the Administrator (and Alternate Administrator) shall organize and direct the agency's ongoing functions; maintain ongoing liaison among the governing body, the group of professional personnel and the staff, employ qualified personnel and ensure adequate staff education and evaluations; ensure the accuracy of public information materials and activities; implement an effective budgeting/accounting system; ensure the agency's ongoing functions; and, correct survey deficiencies.

Effective 07/01/2018, the agency Board of Directors took steps to make certain that a Registered Nurse meeting the qualifications as a Director of Nursing with at least one (1) year of relevant home health experience was available at all times at the agency and is an active licensed RN in the commonwealth of Pennsylvania. A Board of Directors meeting was held to appoint an Alternate Administrator and Director of Nursing (supervising nurse) in July 2018, but the State Department of Health was not notified in writing, per regulatory requirements, thirty (30) days from the change occurring.
Signed job descriptions have been placed in the personnel files of these employees. The following corrective action is being taken regarding this:
1. A letter with the names of the Alternate Administrator and Director of Nursing will be forwarded to the PA Department of Health, Division of Home Health by the Administrator as of 03/08/2019;
2. The Board of Directors of the agency will reconvene to review this plan of correction and approve the changes and understand the deficiency and their legal responsibility to inform the state of management changes, to appoint the Administrator, Alternate and Director of Nursing and to inform the State Department of Health of any changes.
3. All Board of Director minutes will be audited quarterly to verify that all required documentation and information is being reported and documented per regulatory requirements. Target Threshold = 100%. The Administrator is responsible.

100% of personnel records will contain signed job descriptions now filed on site in the agency's office by 04/01/2019. The Director of Nursing and Alternate Director of Nursing will be required to sign their job descriptions which reflect the requirement that one of them is required to be onsite or available by phone at all times at the agency during the times the agency is open for business.

By 04/01/2019, 100% of current personnel records will be audited to ensure evidence of a completed signed job descriptions are in all personnel records. Target threshold = 100%.

Ongoing: Upon hire, all personnel will receive/review/sign their job descriptions during orientation to ensure continued compliance with these regulations. The Administrator will audit all personnel records quarterly to ensure that 100% of staff personnel records contain signed job descriptions. Target Threshold = 100%.

The Administrator is responsible.
Accomplishment Date: 04/01/2019



601.36(c) REQUIREMENT
PROTECTION OF RECORDS

Name - Component - 00
601.36(c) Protection of Records.
Clinical record information is
safeguarded against loss or
unauthorized use. Written procedures
govern use and removal of records and
conditions for release of information.
Patient's written consent is required
for release of information not
authorized by law.

Observations:


Based on observation and interview with a "friend of the owner", it was determined the agency failed to ensure a safeguard against unauthorized use of clincial records for one (1) of two (2) observations (Observation #1).

Findings include:

Observation #1: On 1/29/2019 at approximately 10:00 AM revealed one (1) individual present at the agency, who identified as a "friend of owner", and not an employee or contractor. This individual was observed to be in possession of keys to a file cabinet containing patient records and direct access to the fax machine, which could potentially receive an incoming fax with patient medical information. The fax machine was located in the front room of the agency, not in a locked secure room.

An interview with the "friend of the owner" on 1/29/2019 at approximately confirmed that she was not an employee or contractor, and was helping out only to answer phones because the Administrator had personal and staffing issues.








Plan of Correction:

The agency has created the following new policies, procedures, documents and processes effective 03/10/2019, including:
1. Policy: Confidentiality, Protection and Retention of Clinical Records which emphasizes the need to follow the federal HIPAA/Privacy Rule of December 3, 2002 and includes but is not limited to:
a. the agency measures taken to secure clinical records from unauthorized use. All locations where medical records are present are locked, with the agency office locked during non-business hours.
b. Security and access to records is addressed during employee orientation.
c. All agency staff and contractors are expected to protect the patient's right to privacy by keeping all medical (demographic, identification, and clinical data) and non-medical information confidential.
d. All staff and contractors are required to sign confidentiality statements prior to initiation of employment.
e. The clinical record is considered to be the property of the agency. However, the information contained therein is considered privileged communication between the patient and health care professionals. Information about HIPAA (Health Insurance Portability and Accountability Act of 1996) privacy rule and the agency's confidentiality practices are provided to all employees and patients.
f. Employees and contractors may not discuss or access patient information for any reason other than in relation to patient care.
g. Only employees and staff are given access to the agency office where confidential patient information is contained based on the potential for HIPAA violations.
2. Policy: Code of Conduct/Conflict of Interest with Confidentiality Agreement/HIPAA Compliance
a. In order to ensure that all agency personnel, contractors, members of the Professional Advisory Committee (PAC) and Board of Directors demonstrate the highest integrity and avoid conflicts of interest and maintain confidentiality when performing their respective duties on behalf of the Agency, everyone shall sign a conflict of interest statement and confidentiality agreement annually.
b. The conflict of interest and confidentiality/HIPAA compliance forms are reviewed and completed during the orientation to the agency.
3. Policy: Release of Patient Medical Information
a. The policy for patient release of medical information explains the process for patient medical information release for patients with Home Health Medical Records–Non-HIV Related and HIV related.
b. All requests for patient information in the medical record should be referred to the Administrator for processing.
c. Any authorization for release of information must be in writing and must contain the appropriate piece of information such as: the agency's name and address, the name of the person or company who the information is to be sent to, the patient's name, the purpose or disclosure of the specific type of information, the time period to be released, and the date and time of the signature.
4. Employee Handbook which now clearly reflects HIPAA and Confidentiality guidelines as noted above and all staff receive training and sign that have been trained and understand the same at the time of hire.
5. All employees and contractors must wear ID badges per 35 PS§ 488.809b Licensure—Photo ID Regulation supplied by the agency whenever they are onsite or providing care to any agency patients. This will be assessed during all home supervisory visits, during performance evaluations and at all times when in the office.

A mandatory inservice for all staff is to be held by 03/15/2019 to educate personnel and contractors to confidentiality and HIPAA guidelines and all regulated policies and procedures including:
1. Policy: Confidentiality, Protection and Retention of Clinical Records
2. Policy: Code of Conduct/Conflict of Interest with Confidentiality Agreement/HIPAA Compliance
3. Policy: Release of Patient Medical Information
4. Review of Employee Handbook (which includes mandatory state required Photo ID requirement for all staff and contractors)
All attendees will be made aware that only employees or contractors are allowed access to confidential patient medical records based on their "need to know" the confidential patient information.
Staff sign-in sheets, agenda and training documentation will be available on site.

All patient faxes are received into the office electronically via computer and not on the fax machine in the front office, which is for outgoing faxes only. The system has been set up to avoid any confidential patient information being accessible to any member of the general public.
The agency office is accessible via punch code access on the front door. Keys to the file cabinets which contain personnel files and patient clinical records are only in the possession of the Administrator and the Alternate Administrator.

A sign-in log book has been created at the front desk so the agency has knowledge of all people in the building at all times and will only allow employees or contractors access to areas where confidential patient information is stored.

Administrator is responsible

Accomplishment date: 03/15/2019





 MEMO
FINAL OBSERVATIONS

Name - Component - 00


Observations:


Based on observation and interview with a "friend of the owner", it was determined the agency failed to ensure the agency was subject to inspection (in order to ensure the health, safety, and welfare of patients), at any time by authorized representatives of the Department. (Observation #2).

Findings include:

Observation #2: On 1/29/2019 at approximately 9:05 AM, office hours observed posted, for the public to view, on the front door of the agency, revealed the agency's office hours to be Monday-Friday, 9:00 AM to 5:00 PM. The agency's door was locked with no available entry for the Department surveyors at that time. A phone call was placed to the agency phone number provided to the department, with no answer.

In an interview with the sole individual present at the agency, identified as a "friend of the owner", on 1/29/2019 at approximately 10:05 AM , revealed there was no Supervising Registered Nurse or Alternate Supervising Registered Nurse present onsite or available by phone. The "friend of the owner" did not know who from the agency held the title of Supervising Registered Nurse or Alternate Supervising Registered Nurse, and did not know how to contact a Registered Nurse by phone. Additionally, the interview revealed there was no Administrator or Alternate Administrator present onsite or available by phone. The "friend of the owner" did not know when the Administrator would be available, and did not know of an Alternate Administrator. The individual identified as the "friend of the owner" stated she was unable to access patient or personnel files to allow for a survey from the Department. The two surveyors present each left their business cards which contained email addresses and office phone numbers. As of 1/29/2019 at 4:00 PM, there was no contact from an agency representative.

















Plan of Correction:

POC is optional and not required.
The agency now has an office coverage schedule and an assigned management staff person where either the Administrator or Alternate Administrator is always available onsite or by phone during office during the posted office hours (9:00 a.m. to 5:00 p.m.). This includes being available for any inspection from the State Department of Health.

During evening or off-hours, the agency phone number is now forwarded to an answering service that forwards the calls to the Administrator or Alternate Administrator for administrative issues and to the Director of Nursing or Alternate Director of Nursing (Nursing Supervisor) for any patient emergency needs.

Furthermore, the Administrator, Alternate Administrator and Director of Nursing are all aware of the need to contact the Department of Health if and whenever they come onsite to determine the nature of their visit and to discuss whatever issues must be addressed relative to the agency.

Accomplishment Date: 03/08/2019

Administrator is responsible