Pharmacy Accreditation. Standards Guide

Similar documents
Clinic 1407 South 4 th St 1850 Gateway Dr Suite A DeKalb, IL Sycamore, IL 60178

Special payment rules for items furnished by DMEPOS suppliers and issuance of DMEPOS supplier billing privileges.

MEDICAL OFFICE COMPLIANCE TOOLKIT. The Complete Medical Practice Compliance Resource HIPAA HITECH OSHA CLIA

Health Information Privacy Refresher Training. March 2013

Medical/Clinical Assistant CIP Task Grid

NOTICE OF PRIVACY PRACTICES TEMPLATE. Sections highlighted in yellow are optional sections, depending on if applicable

Unit/Standard Number. Proficiency Level Achieved: (X) Indicates Competency Achieved to Industry Proficiency Level

Medicare Advantage and Part D Fraud, Waste, and Abuse Training. October 2010

HIPAA Notice of Privacy Practices - Sample Notice. Disclaimer: Template Notice of Privacy Practices (45 C.F.R )

Table of Contents of AASM DME Accreditation Standards

Minimum Performance and Service Criteria for Medicare Part D

NEW PATIENTINFORMATION INSURANCE INFORMATION PLEASE PROVIDE OUR OFFICE WITH A COPY OF YOUR INSURANCE CARD EMERGENCY CONTACT THIRD PARTY BILLING

Mastectomy-Only Facility Accreditation Standards

Standards for Accreditation of Non-Medicare Durable Medical Equipment (DME) Suppliers

Compliance Program and HIPAA Training For First Tier, Downstream and Related Entities

NOTICE OF PRIVACY PRACTICES Allergy Treatment Center of New Jersey, P.C. Effective Date: April 14, 2003

UPDATED. Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs

Developed by the Centers for Medicare & Medicaid Services

HIPAA Notice of Privacy Practices

HIPAA Omnibus Notice of Privacy Practices Effective Date: March 03, 2012 Revised on: July 1, 2015

Fraud, Waste, and Abuse

Insurance Intake Form, Authorization and Assignment of Benefits

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA)

Arizona Department of Health Services Division of Behavioral Health Services PROVIDER MANUAL

HIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as

Pharmacy Technician Structured Practical Training Program Logbook

DEPARTMENT OF HEALTH AND HUMAN SERVICES CENTERS FOR MEDICARE & MEDICAID SERVICES

Investigational Drugs: Investigational Drugs and Biologics

HIPAA NOTICE TO PATIENTS

AMERICAN BOARD FOR CERTIFICATION IN ORTHOTICS, PROSTHETICS & PEDORTHICS, INC.

PRIVACY NOTICE. In certain situations, we may also disclose patient information to another provider or health plan for their health care operations.

MEDICAID AND MEDICARE (PARTS C&D) FRAUD, WASTE AND ABUSE TRAINING

General HIPAA Implementation FAQ

ORDERING PROCEDURE for Asept Drainage Kit

WellDyneRx Mail Service General Questions and Answers

RULES OF DEPARTMENT OF COMMUNITY HEALTH HEALTHCARE FACILITY REGULATION

HIPAA POLICIES & PROCEDURES AND ADMINISTRATIVE FORMS TABLE OF CONTENTS

DEPARTMENT OF LICENSING AND REGULATORY AFFAIRS DIRECTOR S OFFICE PHARMACY PROGRAM FOR UTILIZATION OF UNUSED PRESCRIPTION DRUGS

Salt Lake Community College Employee Health Care Benefits Plan Notice of Privacy Practices

JOINT COMMISSION INTERNATIONAL ACCREDITATION STANDARDS FOR HOME CARE,

Review of Maine Pharmacy Rules. An update of new rules adopted 12/11/2013

Notice of Privacy Practices

AVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE

HIPAA NOTICE OF PRIVACY PRACTICES

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

PRIVACY PRACTICES OUR PRIVACY OBLIGATIONS

SDC-League Health Fund

NOTICE OF PRIVACY PRACTICES

PRIVACY HIPAA NOTICE OF PRACTICE

Fraud, Waste & Abuse. Training Course for UHCG Employees

Notice of Privacy Practices for Protected Health Information (PHI)

Interviewable: Yes No Resident Room: Initial Admission Date: Care Area(s): Use

FAQs on the Required National Provider Identifier (NPI)

NEW HAMPSHIRE. Downloaded January 2011 HE P NURSING HOME REQUIREMENTS FOR ORGANIZATIONAL CHANGES.

Compliance Training for Medicare Programs Version 1.0 2/22/2013

ExCPT Certified Pharmacy Technician (CPhT) Detailed Test Plan* 100 scored items, 20 pretest items Exam time: 2 hours 10 minutes

REPRODUCTIVE ASSOCIATES OF DELAWARE (RAD) NOTICE OF PRIVACY PRACTICES PLEASE REVIEW IT CAREFULLY.

Pulmonary Associates of Richmond, Inc. Notice of Privacy Practices Page 1 of 6

2014 ACMPE Exam Blueprint

Notice of Privacy Practices

UNITED CEREBRAL PALSY OF NORTHWEST MISSOURI NOTICE OF PRIVACY PRACTICES EFFECTIVE DATE: OCTOBER 22, 2014

Privacy Notice Document (HIPAA)

The methods of implementation of these elements of the standard are discussed in the subsequent pages of this ECP.

Montclair State University. HIPAA Security Policy

DIVISION 25 CERTIFIED OREGON PHARMACY TECHNICIANS AND PHARMACY TECHNICIANS

Indiana Healthcare Physician Services Privacy Standards Notice of Health Information Practices

MAGELLAN HEALTH SERVICES ORGANIZATION SITE - SITE REVIEW PACKET Behavioral Health Intervention Services (BHIS) ONLY

POSITION DESCRIPTION COLUMBUS REGIONAL HEALTHCARE SYSTEM

UNIVERSITY PHYSICIANS OF BROOKLYN, INC. POLICY AND PROCEDURE. No: Supersedes Date: Distribution: Issued by:

HIPAA Security Compliance Reviews

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

Final. National Health Care Billing Audit Guidelines. as amended by. The American Association of Medical Audit Specialists (AAMAS)

Table of Contents. 2 P a g e

Programs of All-Inclusive Care for the Elderly (PACE)

EFFECTIVE DATE: 10/04. SUBJECT: Primary Care Nurse Practitioners SECTION: CREDENTIALING POLICY NUMBER: CR-31

MILITARY HEALTH SYSTEM NOTICE OF PRIVACY PRACTICES. Effective April 14, 2003

NOTICE OF PRIVACY PRACTICES

The Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No A-94B, AFL-CIO. Notice of Privacy Practices

NOTICE OF PRIVACY PRACTICES FOR ORTHOPAEDIC SURGERY & REHAB. ASSOCIATES, P.C.

Ambulatory Surgical Centers Frequently Asked Questions

Nurse-Managed Medication Inventory

HIPAA Compliance Review Analysis and Summary of Results

EXPOSURE CONTROL PLAN (sample) 1 Child Care Directors and Employers

HIPAA Privacy Policies

Access to Employee Exposure and Medical Records

DIVISION OF CORPORATIONS, BUSINESS AND PROFESSIONAL P.O. BOX JUNEAU, ALASKA ALASKA STATE BOARD OF PHARMACY

Louisiana Administrative Code. Title 46 Professional and Occupational Standards. Part LIII: Pharmacists

PHI- Protected Health Information

Transcription:

Pharmacy Accreditation Standards Guide

Accreditation Standards Guide Table of Contents An Overview of BOC Pharmacy Accreditation Business Administration... 3 A. Corporate Structure and Governance... 3 Physical Location... 4 Scope of Service... 5 Standard Business Practices... 5 Prevention of Fraud, Waste, and Abuse... 5 Ethics... 5 B. Financial Management... 5 Annual Operating Budget... 6 Income Statements and Balance Sheets... 6 Service Contracts... 6 C. Human Resource Management... 7 Licenses, Registrations, and Certifications... 7 Continuing Education... 7 Employee Manual... 7 Background Checks... 7 D. Performance Management... 8 Quality Improvement and Medication Error Reporting... 8 Immunizations... 8 Patient Safety... 9 Consumer Services...10 Consumer Surveys...10 Complaint Resolution...10 Adverse Events...10 Incident Report...11 Medication Safety and Error Report Program...11 Medication Therapy Management (MTM)(when applicable)...11 E. Product Safety...12 Safety of the Workplace...12 Retired and Expired Items...12 Exposure Control Plan...12

Hazard Communication...12 Employee Information and Training...13 F. Information Management...13 Patient s Bill of Rights and Responsibilities...13 Business Associate Agreement...13 The Health Insurance Portability and Accountability Act (HIPAA)...13 Confidentiality Responsibilities...14 Internet and Email Policies...14 Release of Information...14 Records Storage and Shredding...15 G. Compounding Pharmaceutical...15 Licensing (where applicable)...15 Non-Sterile Compounding...15 Sterile Compounding...15 Chemicals and Components...16 Service Requirements...16 H. Supplier and Physician Collaboration...16 Confirmation of Physician s Orders...16 Coordination...16 I. Product Information, Delivery, and Documentation...17 Order Intake Form...17 Patient Instructions...17 Patient Record...17 Mail Orders...17 2

An Overview of BOC Pharmacy Accreditation The Board of Certification/Accreditation (BOC) Pharmacy Accreditation Standards, inclusive of the Centers for Medicare and Medicaid Services (CMS) Quality Standards and National Supplier Standards, were developed to assure the public of the availability of DME/HME services, consistent with federal, state, and local laws and regulations. BOC requires that all accredited pharmacies submit any documentation necessary to reflect continued compliance with the standards at the time of annual renewal. To maintain pharmacy accreditation, pharmacies must reaccredit every three years. Pharmacy Accreditation may be obtained in conjunction with DMEPOS accreditation or as a stand-alone accreditation. The pharmacy must follow Department of Health and Human Services (HHS), Center for Medicare and Medicaid Services (CMS), Drug Enforcement Agency (DEA), Food and Drug Administration (FDA), and the respective state boards of pharmacy standards. Pharmacy services encompasses the provision of retail, long term care (LTC), and specialty pharmacies Medicare Part D and the Patient Safety Act. Business Administration Corporate Structure and Governance The pharmacy complies with all federal, state, and local laws and is a legally constituted entity in the state in which it is located. When applicable, the organization must have a corporate charter and governing body that sets policy for the entity. The organization must have one or more individuals who perform leadership functions with the authority, responsibility, and accountability to direct the organization and its key activities. The organization must identify those individuals who serve as its leadership and management. The leadership must ensure that the organization complies with these standards, as well as all other applicable laws and regulations, and that its programs and services meet patient needs. The pharmacy must submit an organizational chart indicating the lines of authority and accountability. Governance defines responsibilities in writing, provides for organizational management and planning, approves the written scope of services for the organization, selects the chief executive, provides for the resources necessary 3

to maintain safe quality care, and works with other leaders to annually evaluate the organization s performance in relation to its mission, vision, and goals. The pharmacy agrees to notify BOC of any changes in ownership, corporate officers / structure, or practitioners within 30 days of hiring or termination. The pharmacy must have a designated Compliance Officer to assure compliance with applicable laws and regulations. This person must be identifiable by employees and patients to enable contact if issues or concerns arise. The pharmacy must post the contact information in public view. The pharmacy s policies and procedures must be designed to promote the provision of high-quality patient care in compliance with all applicable federal and state laws, regulations, and professional certification guidelines (e.g. FDA, DEA, HHS, HIPAA, ADA, and OSHA), and pharmacist scope of practice. Physical Location The pharmacy must maintain a physical facility on an appropriate site. The location must be at least 200 square feet and must contain space for storing business records, including the pharmacy s delivery, maintenance, financial, and patient communication records. All of the pharmacy s locations, whether owned or subcontracted, must meet the state pharmacist board regulations and be accredited separately. In the case of a multi-site pharmacy, records may be maintained at a centralized location. Compliance Officer: An employee or contracted individual whose responsibilities include ensuring that the company follows outside regulatory requirements and internal policies. A post office box or commercial mailbox is not considered a physical facility. The pharmacy must permit HHS or its agents to conduct on-site inspections to ensure the pharmacy s compliance. The pharmacy location must be accessible to patients during reasonable business hours and maintain a visible sign and posted hours of operation. If the pharmacy is a closed LTC or an infusion pharmacy, patients do not have access to the pharmacy as products are delivered to the patient or a facility. The pharmacy must maintain a primary business telephone listed under the name of the business in a local directory or a toll-free number available through directory assistance. The exclusive use of a beeper, answering machine, answering service, or cell phone during posted business hours is prohibited. The pharmacy must inform BOC when a new location is opened, and the pharmacy must not convey or reassign a supplier number. 4

Scope of Service The pharmacy receiving payment must be the entity furnishing and billing for the items and services. Pharmacies must have individuals on staff to support the specialties, products, and services provided. Professional personnel (e.g. pharmacists, pharmacy technicians, or orthotic fitters) who are licensed or certified must be employed by the pharmacy as a W-2 or 1099 employee. 1099 employees must have a HIPAA Business Associate Agreement on file. Standard Business Practices The pharmacy must have a comprehensive liability insurance policy in the amount set by the state pharmacy board. If a pharmacy composes its own items, the insurance must also cover product liability and completed operations. Failure to maintain required insurance at all times will result in revocation of the pharmacy s license. BOC must be listed as a certificate holder. Prevention of Fraud, Waste, and Abuse The pharmacy implements business practices to prevent and control fraud, waste, and abuse by using procedures that articulate standards of conduct to ensure the organization s compliance with Pharmacy and Medicare Part D standards, applicable laws, and regulations. Ethics The Compliance Officer must train and educate employees, contractors, and agents on compliance policies, procedures, internal monitoring, and reporting of deficiencies. Management must document and keep records regarding compliance efforts (e.g. training, situations, and actions taken). The pharmacy and its staff must subscribe to a body of ethical statements respective to pharmacy or professional categories, credentials, or licensure. The pharmacy must recognize its responsibility to patients. Financial Management The pharmacy must implement financial management practices that ensure accurate accounting and billing to CMS, patients, and third-party payors. 5

Financial records must be accurate, complete, and current. Records must reflect cash- or accrual-based accounting practices and maintain a mechanism to track actual revenues and expenses. The pharmacy must maintain accounts that link products and services to the patient and manage revenues and expenses on an ongoing basis related to patient services. The pharmacy agrees to produce records as requested by the BOC site surveyor for the purpose of completing the site survey and proof of compliance with BOC standards. Annual Operating Budget The pharmacy must have an annual operating budget, as appropriate to the business s size and scope of services, to meet the needs of patients and maintain business operations. Management must periodically review the business s actual financial performance in relation to the operating budget, making adjustments as necessary utilizing year-end projections on services and appropriate infrastructure to determine budget variance. Income Statements and Balance Sheets The pharmacy must periodically produce financial statements that include a balance sheet denoting the company s assets and liabilities and an income statement reflecting the revenue earned over a specific time period. Guidelines for corporate balance sheets are provided by the International Accounting Standards Committee (IASC). The pharmacy s financial statements should all be related so that changes in assets and liabilities on the balance sheet will also be reflected in the revenues and expenses reported on the income statement, showing the company s gains or losses. Service Contracts The pharmacy must maintain service contracts, as needed. The pharmacy should ensure that contracts specify job requirements, including policies and related qualifications for contracted personnel to include necessary licensures and certifications. The contracts must be signed by both parties with date of execution noted. IASC Website: http://www.iasplus.com/sta ndard/standard.htm Service Contracts: Agreements between the pharmacy and outside entities to perform certain functions at an agreed price over a fixed period of time. 6

Human Resource Management The pharmacy must document the individual skills, qualifications, health assurances, and number and types of personnel needed. These are defined by the mission, scope, complexity of services, equipment and products provided, and laws and regulations as applicable. This applies to all employees and contractors. A pharmacy must maintain a personnel file on each employee. All pharmacy technician personnel must be competent to process and fill prescriptions for the pharmacist s review. The pharmacy must monitor performance in providing patient services. The pharmacy must document personnel issues and how they are addressed within individual employee records and implement procedures for similarly established compliance among contractors. Licenses, Registrations, and Certifications The pharmacy must display all federal, state, or local licenses, registrations, or certifications in public view as required. Continuing Education The pharmacy must develop, implement, and maintain written or electronic staff education for all pharmacy employees, specific to the respective responsibilities and the individual tasks and services provided to patients. The staff education plan informs employees of requirements for safe and competent patient services based on criteria derived from standards, clinical manuals, manufacturers guidelines, etc. It should also include prevention and control of infection, patient rights, and HIV / AIDS education. Employee Manual A pharmacy must provide a manual to each employee that includes the following: Job descriptions for each position Policies and procedures Pharmacy hours of business and closures Emergency contacts Employee benefits Health assurance An employee personnel file must include: Name, address, phone number(s), and date of hire W-4, I-9, and other required tax forms Verification of employment eligibility, credentials, and continuing education Emergency contact information Documentation of annual work performance Documentation of health assurance Criminal background check, as required by law Signed HIPAA associate agreement OIG Website: http://exclusions.oig.hhs. gov Background Checks The pharmacy must conduct background checks and Office of the Inspector General (OIG) exclusion list reviews for all employees and contractors as required by law or regulation. 7

Performance Management The pharmacy must implement a performance management plan that measures consumer services, billing practices, and adverse events. Certain aspects of services that have an increased potential to cause harm must be documented and improved. The pharmacy must measure patient satisfaction, problems, and concerns. The frequency of billing and coding errors must be documented and corrected. The pharmacy must seek input from staff, patients, and outside sources when assessing the quality of its operations and services. Annually, the pharmacy must evaluate its performance with respect to its mission, goals, and objectives. Quality Improvement and Medication Error Reporting Performance Management is expanded to include medication Adverse Events. Each pharmacy must identify, record, document, and correct all medication errors. These adverse events will be added to the Performance Management Report and measured using the Performance Management Outcomes. Retraining of the individuals involved with the medication must be documented. Reporting adverse events should NOT be considered punitive, but a tool to identify potential issues within the operation so serious events can be prevented. At this time there is no requirement for external reporting of adverse events, however, another regulatory body may require external reporting in the future. Immunizations When pharmacy immunizations are provided, immunizations must be conducted in a safe and clean environment. This area must be private. Use of fitting rooms or privacy curtains is permitted. Establish a vaccine coordinator Establish storage requirements and inventory control Immunizations provided by a Pharmacist Immunizer License and/or licensed nurse or other healthcare professional operating under their licensure scope of practice Maintain current Standing Orders which are signed by a licensed physician Emergency Protocols and Medical Management of Vaccine Reactions are in place for adverse reactions and are signed by a licensed physician 8

Maintain a intake process which includes, at a minimum: o Screening questionnaires for adults, teens and children o Mass immunization rosters o Vaccine Immunization records o Vaccine handouts Temperature control is mandatory. Use of temperature monitoring thermometers is recommended by the CDC and is required for accreditation. Maintain a vaccine disposal policy Ensure recommendations issued by the Centers for Disease Control and Prevention (CDC) and the Immunization Action Coalition (IAC) are implemented Patient Safety Medication safety is paramount in the pharmacy. Processes must be established to ensure pharmaceuticals are properly labeled, marked and stored within the pharmacy. Processes to ensure Sound-A-Like medications are not inadvertently given to the patient. Processes must be established to ensure proper dispensing, medication labeling, warning labeling, safety instructions are provided to the patient. Labeling is provided by the pharmacy software system but a check and balance system must be created to reduce the possibility of errors. Processes must be established to receive notification of a medication recall by the drug wholesaler, DEA, FDA or any other agency. These processes must identify how to remove medication from the pharmacy storage and contacting patients who have received the recalled medication. Processes must be established for patient consultation. Consultation must be in a separate or discreet area of the pharmacy. Consultation must include: Allergies Medication Administration Medication interactions Medication review 9

Consumer Services Pharmacy must establish processes to ensure proper workflow management in the dispensing process to ensure accountability, efficiency, and accuracy. Pharmacy must establish a goal for patient wait time in the pharmacy. Patients should have a comfortable waiting area. Consumer Surveys The pharmacy must generate data from patient satisfaction surveys and complaints about products and services. Data should be gathered regarding response times to patient questions, problems, and concerns. Data should reflect the impact of pharmacy s business practices on the adequacy of patient access to drugs, services, and information. The pharmacy must agree not to contact a patient after fourteen months of no service or care unless: the pharmacy is contacting the individual to coordinate the delivery of the item; or the contact concerns the furnishing of a Medicarecovered item other than those already furnished to the individual. Complaint Resolution The pharmacy must respond to a complaint within five business days. Complaint records must be kept at the pharmacy s physical location and made available to CMS or BOC upon request. The pharmacy must provide written notification to the patient regarding the results of its investigation within 14 calendar days if an investigation has occurred. Adverse Events The pharmacy must implement a policy and procedure for avoiding adverse events to patient s due reaction to prescribed medication. The pharmacy must keep records of all adverse events that occur in the use of prescribed medication, including date, nature of the event, and resolution. Complaint records must contain the following: Patient s name, address, telephone number, and insurance claim number Date received, name of the person receiving the complaint, as well as a summary of the complaint and resolution Supplier respondent s name Summary of investigation A physician may prescribe a particular brand and method of use for an item if the physician determines that this specification would avoid an adverse medical outcome. The specification reasoning must be documented in the patient s record. Any change in the prescription requires a revised written prescription by the physician. 10

Incident Report The pharmacy must define and implement a process for identifying, analyzing, reporting, managing, and preventing incidents. This includes a risk-reduction strategy and action plan that measures the effectiveness of process and system improvements. Data collected will measure potentially high-risk processes (e.g. blood-borne pathogens). Analyzing the collected data will assist the pharmacy in determining whether there are unacceptable levels of performance. Risk Management: reduce a certain type of event. Example: wrong medication, wrong patient, interaction, etc. The pharmacy must investigate any incident or reaction in which the medication provided may have been involved. The investigation must be initiated within 24 hours of the pharmacy s awareness of the incident, or reaction resulting in the patient s hospitalization or death. Other incidents or reactions must be investigated within 72 hours of pharmacy awareness. Medication Safety and Error Report Program Workflow Management practices must be established to reduce medication errors. These practices must also include the identification, reporting and corrective action on all suspected medication errors. This process includes but is not limited to: Documenting errors Reporting errors to Pharmacist In Charge Reviewing reported errors to identify source of error Retraining of individuals/staff so errors will not occur again Pharmacists must review all medications prior to dispensing. The pharmacist must check the National Drug Code (NDC), medication origin container, and medication against the prescription label to ensure proper medication and dosage is dispensed. Reporting and measuring requirements are found in the Performance Management Section. Medication Therapy Management (MTM)(when applicable) Establish medication profile within pharmacy computer system. Review, Assess and evaluate medication therapy to reduce poly pharmacy, medication interactions and patient outcomes. 11

Recommend medication, medication administration and dosage changes to physicians as needed. Product Safety Safety of the Workplace The pharmacy must provide a place of employment that is free from hazards and complies with standards, rules, and regulations issued under the Occupational Health & Safety Administration (OSHA) Act. The supplier must conduct a workplace hazard assessment to ensure compliance with OSHA. Retired and Expired Items The pharmacy must have a plan to remove, quarantine, and destroy expired or retired pharmaceuticals from its inventory. Exposure Control Plan The pharmacy must be committed to providing a safe and healthy work environment for their entire staff. In pursuit of this goal, the pharmacy must create an Exposure Control Plan (ECP) to eliminate or minimize occupational exposure to blood-borne pathogens in accordance with OSHA standard 29 CFR 1910.1030. ECP Website: http://www.osha.gov/pls/os haweb/owadisp.show_doc ument?p_table=standards &p id=10051 The pharmacy must have a copy of the ECP accessible to employees in compliance with appropriate OSHA standards Universal precautions must be observed to prevent contact with blood or other potentially infectious materials. The Exposure Control Plan must be reviewed and updated annually to reflect new or modified tasks and procedures that affect occupational exposure. The pharmacy must provide hand-washing stations and personal protective equipment, such as gloves, gowns, lab coats, face masks, and eye protection if performing compounding. The pharmacy must be clean and sanitary. Hazard Communication The pharmacy must maintain a written hazard communication plan that describes how the OSHA Hazard Communication Standard (HCS) will be implemented. Pharmacies are responsible for informing and training employees on potential hazards associated with the chemicals currently in their pharmacy. A manual of hazardous materials must be available to employees; warning signs should be posted in appropriate areas. 12

The inventory, including compounding ingredients, must include Material Safety Data Sheets (MSDS). Each hazardous material must be labeled, tagged, or marked with the identity of the material and appropriate hazard warning. If the material is transferred by the pharmacy from the original container to another container, all information must clearly be marked on the new container. Injuries or chemical exposures must be documented on an Incident Report Form. A Hazardous Communication Manual (HCM) describes how the requirements for warnings, material safety data sheets, employee information, and training will be met. Employee Information and Training All employees with occupational exposure must participate in training programs provided at no cost to the employee and during working hours by the pharmacy. Employees who may be exposed to hazardous chemicals when working must be provided information and training prior to the initial assignment to work with a hazardous chemical, as well as when hazards change. Information Management Patient s Bill of Rights and Responsibilities The pharmacy must develop a Patient s Bill of Rights and Responsibilities to be given to each patient served that includes information on individual dignity, financial information and disclosure, access to healthcare, and experimental research. The pharmacy must have the patient sign for the receipt and understanding of the Patient s Bill of Rights and Responsibilities; verification must be kept in the patient s file. Business Associate Agreement The pharmacy must obtain satisfactory assurances from its business associates that they will safeguard the protected health information received or created on behalf of the covered pharmacy. Satisfactory assurances must be in writing in the form of an agreement and underlying service agreement. The Health Insurance Portability and Accountability Act (HIPAA) For information on HIPAA standards, refer to the website. MSDS: Detailed information bulletins prepared by the manufacturer of a chemical describing the physical and chemical properties, physical and health hazards, routes of exposure, precautions for safe handling and use, emergency and first-aid procedures, and control measures. The HCM must include the following: The person responsible for ensuring labeling of containers The location of hazardous materials A description of the labeling system The procedure for reviewing and updating label information Safety rules and procedures, including the cleanup and disposal of hazardous materials The procedure for reporting noncompliance The appropriate steps to limit exposure to employees The location of protective equipment A plan for emergency evacuation A list of emergency phone numbers HIPAA Website: http://www.hhs.gov/hipaa/p rivacy.html 13

Confidentiality Responsibilities The pharmacy must have appropriate administrative, technical, and physical safeguards in place that protect against uses and disclosures not permitted by HIPAA. Pharmacy safeguards are not expected to guarantee the privacy of protected health information from any and all potential risks. Reasonable safeguards vary from pharmacy to pharmacy, depending on factors (e.g. size of facility or nature of business). In implementing reasonable safeguards, the pharmacy must analyze its own needs and circumstances, including the nature of the protected health information it holds, and assess the potential risks to patients privacy. Internet and Email Policies The Office of Civil Rights (OCR) has delegated authority to enforce the HIPAA Privacy and Security Standards for safeguarding the confidentiality, integrity, and availability of Electronic Protected Health Information (EPHI). The pharmacy that conducts business activities by portable media and devices, laptops, personal digital assistant (PDA), home computers, or other non-corporate equipment must follow HIPAA standards and train its employees accordingly. Training must cover policies prohibiting use over open networks (e.g. internet and email) and downloading to public or remote computers. Refer to HIPAA Security in regard to implementation of policies and procedures for authorizing PHI and EPHI access, including information on safeguards to be implemented. Other devices that may be causes of concern due to vulnerability include: smart phones, flash drives, memory cards, CDs, DVDs, backup media, email accounts, and other remote access devices. Hotel, library, or other public workstations would also be included. Release of Information The Privacy Rule allows a pharmacy to obtain patient consent for uses and disclosures of protected health information for treatment, payment, or healthcare operations. Pharmacies that do so have complete discretion to design a process that best suits their needs. HIPAA security and privacy rules: http://www.hhs.gov/ocr/priv acy/hipaa/understanding/sr summary.html Authorization: a detailed document that gives suppliers permission to use protected health information for specified purposes, which are generally those other than treatment, payment, or healthcare operations, or to disclose protected health information to a third party specified by the patient. By contrast, an authorization is required by the Privacy Rule for uses and disclosures of protected health information not 14

otherwise allowed by the Privacy Rule. An authorization must include: a description of the protected health information to be used and disclosed, the person authorized to make the use or disclosure, the person to whom the pharmacy may make the disclosure, an expiration date, and, in some cases, the purpose for which the information may be used or disclosed. Records Storage and Shredding The pharmacy must maintain accurate, confidential, and secure records in accordance with HIPAA and other applicable state standards. The pharmacy must take reasonable measures to store records in a location and manner that minimizes damage from fire, water, or natural disaster. Personal information that is not stored in a patient s record and is discarded must be shredded. Compounding Pharmaceutical Compounding must be conducted in a safe environment with properly trained pharmacists and pharmacy technicians. The Pharmacist-In-Charge must be familiar with and have access to USP <795> and <797> standards. Licensing (where applicable) The pharmacy must be properly licensed through the state board of pharmacy to the level of compounding products being dispensed. Pharmacist, Registered Nurses, Physician Assistants and Pharmacy Technician (when applicable) must be licensed for the states which compounding products are being shipped. Non-Sterile Compounding Non-Sterile compounding, (i.e. emulsification and simple creams) will follow the USP <795> Standards; pharmacy accepted practices will be used when emulsifying medications and/or mixing simple creams; as well as the Pharmacy Compounding Accreditation Board Standards. Sterile Compounding Pharmacy provides sterile compounding will follow the USP <797> Standard and the Pharmacy Compounding Accreditation Board standards. 15

Chemicals and Components All chemicals and compounding components will be stored in a safe manner and in accordance with the manufacturer s instructions. All chemicals and compounding components will have Material Safety Data Sheets (MSDS) available, hard copy or electronic. All chemicals and compounding components will have the MSDS listed on the Hazardous Chemical Inventory Sheet. Service Requirements Supplier and Physician Collaboration The pharmacy, in collaboration with the prescribing physician, must review the patient s record and incorporate any necessary revisions related to the patient s condition that affect the medication or services provided. Confirmation of Physician s Orders The pharmacy must communicate with the prescribing physician before finalizing a treatment plan. Any changes or suggestions should be discussed and approved by the physician in writing. Documentation must be noted in the patient s file. The pharmacy must ensure prescriptions received by written, fax, telephone and/or escripts are valid and legal. If the prescription cannot be read or a drug interaction warning is received, the pharmacist must contact the prescribing physician for clarification. The pharmacy must refer the patient to the prescribing physician for intervention or treatment when there are dangerous drug interactions. Coordination The pharmacy must incorporate information from other healthcare members in the delivery of the medication. The pharmacy should solicit feedback from the physician to determine the effectiveness of the medication provided to the patient. 16

Product Information, Delivery, and Documentation Order Intake Form The pharmacy should use its pharmacy software system for entering patient information during the initial evaluation of the patient. Patient Instructions The pharmacy must provide a drug information sheet. The pharmacy must advise the patient or caregiver of any warning or safety requirements. Patient Record Pharmacy patient records must be maintained within the pharmacy computer systems. Processes must be established to ensure daily backup of pharmacy files occurs and verification that the backup contained all patient records and they are usable. Pharmacy prescription files will be kept in accordance with state pharmacy board regulations and HIPAA and CMS storage requirements. If the pharmacy software maintains patient files at an off-site server, the data must be secure and encrypted and specified in the HIPAA Business Associated Agreement, to include breach reporting instructions. Mail Orders Pharmacy providing mail-order delivery to the patient must verify and document it in the patient s record that the patient and caregiver have received all instructions. The pharmacy ensures the patient and caregiver are able to use all prescribed medications safely and effectively. Order Intake Form may include: Type of equipment and service prescribed Pertinent diagnoses, including mental status Frequency of visits Prognoses Potential for rehabilitation Functional limitations Permitted activities Safety measures to protect against injury Instructions A pharmacy that provides equipment or services must provide the following to patients and caregivers: instructions information regarding expected delivery time verification of receipt documentation of make and model option to rent or purchase when applicable contact information for regular business hours and after hours 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information