Fla. Admin. Code R. 59A-23.005
(2) Provider Medical Records. The insurer or delegated entity shall maintain or assure that its providers maintain a medical records system, which is consistent with professional standards, pursuant to Section 456.057, F.S. The insurer or delegated entity shall develop and implement policies and procedures that:
(b) Protect the confidentiality and security of paper and electronic patient records including:
1. Transfer, storage, and faxing of records; and,
2. Handling of records containing information on HIV, substance abuse, and mental health, in accordance with statutory requirements;
(e) Identify the patient as follows:
1. Name;
2. Social Security, alien identification number, or other identification number;
3. Date of Birth; Employer; home and work telephone numbers;
4. Sex; and,
5. Date of work injury or illness.
(f) Indicate in the medical record for each visit the following information:
1. Date;
2. Chief complaint, unresolved problems or complaints from prior interventions and purpose of visit;
3. Objective findings of practitioner;
4. Diagnosis or medical impression;
5. Studies ordered, for example: lab, x-ray, EKG, and referral reports;
6. Therapies administered and prescribed;
7. Name and profession of practitioner rendering services, for example: M.D., D.O., D.C., D.P.M., R.N., O.D., etc., including signature or initials of practitioner;
8. Disposition, recommendations, instructions, and education to the patient. Evidence of whether there was follow-up and the specific time of return is noted in weeks, months or as needed;
9. Outcome of services;
10. Work status, release for return to work, work restrictions; and,
11. Evidence of coordination of care and any injured employee non-compliance with treatment.
(3) Case Files. The insurer or delegated entity shall maintain electronic or paper medical information necessary to ensure the efficient functioning of the care coordination process. The insurer or delegated entity shall develop and implement a policy and procedure that protects the confidentiality and security of case file information including the transfer and storage of paper and electronic information, and the handling of information on HIV, substance abuse, and mental health. Case files shall contain necessary information for the coordination of quality patient care between providers, insurers, employees, and employers including:
(4) Audits of provider records. The insurer or delegated entity shall implement an ongoing process for conducting medical record audits to determine compliance with the medical record standards specified under paragraphs (2)(d), (e) and (f). The insurer or delegated entity shall have a written methodology for determining the size and scope of the medical record audits that shall reflect the volume and complexity of services provided by the provider network. The insurer or delegated entity shall develop and implement an annual work plan for the medical record audits. The results of the audits shall be reported quarterly to the quality assurance committee and shall include the following:
Rulemaking Authority 440.134(25) FS. Law Implemented 440.134(5)(c), (6)(c)1.-4., 8., (7), (8) FS. History–New 9-12-94, Amended 10-8-01, 1-22-02.