The Colorado State Employee Assistance Program (CSEAP) follows federal (HIPAA) and state laws that require strict confidentiality and protection of client counseling records. Records are released only as appropriate under certain circumstances. The law does, however, mandate that licensed counselors and trainees (interns) serve as mandatory reporters to proper authorities in cases of known or suspected abuse or neglect of certain vulnerable populations.
All records are maintained in a secure, locked location or in secure electronic environments. The electronic medical record system used by CSEAP is accessible only to employees and interns of CSEAP or approved administrators. Where appropriate, CSEAP seeks Business Associates Agreements to ensure that vendors and associates (e.g. OIT) manage HIPAA-protected and sensitive information in accordance with applicable policies and laws. Individual data is not shared with anyone without the written permission of the client. Utilization reports containing aggregate data may be provided to state agency employers - these reports do not contain information that could identify an individual client.