KEAP Confidentiality Policy

Information you provide to KEAP will be held in the strictest confidence according to state and federal law. By law, confidentiality may be void when there is a duty to warn of threat of harm to self or others, or in an abusive situation. Any other information disclosed requires an employee's specific permission.

KEAP works diligently to safeguard your information. To ensure privacy of state employees, the KEAP records database is hosted by a third-party provider. The KEAP system is not hosted by the Commonwealth Office of Technology to further ensure the confidentiality of all state employees.        

Records are maintained for a minimum of 6 years and are deleted and/or shredded internally. KEAP records are NOT subject to open records request.

With your permission KEAP may disclose information in order to assist in obtaining services for you. For instance, if you would like a referral to an outside treatment provider, KEAP may provide basic information to obtain the services for you. Treatment providers also have the responsibility to safeguard your information. In addition, with your agreement, KEAP may give information to insurance companies to obtain authorization for services.  Pursuant to the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), KEAP may use and disclose your PHI for treatment, payment, or health care operations including, but not limited to, patient referrals, preauthorization, and case management.
  
 (Please remember, if you contact us by email, we can not guarantee the safety of the transmission.)

KRS 202A.400
KRS 645.270
KRS 620.030
201 KAR 26:145

Legal Notices and Forms

Authorization for Release of Information
Request for Accounting of Disclosures.pdf
Request for Alternate Communications.pdf
Request for Restrictions.pdf
Request to Amend PHI.pdf
Request to Inspect or Copy PHI.pdf