POPS Chapter 2 – Quality Assurance for Focused HIV Testing, Counseling, and Linkage to Care for HIV Prevention


2.1 Client Records

2.2 Release of Information

2.3 Retention of Client Records

2.4 Record Destruction

2.5 Training and Supervision Requirements for HIV Testing

Purpose: This chapter provides guidelines for documentation, quality assurance, and training requirements for Focused HIV Testing, Counseling, and Linkage to Care HIV prevention contractors.

These guidelines are written in accordance with the following: Texas Health and Safety Code, Title 2, Subtitle D Chapters 81, 85, and 93 (relating to Education and Prevention Programs for Hepatitis C); Title 25 of the Texas Administrative Code (TAC) Chapters 97 Subchapter B; and Chapter 98; and Texas House Bill Number 4.

2.1 Client Records

As a minimum standard, a client record (paper or electronic) will be initiated on each person that receives testing services. Contractors funded to provide focused testing and linkage must develop systems to document information consistent with confidentiality laws.

2.1.1 Client Record Requirements

As outlined in Chapter 1.4: Required Tasks of HIV Testing, contractor must provide documentation that all tasks were completed. Contractors must have client records available for review by DSHS Staff. Client records must include the following:

  1. Copy of signed informed consent from client.
  2. Client information to include:
    • Date of birth
    • Client State
    • Client County
    • Client zip code
    • Client assigned sex at birth
    • Client current gender identity
    • Client race, and
    • Client ethnicity.
  3. Documentation if client choose anonymous or confidential HIV testing.
  4. Documentation of brief HIV vulnerability assessment including:
    • Reason for HIV test,
    • Recent sexual and injection drug use behaviors since last HIV test,
    • In the past five years, has the client:
      • Had sex with a male, female, or transgender person
      • Injected drugs or substances
    • Date and type of recent risk exposure,
    • History of STD diagnosis and treatment, and
    • Date of last HIV test and test result.
  5. Documentation that tests results were provided to the client in a timely and appropriate manner.
  6. Documentation that basic information about HIV transmission and HIV testing was provided to the client including but not limited to:
    • Benefits of testing,
    • Behaviors that transmit HIV,
    • How to prevent HIV transmission, including PrEP, nPEP, and Treatment as Prevention (TasP),
    • Testing technology used (rapid test, blood draw, or self-test kit),
    • When and how HIV test results will be provided to client
    • Procedure if client receives a positive diagnosis (e.g., confirmatory or subsequent testing, introduction of partner services, linkage to care), and
    • Procedure if client tests negative and is interested in accessing PrEP.
  7. Documentation that client was provided population-specific, age appropriate, culturally affirming health messages and materials that address the client’s vulnerability to HIV acquisition and prevention needs, including education on Combination Prevention.
  8. Documentation that the client was screened for PrEP and nPEP, using a locally validated or CDC supported screening tool, and was offered referrals if eligible.
  9. Documentation that client was screened for and received referrals, as appropriate, for essential support services including but not limited to:
    • Health benefits and navigation enrollment,
    • Evidence-based risk reduction interventions,
    • Behavioral health services,
    • Housing, and
    • Social services.
  10. Documentation that supplemental testing was collected by venipuncture immediately, on-site, after a point of care HIV and syphilis health check preliminary positive test result.
  11. Documentation of all test results.
  12. Documentation that all positive test results, including preliminary positive results, were reported in accordance with disease reporting rules.
  13. For positive HIV test results, documentation of referral, follow up, and confirmation to HIV related medical care.
  14. For positive HIV test results, documentation of public health follow-up referrals.

If a client refuses to provide any required information, document client refusal in the record.

2.1.2 Consent to Testing for HIV

In accordance with Vernon's Texas Code Annotated, HSC §§81.105 Informed Consent and Health and Safety Code HSC §§81.106 General Consent, a test designed to identify HIV transmission may not be performed without first obtaining the informed consent of the person being tested.

Consent need not be written if there is documentation in the client’s chart that the test has been explained to the client and verbal consent has been obtained. A person who has signed a general consent form for the performance of medical tests or procedures is not required to sign a specific consent form relating to HIV testing during the time in which the general consent form is in effect.

The result of a test for HIV performed under the authorization of a general consent may be used only for diagnostic or other purposes directly related to medical treatment of the client. Some institutions may have stricter policies concerning consent for HIV testing than that stated in statutes.

Violation: An individual or entity that tests without consent has committed a Class A misdemeanor.

2.2 Release of Information

All information and records relating to reportable diseases are to be kept confidential. Contractors must have a process in place to ensure the identity of the person returning for test results. Test results or other information that could identify a client may not be released or made public. HIV and STD testing information may be released only under the following circumstances:

  1. To the local health authority, regional public health department, or to the Department of State Health Services (DSHS) in accordance with regulations for disease reporting;
  2. As statistical information, but only if persons cannot be identified in the information;
  3. Under strict and legally defined conditions when a possible exposure has occurred, as determined by legal counsel on a case-by-case basis;
  4. To the client directly – if your agency is providing written test results, they should be provided on agency letterhead or similar form and clearly state:
    • Name of the agency and the date the test was conducted;
    • Test result (positive or negative);
    • Explanation of the result relative to the window period and/or date for retesting;
    • Written results should not be provided when conducting anonymous HIV; testing; and
  5. To another party with the client’s written consent.

If the client wants a copy of their test results or other confidential information released to a third party, an Authorization to Release Confidential Information Form should be completed and signed by the client. The form will specify to whom the information is being released, the purpose of the release and the specific information to be released.

2.2.1 Transmission of Medical Information via Electronic Machines

Facsimile (FAX) transmission of confidential information must only be done when other methods of sending information are unavailable or would delay the timely provision of services. To ensure that a breach of confidentiality does not occur when transmitting medical information via fax machines, faxing confidential information should fall under the following guidelines:

  1. Confidential information sent using a fax must be faxed under a cover sheet;
  2. The cover sheet must not contain the words HIV, AIDS, or STD anywhere on it; and
  3. Information to be faxed must:
    • Be De-identified (client's name and all other identifying information removed);
    • Have identifying information sent in a separate fax transmission only after the sender has confirmed receipt of the first fax with the receiver; or
    • Have all HIV/STD-related information removed or converted to a code.
  4. Anyone sending a fax must confirm that the information faxed was received by the intended recipient;
  5. Fax machines used to send or receive confidential information must be in a secure area;
  6. Programs are encouraged to use separate fax machines instead of multifunctional machines which include faxing capabilities;
  7. Call the receiver of the fax to ensure that the fax is in a secure area and make them aware that a confidential fax is being sent over;
  8. Remove any HIV identifiers from the documents being sent over including position title, business name or department title; and
  9. Follow up with the receiver once the fax has been submitted to ensure receipt.

Violation: In accordance with Health and Safety Code HSC §81.103 Confidentiality; Criminal Penalty, breach of confidentiality is a Class A misdemeanor and is punishable by up to one year in jail and fines of up to $5,000. Violation of confidentiality is also a civil offense that may result in liability for damages plus fines.

Additional DSHS security and confidentiality guidance can be found in the TB/HIV/STD Section Confidential Information Security policy.

2.3 Retention of Client Records

The contractor must have a system in place that complies with current confidentiality laws to protect client or patient records and documents maintained in connection with HIV/STD prevention activities.

Retention guidelines are as follows:

  • STD test results – All STD records containing positive test results (including congenital syphilis) must be maintained for 7 years past the last date of service. STD medical records must be kept 7 years past the last date of service or until the patient’s 21st birthday, whichever comes later.
  • STD intervention records – All STD intervention records (including investigations, interviews, and disease intervention case management notes) must be kept 3 years past the last date of service or until the patient’s 21st birthday, whichever comes later.
  • Adults who are HIV-positive – Prevention counseling notes, risk reduction plans, and case management records compiled on individuals living with HIV must be maintained for 7 years past the last date of service or patient’s death, if known.
  • Children who are HIV-positive – For children diagnosed with HIV, the records must be kept for 3 years after the 21st birthday, even in death, or 7 years, whichever comes later.
  • HIV and AIDS disease intervention records – HIV and AIDS disease intervention records (including investigations, interviews, and disease intervention case management notes) must be kept 3 years past the last date of service or until the patient’s 21st birthday, whichever comes later.
  • Anonymous HIV-positive test results – HIV-positive anonymous test results (including serology, counseling notes, risk reduction plan, and prevention case management notes) must be maintained 1 year passed the test date or last date of service, whichever comes later.
  • Anonymous HIV-negative test results – HIV-negative anonymous test results (including serology, counseling notes, and risk reduction plan) are retained for 90 days after test date, or when the results are given to the client, whichever comes first.
  • Confidential HIV-positive test results – HIV-positive confidential test results (including serology and medical records) must be maintained for 7 years after the patient’s death, if known, or 18 years from the last date of service.
  • Confidential HIV-negative test results – HIV-negative confidential test results (including serology, counseling notes, and risk reduction plan) are maintained 7 years past the last date of service or until the patient’s 21st birthday, whichever comes later.

2.4 Record Destruction

Confidentiality must be maintained when destroying HIV/STD records. State records may be destroyed when:

  1. Its records series is listed on the records retention schedule for your area;
  2. It meets the retention period for that records series; and
  3. The record is not involved in a pending or ongoing lawsuit, claim, negotiation, administrative review, open records request or audit.

Contractors must record the destruction of record copies of state records and have an administrator sign off on the destruction. Confidential records to be destroyed must be shredded. This shredding may take place in your program area by your program or by a third-party provider. Destruction records should be available to DSHS staff upon request or during monitoring visits.

2.5 Training and Supervision Requirements for HIV Testing

2.5.1 New Testing Staff

Contractors must maintain policies and procedures to address training requirements. Written, step-by-step instructions for performing an HIV test (with all testing technologies available at the agency) should be made available to all testing personnel.

Contractors must implement an orientation plan for new staff and annual training requirements for all staff. Staff are expected to maintain and demonstrate a high level of confidentiality regarding client information, and strictly adhere to the policies and procedures of their agencies.

Staff must meet DSHS training requirements.

Training Due
HIV Navigation in Texas (HNT) 12 months from employment date
Gender and Sexual Diversity Training 12 months from employment date
Social Determinants of Health 12 months from employment date
Trauma Informed Care (TIC) 12 months from employment date
Health Equity Training 12 months from employment date
HIPAA Privacy Training for Contractors and Volunteers 6 months from employment date
Foundations of Testing and Navigation (FTN) 3 months from employment date
Hepatitis C (HCV) Training 12 months from employment date
STD 101: What You Need to Know 12 months from employment date
Security and Confidentiality Training Annually during duration of employment

Prior to conducting an HIV testing session on their own, new staff must complete the following:

  1. Complete the DSHS required training outlined above
  2. Observe four (4) testing sessions conducted by an experienced tester
  3. Be observed by a supervisor conducting four (4) testing sessions
  4. Be trained to perform blood draws within three (3) months of employment

2.5.2 Staff Observations

Staff past their probationary period should be observed by a supervisor in accordance with the following schedule:

Length of time staff member has been performing HIV testing HIV Tester must be observed at least
6 months or less Twice a month
7 to 12 months Monthly
1 to 2 years Quarterly
2 years or more Every 6 months

Contractors must maintain documentation of observations and have them available for review.

2.5.3 Chart Reviews

Client files completed by HIV testers should be reviewed by a supervisor in accordance with the following schedule:

Length of time staff member has been performing HIV testing Number of client charts to be reviewed
6 months or less 10 client charts per month
7 to 12 months 5 client charts per month
1 to 2 years 5 client charts per quarter
2 years or more 5 client charts every 6 months

Contractors can opt to conduct quarterly reviews of a random sample of 10 percent of the charts across testing personnel, ensuring a minimum of one chart for each HIV tester, for clients seen during that quarter in lieu of the schedule above.

Contractors must maintain documentation of chart reviews and have them available for review. All client files with a positive HIV test must be reviewed by a supervisor.

List of Helpful Websites and Websites Referenced in Chapter 2

Information on reporting can be found on the Disease Reporting webpage.

Information on reporting rapid HIV test results can be found on the Technical Assistance webpage.

Contact the DSHS HIV/STD Program for records retention schedules and forms.

Records Destruction Disclosure Form and RMD 102-Request for Authority to Dispose of State Records can be found at the Forms and Literature Order Entry and Inquiry System webpage.

Centers for Disease Control and Prevention

Texas Constitution and Statutes

Health and Safety Code

Texas Family Code

Vernon's Texas Code Annotated (HSC §§81.105)