Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In our latest episode, we explain why clients cannot waive the need for HIPAA compliance.

We discuss misconceptions that stem from non-enforcement for parts of the HIPAA Security Rule during the federal Public Health Emergency; who needs a BAA; the protections BAAs provide for the HIPAA Covered Entity; client’s rights to request non-secure communications; client’s rights to access their health information; and why clients cannot waive the Business Associate Agreement requirement.

PCT Resources

PCT article:  What’s a HIPAA Business Associate?

PCT article:  Clients Have the Right to Receive Unencrypted Emails (and Texts) Under HIPAA

PCT’s  Sample Request for Non-Secure Communications Form

PCT’s  Group Practice Service Selection Workbook & Worksheets  (free!! Step 1 of the PCT Way)

  • support for selecting HIPAA-secure, effective, and economical services to meet your practice’s functionality needs

PCT’s  Group Practice Care Premium  service with direct support & consultation service, Group Practice Office Hours, for group practice leaders, plus:

  • assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members

  • access to Remote Workspace Center with step-by-step tutorials & registration forms for securing documenting Remote Workspaces

  • assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing documenting personal & practice-provided devices

Learn more about the topics discussed in this article:

9 CE Credit Hours


3 CE Credit Hours



Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss