Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.
In this episode, we talk about what policies and procedures you need in group practice.
We discuss why this process is confusing; the difference between a HIPAA clause in an employment contract and specific security policies and procedures; why having policies is helpful (and pitfalls when policies aren’t in place); our customizable templates to help you develop HIPAA security policies and procedures for your practice; the importance of practical application; and taking your time with implementation.
PCT Resources
PCT’s Group Practice PCT Way HIPAA Compliance Manual & Materials — comprehensive customizable HIPAA Security Policies & Procedure and materials templates specifically for mental health group practices. with a detailed step-by-step project plan and guided instructions for adopting & implementing efficiently
- Policies & Procedures include:
- Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application.
- Computing Devices and Electronic Media Technical Security Policy
- Bring Your Own Device (BYOD) Policy
- Communications Security Policy
- Information Systems Secure Use Policy
- Risk Management Policy
- Contingency Planning Policy
- Device and Document Transport and Storage Policy
- Device and Document Disposal Policy
- Security Training and Awareness Policy
- Passwords and Other Digital Authentication Policy
- Software and Hardware Selection Policy
- Security Incident Response and Breach Notification Policy
- Security Onboarding and Exit Policy
- Sanction Policy Policy
- Release of Information Security Policy
- Remote Access Policy
- Data Backup Policy
- Facility/Office Access and Physical Security Policy
- Facility Network Security Policy
- Computing Device Acceptable Use Policy
- Business Associate Policy
- Access Log Review Policy
- Forms & Logs include:
- Workforce Security Policies Agreement
- Security Incident Report
- PHI Access Determination
- Password Policy Compliance
- BYOD Registration & Termination
- Data Backup & Confirmation
- Access Log Review
- Key & Access Code Issue and Loss
- Third-Party Service Vendors
- Building Security Plan
- Security Schedule
- Equipment Security Check
- Computing System Access Granting & Revocation
- Training Completion
- Mini Risk Analysis
- Security Incident Response
- Security Reminder
- Practice Equipment Catalog
- + Workforce Security Manual & Leadership Security Manual — the role-based practical application oriented distillation of the formal Policies & Procedures
- + 2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.
Group Practice Care Premium for weekly (live & recorded) direct support & consultation service, Group Practice Office Hours
+ assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing documenting personal & practice-provided devices (for *all* team members at no per-person cost)
+ assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing documenting Remote Workspaces(for *all* team members at no per-person cost)
+ more
PCT’s HIPAA Risk Analysis & Risk Mitigation Planning service for mental health group practices — care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks. Will identify both your ‘in-practice’ risks and your ‘formal compliance’ (what required written P&Ps are implemented) needs, while also documenting all the good things your practice is already doing!