When it comes to good security (and HIPAA compliance), authentication is the lesser-known cousin to encryption. Authentication is best known as passwords. It is much more than just passwords, however, and the HIPAA Security Rule standards hold it up high as a security concept of great importance.
Everyone loves apps these days, and mental health practices are no exception. One thing that remains a conundrum, however, is how to evaluate when a service is appropriate for your HIPAA needs. That’s why we created this handy-dandy guide, all with checklists and evaluation questions for you to employ.
What does HIPAA consider to be “personally identifying information”? Will the deidentification techniques we learned in grad school ethics classes (e.g. using clients’ initials instead of full names) be enough for HIPAA?
Some clinicians who use Android phones for their practices may have suffered a client privacy breach to Facebook Messenger. We explain what happened and what to do about it.
If you’ve considered becoming a full member of Person Centered Tech, there’s never been a better time than now to join! We have just added monthly payment plans, and the Middle Adopter tier of membership is about to close to new members on March 31st. The membership service is finally becoming what we always intended […]
HIPAA requires all practices to create security policies and procedures as part of the compliance process. What does that look like for different practices, and how is it accomplished? Therapy tech expert Roy Huggins, LPC NCC explains.
The world of email is getting better at creating secure and HIPAA-friendly ways to use the communication method. We show you the 3 types of email security so you can make an informed choice.
If your computer touches protected health information at all, you want to make sure it is using full device encryption. Let’s recognize that smartphones and tablets (e.g. iPads and Android tablets) are computers. So when we say “computer,” we mean everything that is computer-like. Full-Device Encryption, or “FDE” FDE can actually stand for […]
You know by now that working with HIPAA’s security standards means taking a risk management approach to the security of your clients’ information. In order to evaluate risks, we first need to examine something that doesn’t sound too pleasant: threats. Threats — or “hazards” when we’re talking about environmental threats — are actors or circumstances […]
Therapists often complain of clients misusing modern communication technology such as texting and email. The client may send overly sensitive information. They may expect instant responses. They may even text their therapist despite the therapist’s explicit statement that they don’t do texting. To use a nerdy metaphor: communication is a multiplayer game. We notice that […]