Session 25: 1) I am curious about what the security incident and breach notification process looks like for a non-HIPAA entity. 2) Can you please clarify what should go on the list of Third Party Vendors besides the obvious accounts that handle our client PHI? 3) What is your definition of “secure email” and “secure […]
Session 25: Group Practice Office Hours (March 12th, 2021)
app downloadsAvailityBAAbackup calendarsbusiness accountsclient portalsclients on waitlistcreate separate user accounts for workdeleting PHIerase or transfer PHIGSuite accounthandle PHIHIPAA compliance and securityHIPAA covered entityHIPAA Security and Compliance Programin-network and out-of-networkkeeping informationMicrosoft Office 365 Enterpriseniche practicenon-HIPAA secure email accountPauboxPCT BYOD protocolPHI breachPHI on personal computerphone service with searchable database for phone calls/texts/faxes/etc.Phone.comportal to access messagereassigning same extension to incoming therapistrecommend turning on VPNRequest for Nonsecure Communication formRingRXsecure emailsecure home internet networksecure office internet networksecure text messagingsecurity officer/deputy security officerstructuring an intake form for mental and physical healthsync EHR calendarthird-party vendorswaitlistingWorkforce ManagementXfininty hotspotsXfinity routers