A FREE On Demand, Self Study HIPAA CE Course for Group Practice Leaders 

Trainings with Person Centered Tech are special:

  • Learning exercises to help you retain your learning
  • Taught by industry professionals so you get the most up-to-date information
  • Professionally recorded and edited for a quality experience
  • Crafted with adult learning principles to keep you engaged and regulated while learning

Free On Demand, Self Study Presentation — 1 Legal-Ethical CE Credit Hour on Risk Management for Group Practices

Introduction to HIPAA Security for Group Practice Leaders

All clinicians need to work within HIPAA, but how is a group of clinicians expected to work within it? HIPAA compliance is both an individual concern and an organizational one, so it doesn’t work to leave HIPAA security considerations up to each clinician.

Join Roy Huggins, LPC NCC and Liath Dalton as they provide a roadmap for HIPAA Security compliance and adherence to professional ethical standards within your organizations.

1 legal-ethical CE credit hours

On-Demand Self Study

CE Credit Hours

How is a group of clinicians expected to work within HIPAA?

Fortunately, the process of compliance with HIPAA, and that of maintaining professional ethics around privacy and security, can be broken down into simple steps. In this brief course, we will provide a high-level overview of:

  • What HIPAA expects mental health organizations to do for client privacy and security
  • How legal-ethical considerations for individual mental health clinicians “bubble up” to the organizational level
  • Aspects of HIPAA compliance and ethical behavior that arise for organizations of mental health clinicians, but don’t in solo practices. 
  • Providing a secure and legal-ethical practice environment which meets the needs of both modern clients and modern clinicians.
  • HIPAA compliance boundaries in groups with employee clinicians vs groups with contractor clinicians.

Who is this training for?

This introductory-level course for counselors, marriage and family therapists, psychologists, and clinical social workers, who hold leadership roles in mental health group practices or agencies, will provide a roadmap for HIPAA Security compliance and adherence to professional ethical standards within their organizations. This course is suitable for practices which consist of 100% in-person, 100% telehealth, or a mixture of in-person and telehealth treatment.

green check mark  In-person Practices

green check mark  Hybrid Practices

green check mark  Teletherapy Only Practices

introduction to hipaa security for group
icon of computer monitor

Policies and Procedures

Identify what forms of HIPAA security policies and procedures are necessary for a group practice’s compliance

icon of a home office

Change Management

Choose an employment structure that supports HIPAA security compliance

icon of a question mark

Improve Client Care and Reduce Risk of Liability

Design a training program that can improve client care and reduce risk of liability

Practical Real-World Considerations

HIPAA doesn’t exist in a vacuum. We’ll approach a variety of real-world examples so you can feel confident applying concepts in your practice.

My team members just finished one of the HIPAA training courses assigned to them and two of the three told me, without prompting, how much they enjoyed the training. They both said something about how previous HIPAA trainings were boring and they didn’t get much out of them. They said they learned a lot from these. One SLP said that it really made her think things through. She then asked me about how she is doing her passwords and was asking about some different ways to write patient evaluations to make sure she was mindful of HIPAA practices.

Jessica Hudson, M.A., CCC-SLP

Course Details

This introductory-level course for group practice leadership and security officers will explore HIPAA compliance in group practice context that supports practice needs, compliance requirements and client care within group practice contexts.

Title: Introduction to HIPAA Security for Group Practice Leaders

Authors/Presenters: Roy Huggins, LPC NCC; Liath Dalton
CE Length: 1 CE hour
Legal-Ethical CE Hours: 1 legal-ethical CE hour 

Educational Objectives:

  • Identify what forms of HIPAA Security policies and procedures are necessary for a group practice’s compliance
  • Choose an employment structure that supports HIPAA Security compliance
  • Identify a training program that can improve client care and reduce risk of liability


  • HIPAA Security Compliance Process Overview
    • 3-step model of compliance
      • Risk analysis
      • Risk management and mitigation planning
      • Security policies and procedures
  • Compliance for Group Practices
    • How risk differs in a group vs. a solo practice
      • Risk “surface area”
      • “Bring your own device” and HIPAA compliance
    • Security policy and procedure needs in a group vs. a solo practice
      • HIPAA Security standards for workforce training and management
  • Impact of Employment Law on HIPAA Compliance Strategies
    • The eternal question: employees or contractors
    • Can the practice enforce its HIPAA Security policies and procedures?

Meet Our Presenters

Presented by Roy Huggins LPC, NCC with Liath Dalton 

Roy Huggins, LPC NCC, is a counselor in private practice who also directs Person-Centered Tech. Roy worked as a professional Web developer for 7 years before changing paths and makes it his mission to grow clinicians’ understanding of the Internet and other electronic communications mediums for the future of our practices and our professions.

Roy is an adjunct instructor at the Portland State University Counseling program where he teaches Ethics and is a member of the Zur Institute advisory board. He has acted as a subject matter expert on HIPAA, security, and clinical use of technology for Counseling licensure boards, and both state and national mental health professional organizations. He has co-authored or authored 2 book chapters, and he routinely consults with mental health colleagues on ethical and practical issues surrounding tech in clinical practice. He served for 5 years on the board of the Oregon Mental Health Counselors Association and then the Oregon Counseling Association as the Technology Committee Chair.

He really likes this stuff.

Liath Dalton is PCT’s deputy director and a co-owner. Liath is especially passionate about helping therapists be resourced and supported in navigating the security compliance process and identifying the solutions and processes that meet the particular needs of their practices. Liath’s consultation area of expertise is focused on selecting the right combination of services and tech that not only meet the legal-ethical needs of mental health practices, but also the functionality, efficiency, and cost-effectiveness needs as well.

Additional Information


  • American Counseling Association. (2014). Code of Ethics . Alexandria, VA: Author.
  • American Psychological Association. (2010). American Psychological Association Ethical Principles of Psychologists and Code of Conduct . Washington, DC: Author.
  • National Association of Social Workers. (2017). Code of Ethics . Washington, DC: Author.
  • National Board for Certified Counselors. (2016). Code of Ethics . Greensboro, NC: Author.
  • US Dept. of Health and Human Services. (2006). HIPAA Administrative Simplification . Washington, DC: Author.
  • US Dept. of Health and Human Services. (2013). HIPAA Omnibus Final Rule . Washington, DC: Author.


Accuracy, Utility, and Risks Statement: The contents of this program are based primarily on publications and reports from the federal Department of Health and Human Services and consultation with experts on HIPAA Security standards and their implementation. Some interpretation and analysis presented is made by the presenter, in consultation with knowledgeable colleagues and expert consultants. Statements about applications to technology are according to presenter’s understanding of the technology at the time of the program. The presenter may not know how to apply all principles discussed to every technology type or product. This program discusses strategies for complying with HIPAA and covered ethics codes, and for improving security. It may not include information on all applicable state laws. Misapplication of the materials, or errors in the materials, could result in security problems, data breaches, or non-compliance with applicable laws or ethics codes.


Conflicts of Interest: None noted


Commercial Support: None



Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss