Zur Institute
HomeSign InContact

HIPAA Security and Privacy in Psychotherapy, Counseling and Mental Health Practices

10 CE Credits/Hours - Online Course - $99.00

Developed by Roy Huggins, LPC NCC

Course fulfills the California and other states' ethics and law requirements. Course may qualify for insurance discount. Check with your insurer.

This course is also offered as part of a HIPAA Compliance/Security & Privacy
Savings Package of 22 CE Credits.

This course includes materials consisting of:

Transcripts are available for ALL videos in pdf format.

Order This Course Now

Video introduction to course by Roy Huggins, LPC NCC & Ofer Zur, Ph.D.

 
General Course Description

This course will explore the ways that security, privacy and technology fit in to the heartful work we do on a day-to-day basis, as well as teach you to understand and get in compliance with the HIPAA security rule and the 2013 updated regulations. We will talk about balancing security standards with client needs and effective therapeutic interventions, while providing the best care we can and being complaint with the HIPAA security rule.

The course is an introductory level program composed of 13 video interviews and an extensive text that covers the topics discussed in those 13 interviews. Very importantly, there is also a resources page that has links to specific information relevant to mental health clinicians looking for deeper details on the concepts we discuss, along with instructions on how to execute the technical measures we recommend in the course. The interviews will cover how security and privacy fit into mental health clinical practice; what our ethical and legal mandates for security and privacy are; how to perform the risk analysis and risk mitigation procedures that HIPAA requires and that give HIPAA security and privacy the flexibility we need; how to balance client needs with legal and ethical mandates; important HIPAA concepts such as security rule standards and HIPAA business associates; and several interviews on how to apply these principles to the actual technology we use in clinical practice.

Educational Objectives

This course will teach psychotherapists to:

1.    Describe what the clinician needs to do to achieve compliance with HIPAA Security and HITECH mandates.

2.    Relate HIPAA-compliant security and privacy principles to the clinician's existing understanding of confidentiality maintenance practices.

3.    Conduct a formal HIPAA risk analysis and implement proper risk management measures.

4.    Assess style of both client and clinician behaviors around security risks.

5.    Describe security standards like encryption and when we need them in clinical practice – legally, ethically and practically.

6.    Relate legal duties of HIPAA covered entities to ethical duties around standard of care for security and privacy in clinical practice.

7.    Evaluate how to best assist the clinician's particular clients in protecting their own privacy in therapy.

8.    Assess popular communications technologies for ethical, clinical and practical appropriateness for general incorporation into the clinician's practice.

9.    Apply a risk management lens to the process of determining the appropriateness of specific technological tools for use with specific clients.

10.    Describe what are "reasonable and appropriate" risk levels in relation to ethical and legal mandates around reducing security risks.

Course Syllabus

How Does "Security and Privacy" Intersect With Professional Mental Health Practice?

  • What role does security and privacy play in therapy and the therapeutic relationship?
  • What are our ethical and legal mandates in terms of security and privacy?
    • What is a "covered entity?"
    • What's happening in HIPAA?
    • How are we motivated to address security and privacy concerns in our practices?

Security and Privacy Concepts for Mental Health Professionals

  • Security Centerpiece: Risk Analysis and a Risk Mitigation Plan
    • What is an example of what a risk analysis document might look like?
    • Should I get "HIPAA Compliant" products and services after my risk analysis?
  • Risk Management Approach to Security and Privacy
    • Don't some clients have different needs from others?
    • What about situations where there isn't a bad guy?
    • So, what does HIPAA consider "reasonable" for levels of risk?

How Do I Secure Communications With My Clients and Balance That Security With Therapeutic Relationship Forming and Maintenance?

  • The Internet: the environment that many of our communications live in
  • Transmission Security needs and challenges
  • Tools for protecting transmissions
    • What, exactly, is encryption?
    • What is authentication?
    • Can policies help with communication security?
  • Picking good Passwords and other behavioral issues

HIPAA Business Associates

  • So who, exactly, qualifies as a HIPAA business associate?

How Do I Apply All Those Communications Security Ideas to the Real World?

  • Email and texting risks and risk mitigation
    • An important note about risks in electronic communications
    • Email risks
    • SMS (texting) risks
    • What can I do about email and texting risks?
  • Internet video chat and voice calling risks and risk mitigation

How Do I Secure My Records and Other Confidential Stuff I Keep On Computers, Tablets, Phones and Disks?

  • Data and device security needs and challenges
  • What happens if your security gets breached?

How Do I Apply All Those Data Storage Security Ideas to the Real World?

  • Computer risks and risk mitigation
  • Tablet, computer and smartphone risks and risk mitigation
  • Backing up your essential data

Online Electronic Health Records and Practice Management Systems

  • I keep hearing about how important EHR systems are. What's that about?

Citations, References and Resources

Order This Course Now

 


© 1997-2016 Zur Institute, Inc. All rights reserved.
Privacy Statement, Disclaimer & Terms of Use.
Site design/maintenance by R&D Web