Episode 331: What Personal Services *Can* Your Staff Use?
Group Practice Tech
English - September 15, 2023 12:00 - 14 minutes - 12 MBTechnology Business therapypractice Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed
Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.
In our latest episode, we dive into the HIPAA Conduit Exception Rule to explore what personal services are okay for group practice staff to use.
We discuss security circles; which services are generally prohibited; the HIPAA Conduit Exception Rule; what qualifies as a HIPAA conduit; email services; phone services; home internet services; VPNs; and mobile hotspots.
Listen here: https://personcenteredtech.com/group/podcast/
For more, visit our website.
PCT ResourcesGroup Practice Care Premium for weekly (live & recorded) direct support & consultation service, Group Practice Office Hours + Step Step 5 (Manual & Materials) Support Forums
assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing documenting Remote Workspaces (for *all* team members at no per-person cost)
assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing documenting personal & practice-provided devices(for *all* team members at no per-person cost)
And more!
PCT's HIPAA Risk Analysis & Risk Mitigation Planning service for mental health group practices -- care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks.
PCT's Group Practice PCT Way HIPAA Compliance Manual & Materials -- comprehensive HIPAA Security Policies & Procedures for the practice as HIPAA covered entity *and/or* Business Associate/MSO. Comprehensively covers the HIPAA P&Ps for contractor clinician structure group practices, employee structure group practices, and practices that are hybrid.
Policies & Procedures include:
Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application.
Computing Devices and Electronic Media Technical Security Policy
Bring Your Own Device (BYOD) Policy
Communications Security Policy
Information Systems Secure Use Policy
Risk Management Policy
Contingency Planning Policy
Device and Document Transport and Storage Policy
Device and Document Disposal Policy
Security Training and Awareness Policy
Passwords and Other Digital Authentication Policy
Software and Hardware Selection Policy
Security Incident Response and Breach Notification Policy
Security Onboarding and Exit Policy
Sanction Policy Policy
Release of Information Security Policy
Remote Access Policy
Data Backup Policy
Facility/Office Access and Physical Security Policy
Facility Network Security Policy
Computing Device Acceptable Use Policy
Business Associate Policy
Access Log Review Policy
Forms & Logs include:
Workforce Security Policies Agreement
Security Incident Report
PHI Access Determination
Password Policy Compliance
BYOD Registration & Termination
Data Backup & Confirmation
Access Log Review
Key & Access Code Issue and Loss
Third-Party Service Vendors
Building Security Plan
Security Schedule
Equipment Security Check
Computing System Access Granting & Revocation
Training Completion
Mini Risk Analysis
Security Incident Response
Security Reminder
Practice Equipment Catalog
Plus:
Workforce Security Manual & Leadership Security Manual -- the role-based practical application oriented distillation of the formal Policies & Procedures (includes the prohibitions on non-HIPAA-acceptable personal services + defines what personal services *are* allowable.)
2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.
PCT's free "mini risk" tool, for needs identification related to what's within and what's outside your practice's Security Circle (including personal service use)