Group Practice Tech artwork

Episode 343: Breach Reporting, What You Need to Know and Do if Your Practice Had a Breach in 2023

Group Practice Tech

English - December 22, 2023 13:00 - 27 minutes - 21.9 MB
Technology Business therapypractice Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 342: Getting Your GFEs into Gear for 2024
Next Episode: Episode 344: [A Year in Review] The Big Stories of 2023

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In our latest episode, we explain steps to take if your therapy practice had a HIPAA breach this year. 

We discuss normalizing breaches emotionally; what constitutes a breach; the breach reporting timeframe; what the breach reporting process consists of; what to expect in terms of a response for a breach report; things regulators love to see in a breach report; the importance of preventing a breach from reoccurring; and resources we have available to support you during breach reporting.

Listen here: https://personcenteredtech.com/group/podcast/

For more, visit our website.

PCT Resources

OCR Breach Report Questions -- know the contents of what is asked/what you need to provide *before* starting the breach report in the OCR's online portal for breach reporting

 

CE course: HIPAA Security Incidents & Breaches: Investigation, Documentation, And Reporting (1.5 legal-ethical CE credit hours)

 

Group Practice Care Premium for weekly (live & recorded) direct support & consultation, Group Practice Office Hours, with the PCT team + Eric Ström, JD PhD LMHC (monthly)

 

PCT's Group Practice PCT Way HIPAA Compliance Manual & Materials -- comprehensive customizable HIPAA Security Policies & Procedure and materials templates specifically for mental health group practices. with a detailed step-by-step project plan and guided instructions for adopting & implementing efficiently       

Policies & Procedures include: 

Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application.

Computing Devices and Electronic Media Technical Security Policy

Bring Your Own Device (BYOD) Policy

Communications Security Policy

Information Systems Secure Use Policy

Risk Management Policy

Contingency Planning Policy

Device and Document Transport and Storage Policy

Device and Document Disposal Policy

Security Training and Awareness Policy

Passwords and Other Digital Authentication Policy

Software and Hardware Selection Policy

**Security Incident Response and Breach Notification Policy**

Security Onboarding and Exit Policy

Sanction Policy Policy

Release of Information Security Policy

Remote Access Policy

Data Backup Policy

Facility/Office Access and Physical Security Policy

Facility Network Security Policy

Computing Device Acceptable Use Policy

Business Associate Policy

Access Log Review Policy

Forms & Logs include:

Workforce Security Policies Agreement

**Security Incident Report**

PHI Access Determination

Password Policy Compliance

BYOD Registration & Termination

Data Backup & Confirmation

Access Log Review

Key & Access Code Issue and Loss

Third-Party Service Vendors

Building Security Plan

Security Schedule

Equipment Security Check

Computing System Access Granting & Revocation

Training Completion

Mini Risk Analysis

**Security Incident Response**

Security Reminder

Practice Equipment Catalog

+ Workforce Security Manual & Leadership Security Manual -- the role-based practical application oriented distillation of the formal Policies & Procedures

+ 2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.