{"id":826,"date":"2018-07-13T01:54:26","date_gmt":"2018-07-13T01:54:26","guid":{"rendered":"https:\/\/leantowardsjoy.com\/entrepreneurs\/?p=826"},"modified":"2021-10-24T02:04:51","modified_gmt":"2021-10-24T02:04:51","slug":"7-tools-to-stay-hipaa-compliant","status":"publish","type":"post","link":"https:\/\/leantowardsjoy.com\/entrepreneurs\/7-tools-to-stay-hipaa-compliant\/","title":{"rendered":"7 Tools to Stay HIPAA Compliant"},"content":{"rendered":"

Many therapists are exposed to HIPAA while interning or earning their licensure hours through an agency. Agencies have the ability to hire expensive attorneys to draft their privacy notices and create HIPAA compliant policies and procedures. Unfortunately, however, most therapists shifting to private practice do not have the same resources available to them. Becoming fully HIPAA compliant becomes something most aspire to but are not able to fully actualize among the other moving parts of opening and running a private practice.<\/span><\/p>\n

<\/div><\/div>\n

I’m excited to announce this blog post was featured on Zencare.co!<\/span><\/h2>\n

\"\"<\/p>\n

 <\/p>\n

See it featured here<\/a>!
\nLearn more about Zencare at the bottom of this post. <\/em><\/p>\n

<\/div><\/div>\n

HIPAA compliance is intimidating, and becomes  a giant elephant in the room that no one wants to talk about. However, if one approaches HIPAA compliance as another aspect of patient care rather than an unattainable standard, it may feel less like a burden and more of an extension of work with clients.<\/span><\/p>\n

Imagine logging on to Facebook to find your clients being suggested to you as \u201cfriends\u201d or having your laptop stolen and losing all of your client notes and information. These two examples are equally frightening to some and all too common to many. Becoming HIPAA compliant not only prevents circumstances like these from happening, it prevents you from going into panic mode the next time you accidentally send a client email from your personal email account. <\/span><\/p>\n

The <\/span>HIPAA guide<\/span><\/a> I created helps bring the practical applications of HIPAA compliance to your practice, in order to simplify administrative items so you can focus on your work with clients. The guide outlines over 30 different HIPAA compliance solutions and pricing options. The following tools are a sample of these solutions to get you on the path of HIPAA compliance.<\/span><\/p>\n

 <\/p>\n

7 Tools to Stay HIPAA Compliant<\/b><\/span><\/h2>\n

 <\/p>\n

1. BA Agreements<\/b><\/p>\n

Sign a Business Associate Agreement (BAA) with every third-party that handles your protected health information. This includes providers of email, document storage, video chat, and payment processing. The BAA assures you that the third-party is HIPAA compliant. You can try Google searching \u201cBusiness Associate Agreement\u201d along with the name of your service provider, or email the third party with questions. If your third-party is not willing to sign a BAA, then you are not HIPAA compliant and it\u2019s time to find a new provider.<\/span><\/p>\n

2. Hard-drive Encryption<\/b><\/p>\n

Make sure your laptop and any hard-drives you use have full disk encryption. Any newer operating system will allow you to enable encryption without too much hassle. You do not need an engineering degree to achieve this! The company\u2019s website will tell you how to enable encryption.<\/span><\/p>\n

3. Secure Your WiFi<\/b><\/p>\n

Securing your WiFi enables data to transfer between devices while remaining encrypted. The easiest way to do this is to start using WiFi Protected Access-2 (WPA2) on your router. Most new routers will give you this option during your WiFi Network setup.<\/span><\/p>\n

4. Remote Backup<\/b><\/p>\n

Start backing up your documents in the proverbial cloud. This tool helps prevent data loss should the hardware break down. Cloud storage varies for different companies both in price and space (see a <\/span>full comparison here<\/span><\/a>). Make sure they will sign a BAA with you to be fully HIPAA compliant..<\/span><\/p>\n

5. Email<\/b><\/p>\n

Email encryption for healthcare providers gets a little fuzzy. The latest iteration of HIPAA in 2013 has been interpreted by some as indicating emails do not need to be encrypted as long as the provider explains the security risks involved and the client opts to receive emails anyway. However, using encryption is good practice and could protect you and your clients from a breach. You may wish to stop using Gmail and switch to G-Suite or another provider that is willing to provide a BAA for their encrypted email service (see a breakdown of encrypted email providers <\/span>here<\/span><\/a>). <\/span><\/p>\n

 <\/p>\n

For a list of pricing and other email services providing encryption, download my <\/span><\/i>HIPAA Guide<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

 <\/p>\n

6. Credit Card Payments<\/b><\/p>\n

If you accept credit card payments using a processing companies such as Square, make sure that you have a BAA in place. Note that Square\u2019s payment processing is HIPAA compliant and they will sign a BAA; however, their option for automated text messaging your clients\u2019 receipts is not. Despite the convenience, you may wish to not use that option in order to remain HIPAA compliant.<\/span><\/p>\n

7. Video Therapy <\/b><\/p>\n

Video therapy is becoming increasingly common due to its ease of use and commuter time. Several companies provide free or low-cost video conferencing options, such as doxy.me and vsee.com. Note that the two major video service providers, Skype and FaceTime, are not HIPAA compliant. Although these companies use some of the correct technical safeguards, both Microsoft and Apple will not sign a BAA for their services and therefore it is not HIPAA compliant to use either one for remote therapy sessions.<\/span><\/p>\n

 <\/p>\n

3 Steps You Can Take Today<\/b><\/span><\/h3>\n

 <\/p>\n

1. Strict Password<\/b><\/p>\n

Secure your mobile device with a password to prevent unauthorized access and hide message previews from appearing on your phone\u2019s lock screen.<\/p>\n

2. Remote Wipe<\/b><\/span><\/span><\/p>\n

After backing up your data, enable the remote wipe function on all your devices in case they are lost or stolen. Consider getting a separate mobile device for professional use, as some apps installed on your personal phone may not be compliant.<\/span><\/span><\/p>\n

3. Breathe!<\/b><\/span><\/p>\n

Breathe! You are not alone if you realized you are not fully HIPAA compliant.Start where you are, and begin to make a shift. <\/span><\/p>\n

 <\/p>\n

 <\/p>\n

<\/h3>\n
<\/div><\/div>\n

More About Zencare:<\/span><\/h3>\n

Zencare is the simplest way to find your ideal therapist.<\/strong><\/p>\n

Browse therapist videos and book a free phone call to find a great fit!<\/p>\n

We’re on a mission to improve the therapist search process. There are numerous barriers to finding a great therapist: lack of quality assurance, outdated information, uncertainty of personality fit, and phone tag.<\/p>\n

Zencare removes the guesswork to ensure you have a personalized, smooth, and comforting experience. All clinicians are vetted<\/a> by our team so you receive the highest quality care. We’re currently in Rhode Island and Massachusetts, and expanding to New York and Connecticut.<\/p>\n

Are you a therapist? Learn more here<\/a>.<\/p>\n

<\/div><\/div>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Many therapists are exposed to HIPAA while interning or earning their licensure hours through an agency. Agencies have the ability to hire expensive attorneys to draft their privacy notices and create HIPAA compliant policies and procedures. Unfortunately, however, most therapists shifting to private practice do not have the same resources available to them. Becoming fully […]<\/p>\n","protected":false},"author":2,"featured_media":979,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","footnotes":""},"categories":[9],"tags":[],"class_list":["post-826","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-entrepreneur-content"],"_links":{"self":[{"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/posts\/826","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/comments?post=826"}],"version-history":[{"count":2,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/posts\/826\/revisions"}],"predecessor-version":[{"id":980,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/posts\/826\/revisions\/980"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/media\/979"}],"wp:attachment":[{"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/media?parent=826"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/categories?post=826"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/leantowardsjoy.com\/entrepreneurs\/wp-json\/wp\/v2\/tags?post=826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

These tools are just the tip of the iceberg when it comes to the daily tasks of a therapist. To learn more about HIPAA and how it relates to your practice check out my <\/span>HIPAA Guide<\/span><\/a>.<\/span><\/p>\n