Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In this episode, we’re talking about Bring Your Own Device policies for group practices.

We discuss pros and cons of BYOD for group practice; allowing team members to use their preferred operating system to increase efficiency and reduce errors; standards for device security; endpoint management software; personal smartphone use; BYOD in the context of client care; device security training as a staff benefit; and Group Practice Care, which includes our system for easily managing personal device security and documentation.

PCT Resources

  • Group Practice Care Premium  for weekly (live & recorded) direct support & consultation service with PCT consulting team + monthly session co-facilitated by Eric Ström, JD PhD LMHC
  • + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing documenting personal & practice-provided devices(for *all* team members at no per-person cost) + more
  • + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing documenting Remote Workspaces (for *all* team members at no per-person cost)
  •  PCT’s Computer & Smartphone HIPAA Security Checklist for Therapists   

  • PCT’s HIPAA Risk Analysis & Risk Mitigation Planning  service for mental health group practices — care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks.

  • PCT’s Group Practice PCT Way HIPAA Compliance Manual & Materials  — comprehensive HIPAA Security Policies & Procedures for the practice as HIPAA covered entity *and/or* Business Associate/MSO. Comprehensively covers the HIPAA P&Ps for contractor clinician structure group practices, employee structure group practices, and practices that are hybrid.   

    Policies & Procedures include:

    • Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application.

    • Computing Devices and Electronic Media Technical Security Policy

    • Bring Your Own Device (BYOD) Policy

    • Communications Security Policy

    • Information Systems Secure Use Policy

    • Risk Management Policy

    • Contingency Planning Policy

    • Device and Document Transport and Storage Policy

    • Device and Document Disposal Policy

    • Security Training and Awareness Policy

    • Passwords and Other Digital Authentication Policy

    • Software and Hardware Selection Policy

    • Security Incident Response and Breach Notification Policy

    • Security Onboarding and Exit Policy

    • Sanction Policy Policy

    • Release of Information Security Policy

    • Remote Access Policy

    • Data Backup Policy

    • Facility/Office Access and Physical Security Policy

    • Facility Network Security Policy

    • Computing Device Acceptable Use Policy

    • Business Associate Policy

    • Access Log Review Policy

    Forms & Logs include:

    • Workforce Security Policies Agreement

    • Security Incident Report

    • PHI Access Determination

    • Password Policy Compliance

    • BYOD Registration & Termination

    • Data Backup & Confirmation

    • Access Log Review

    • Key & Access Code Issue and Loss

    • Third-Party Service Vendors

    • Building Security Plan

    • Security Schedule

    • Equipment Security Check

    • Computing System Access Granting & Revocation

    • Training Completion

    • Mini Risk Analysis

    • Security Incident Response

    • Security Reminder

    • Practice Equipment Catalog


    • Workforce Security Manual & Leadership Security Manual — the role-based practical application oriented distillation of the formal Policies & Procedures (includes the prohibitions on non-HIPAA-acceptable personal services + defines what personal services *are* allowable.)

    • 2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.

    PCT’s free “mini risk” tool, for needs identification related to what’s within and what’s outside your practice’s Security Circle (including personal device use)




Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss