Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In this episode, we talk about what policies and procedures you need in group practice.

We discuss why this process is confusing; the difference between a HIPAA clause in an employment contract and specific security policies and procedures; why having policies is helpful (and pitfalls when policies aren’t in place); our customizable templates to help you develop HIPAA security policies and procedures for your practice; the importance of practical application; and taking your time with implementation.

PCT Resources

PCT’s Group Practice PCT Way HIPAA Compliance Manual & Materials  — comprehensive customizable HIPAA Security Policies & Procedure and materials templates specifically for mental health group practices. with a detailed step-by-step project plan and guided instructions for adopting & implementing efficiently 

  • Policies & Procedures include:
  • Customizable templates that address each of the HIPAA Security Rule Standards. Ready for plug-and-play real practice application.
  • Computing Devices and Electronic Media Technical Security Policy
  • Bring Your Own Device (BYOD) Policy
  • Communications Security Policy
  • Information Systems Secure Use Policy
  • Risk Management Policy
  • Contingency Planning Policy
  • Device and Document Transport and Storage Policy
  • Device and Document Disposal Policy
  • Security Training and Awareness Policy
  • Passwords and Other Digital Authentication Policy
  • Software and Hardware Selection Policy
  • Security Incident Response and Breach Notification Policy
  • Security Onboarding and Exit Policy
  • Sanction Policy Policy
  • Release of Information Security Policy
  • Remote Access Policy
  • Data Backup Policy
  • Facility/Office Access and Physical Security Policy
  • Facility Network Security Policy
  • Computing Device Acceptable Use Policy
  • Business Associate Policy
  • Access Log Review Policy
  • Forms & Logs include:
  • Workforce Security Policies Agreement
  • Security Incident Report
  • PHI Access Determination
  • Password Policy Compliance
  • BYOD Registration & Termination
  • Data Backup & Confirmation
  • Access Log Review
  • Key & Access Code Issue and Loss
  • Third-Party Service Vendors
  • Building Security Plan
  • Security Schedule
  • Equipment Security Check
  • Computing System Access Granting & Revocation
  • Training Completion
  • Mini Risk Analysis
  • Security Incident Response
  • Security Reminder
  • Practice Equipment Catalog
  • + Workforce Security Manual & Leadership Security Manual — the role-based practical application oriented distillation of the formal Policies & Procedures
  • + 2 complimentary seats of the Security Officer Endorsement Training Program (1 for Security Officer; 1 for Deputy (or future Deputy) Security Officer.


Group Practice Care Premium  for weekly (live & recorded) direct support & consultation service, Group Practice Office Hours

+ assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing documenting personal & practice-provided devices (for *all* team members at no per-person cost)

+  assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing documenting Remote Workspaces(for *all* team members at no per-person cost)

+ more

PCT’s HIPAA Risk Analysis & Risk Mitigation Planning service  for mental health group practices — care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks. Will identify both your ‘in-practice’ risks and your ‘formal compliance’ (what required written P&Ps are implemented) needs, while also documenting all the good things your practice is already doing!


Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss