Using Encryption

If your computer touches protected health information at all, you want to make sure it is using full device encryption. Let’s recognize that smartphones and tablets (e.g. iPads and Android tablets) are computers. So when we say “computer,” we mean everything that is computer-like.   Full-Device Encryption, or “FDE”   FDE can actually stand for […]

Threats, Hazards, and Your Devices

You know by now that working with HIPAA’s security standards means taking a risk management approach to the security of your clients’ information. In order to evaluate risks, we first need to examine something that doesn’t sound too pleasant: threats. Threats — or “hazards” when we’re talking about environmental threats — are actors or circumstances […]

Using Communications Policies

Therapists often complain of clients misusing modern communication technology such as texting and email. The client may send overly sensitive information. They may expect instant responses. They may even text their therapist despite the therapist’s explicit statement that they don’t do texting. To use a nerdy metaphor: communication is a multiplayer game. We notice that […]

Security and Privacy in Ethics Codes vs. HIPAA

It can be easy to fall into a trap of thinking about digital security concerns as “the HIPAA stuff.” In fact, our professional ethics require us to address digital security just as much as any state or federal law. The difference is that HIPAA provides extensive standards for accomplishing digital security. Professional associations have, thus […]