Digital Confidentiality According to Professional Ethics and HIPAA: A Heart-Centered Approach Level I

3 CE Credit Hours. Legal-Ethical. Self-Study Video Seminar.

Presented By: Roy Huggins, LPC NCC

Course Description

PCT Logo

Not just what you have to do, but also what you can do. Meet your clients where they are and be secure.

This course series teaches mental health clinicians to use therapy-affirming approaches to security risk management as required by HIPAA and professional ethics. This Level I course, specifically, will focus on those approaches as they relate to communications technology such as email, texting, and the Internet in general.

We will explore not just the requirements, but also the opportunities for using modern communications tech with clients in ways that protect their confidentiality and your practice but also help you meet clients where they are. We will also learn about the HIPAA Business Associate Rule as it relates to the technology and services that mental health professionals commonly use in practice.

This introductory-level course is a mix of videos (with transcriptions and optional captions), polls, and texts intended to help counselors, marriage and family therapists, clinical social workers, and counseling and clinical psychologists work towards understanding ethical security and HIPAA security in ways that support therapy and protect their practices.

Educational Objectives

  • Determine what the clinician needs to do to achieve compliance with HIPAA Security and HITECH mandates around transmission technology.
  • Describe security standards like encryption and when we need them in clinical practice – legally, ethically and practically.
  • Assess popular communications technologies for ethical, clinical and practical appropriateness for use with clients.


  1. Mental Health Professionals and Confidentiality Risks
    • Mental health professionals already know a lot about security. We’ll explain how.
    • Meeting clients where they are with your security practices.
    • New social norms for communication and how they impact security.
    • Some work on noticing our emotional responses to technical and regulatory issues.
    • The legal and ethical context for security in mental health practice.
  2. Reducing, Accepting, and Collaborating on Risks in Communication with Clients
    • The differences between reducing risks and accepting risks.
    • Technical ways to protect emails and text messages.
    • Working with the idea of accepting risks.
    • Talking to clients about email and texting risks.
    • Working with clients to understand the risks and use unsecured or secured email and texting.
    • A look at the Internet so we can understand it better.
    • HIPAA and exceptions around phone services.
  3. Legal/Regulatory Concerns in Communications with Clients
    • HIPAA covered entity status and what it means when a professional does or doesn’t have it.
    • HIPAA Business Associates and working with them.
    • The conduit exception for Business Associates.
    • Business Associates and email.
    • Business Associates and clients.


  • American Association of Marriage and Family Therapists. (2015). Code of Ethics . Alexandria, VA: Author.
  • American Counseling Association. (2014). ACA Code of Ethics. Alexandria, VA: Author.
  • American Psychological Association. (2010). American Psychological Association Ethical Principles of Psychologists and Code of Conduct . Washington, DC: Author.
  • National Association of Social Workers. (2008). Code of Ethics . Washington, DC: Author.
  • National Board for Certified Counselors. (2012). Code of Ethics . Greensboro, NC: Author.
  • US Dept. of Health and Human Services. (2006). HIPAA Administrative Simplification . Washington, DC: Author.
  • US Dept. of Health and Human Services. (2013). HIPAA Omnibus Final Rule . Washington, DC: Author.
3 CE Credit Hours.

Presented/Developed By

Roy Huggins, LPC NCCRoy Huggins, LPC NCC, is a counselor in private practice who also directs Person-Centered Tech. Roy worked as a professional Web developer for 7 years before changing paths, and makes it his mission to grow clinicians’ understanding of the Internet and other electronic communications mediums for the future of our practices and our professions.

Roy is an adjunct instructor at the Portland State University Counseling program where he teaches Ethics, and is a member of the Zur Institute advisory board. He has acted as a subject matter expert on HIPAA, security and clinical use of technology for Counseling licensure boards and both state and national mental health professional organizations. He has co-authored or authored 2 book chapters, and he routinely consults with mental health colleagues on ethical and practical issues surrounding tech in clinical practice. He served for 5 years on the board of the Oregon Mental Health Counselors Association and then the Oregon Counseling Association as the Technology Committee Chair.

He really likes this stuff.

Program Notices

Accuracy, Utility, and Risks Statement: The contents of this program are based primarily on publications from the federal Department of Health and Human Services, and on the ethics codes of these professional organizations: AAMFT, ACA, APA, NASW, NBCC. Contents are also guided by statements from leadership in those organizations. Some interpretation and analysis presented is made by the presenter, in consultation with knowledgeable colleagues and expert consultants. Statements about applications to technology are according to presenter’s understanding of the technology at the time of the program. The presenter may not know how to apply all principles discussed to every technology type or product. This program discusses strategies for complying with HIPAA and covered ethics codes, and for improving security. It may not include information on all applicable state laws. Misapplication of the materials, or errors in the materials, could result in security problems, data breaches, or non-compliance with applicable laws or ethics codes.

Conflicts of Interest: None.

Commercial Support: None.

This course is subject to our cancellation/refund policy and complaint policy.

3 CE Credit Hours.
PCT Logo

3 CE Credit Hours. Legal-Ethical. Self-Study Video Seminar.


You are not currently logged in to this site. Need to log in? Click here→


Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss