Book a call

Are You HIPAA Compliant

Jan 28, 2020

Hi, this is David Kats for Therapist Consultants, and I have a tip for you.

Everybody has to be HIPAA compliant. When I give seminars, sometimes I'm amazed and sometimes terrified at how many therapists don't have good HIPAA compliance. I want to talk to you about four forms that are very basic that'll help you gain HIPAA compliance. Now they won't assure HIPAA compliance, but they'll help you gain HIPAA compliance.
The first one is the use of a single-page form, and that is the acknowledgement of receipt of privacy practices. That's the first form you hand them when they walk in the door, they fill out that HIPAA form, and I'm sure that most all of you are doing that, but if there's somebody listening to this is not having them fill out a HIPAA form on the first day, you are absolutely not HIPAA compliant so you've got to do it immediately.
Now when they filled out that first form, the acknowledgement of receipt of privacy practices, it says that they acknowledge that you gave them your privacy practices. The second form, it may be a single page, but it's probably four or five pages, talk about your privacy policies. You have to offer that to them. Now they don't have to take it, but you have to offer it to them. You can have it in a laminated in a three-ring notebook. You can have forms on a folder holder on the wall. You can offer them one day when they walk in the door, but you have to offer them this privacy policies. That's form number 2. Form number 1, acknowledgement of receipt of privacy policy. Form number 2, the actual privacy policy.
Form number 3 is now about five or six pages long. It's a business associate agreement. Any business you have that associates with you, that has the opportunity to see any of your patients' information, has to sign a business associate agreement. Now there are few exceptions. I'll give you those a little later. If you have somebody working on your computer, and they may see your patient data, then you have to have them sign a business associate form. If you have somebody on that does commercial mailing for you on a mailing list, they see all the patients' names, they have to sign it. People that work on your website may see certain things and they have to sign it. You have to have all your people that are businesses, that could see your patient information, they have to sign a business associate form. It's about four or five pages long. Just have them sign it and put it in the back of your HIPAA manual, which leads me to the fourth form.
The fourth form may be a hundred pages long. It's your HIPAA manual. You have to have a HIPAA manual and it has to be up to date. I don't know where you're going to get your HIPAA manual from the others. You can get it off the Internet. Of course, if you're on a privacy practices, go to anybody on the Internet because by law, by HIPAA law, you're supposed to have your privacy practices listed on your website. Down at the bottom, usually in the footer, it'll say Privacy Policy, and you can click on those and you can see other people's privacy policy, and you can use anyone of theirs that you want to and just customize it for yourself.
The fourth thing you have to have, like we said, is the HIPAA manual. Now the other forms are easy to find. The HIPAA manual might be a little harder to find. You might have to buy a template or something like that if you're not a client of ours. If you're a client of ours, you have the template on the website and you can just run it off and personalize it. If you use those three forms, acknowledgement of receipt of privacy practices, the privacy policy, the business associate agreement, and you get yourself a HIPAA manual, and you fill in that HIPAA manual and keep it up to date, you'll be going a long ways toward being HIPAA compliant.

Thanks for listening.

Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.