Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In our latest episode, we’re hoping to lower the level of distress around the proposed HIPAA Security Rule changes for therapy practice owners. 

We discuss:

• What the some of the proposed changes to the Security Rule are, including penetration testing
• The timeframe for these changes if they are implemented, and the likelihood they actually will be implemented
• The rationale behind the proposed changes, and why they’re necessary in our current threat landscape
• How following the PCT Way can minimize the changes you need to make as HIPAA regulations evolve
• Centering client care and safeguarding client info as a motivating factor, rather than fear

Listen here: https://personcenteredtech.com/group/podcast/

For more, visit our website.

Resources

• JD Supra article summarizing proposed HIPAA Security Rule Changes and context: New Year, New HIPAA Security Rule: OCR Adds to Health Care Entities’ New Year’s Resolutions
• HHS Fact Sheet on proposed changes: HIPAA Security Rule Notice of Proposed Rulemaking to Strengthen Cybersecurity for Electronic Protected Health Information
• Full text of the Notice of Proposed Rulemaking (NPRM) in the Federal Register: HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information
• Comments on the NPRM (Note, you can also search the public comments by keyword; ability make comments closed on 3/7/25)

PCT Resources

• PCT's Comprehensive HIPAA Security Compliance Program (discounted) bundles:
  • For Group Practices
• For Solo Practitioners
• PCT's HIPAA Risk Analysis & Risk Mitigation Planning service for mental health  practices -- care for your practice using our supportive, shame-free risk analysis and mitigation planning service. You’ll have your Risk Analysis done within 2 hours, performed by a PCT consultant, using a tool built specifically for mental health group practice, and a mitigation checklist to help you reduce your risks.
• Group Practice Care Premium
• weekly (live & recorded) direct support & consultation service, Group Practice Office Hours -- including monthly session with therapist attorney Eric Ström, JD PhD LMHC
• + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost)
• + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more