Many of us are aware of the ebb and flow of people seeking counseling services. Around the holidays and the beginning of the school year, more calls come in for help. During the summer, things slow down a bit.
Having provided technology consultation to mental health clinicians for seven years now, I’ve noticed some patterns myself. One that stands out is that many counselors in private practice seem to take stock in the business and technology side of their practices as we transition into the new year. I’ve reached this conclusion by looking at the significant rise in the number of emails and phone calls I receive each year at the beginning of January.
With that in mind, I present some of the top business and technology challenges and questions that counselors have been addressing lately. Some of these may not apply to every counselor, whereas others are items we should all be taking care of.
Now is a great time to revisit your compliance with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is not a one-and-done kind of thing. It requires that you periodically review your risk analysis and management plans, as well as your policies and procedures. Assuming that you already have completed at least an initial risk analysis, a review can be done fairly quickly. The following are some primary tasks to cover.
- Review your current risk analysis and remove technology that is no longer used to store or transmit protected health information (PHI).
- Of the items remaining, ensure that the level of risk presented by those technologies hasn’t changed and that your current methods for managing risk are still effective and appropriate.
- Now be sure to add any new technologies that might be missing. It’s always best to add new items to your risk management plan as they are implemented in your practice. Making sure that you cover all bases to catch anything that slipped through the cracks is a prudent measure.
If you’re not sure what all of this risk management and analysis means, check out my blog article on the Tame Your Practice site for additional information (bit.ly/HIPAArisk).
Both HIPAA and the ACA Code of Ethics (see Standard H.2.d) require counselors to use encryption to secure PHI, including communications with clients, whenever it is reasonable. The truth is that, these days, it’s almost always reasonable to use encryption.
Encrypted email is inexpensive to implement, and although it isn’t always quite as user friendly as unencrypted options, sometimes the cost of privacy is a bit of inconvenience. It’s like those extra seconds you take to turn on the sound machine outside your office — it can really make a measurable difference.
Both the ACA Code of Ethics and HIPAA also provide for client autonomy, which means clients can choose for PHI to be transmitted through unsecured means. It is important to note, however, that this requires that clients have been informed of and understand the risks. It is also important to evaluate whether we should really consider risking confidentiality, either out of convenience or for the sake of saving a few dollars a month. Roy Huggins of Person-Centered Tech makes a great case for why it makes sense to follow through with encrypting email and text (bit.ly/encryptornot).
Want to see how easy it is to use encrypted email? I included a demonstration video in the following blog post: bit.ly/emailencrypt.
Social media policy
Now is also a great time to make sure that you’re satisfying the requirements of Standard H.6. of the ACA Code of Ethics pertaining to social media presence and use. If you are utilizing social media (Facebook, Instagram, LinkedIn, Twitter, etc.), the ethics code requires that you:
- Maintain a separate personal and professional presence. This relates to our responsibility to avoid engaging in dual relationships. This means taking actions such as creating a professional Facebook page.
- Incorporate social media into your informed consent. We have a responsibility to inform our clients of the “benefits, limitations and boundaries of the use of social media” (Standard H.6.b.). Depending on how you engage in social media use and marketing, this may vary according to the platform you are using. It is important for clients to understand, for example, the potential benefits and ramifications of them “liking” your professional Facebook page, such as their friends seeing that they liked your page and the kinds of online advertisements that will be displayed to them as a result of liking your page.
- Maintain client confidentiality by not disclosing information about them online. Also respect their online privacy unless they provide consent to view that information. I strongly encourage you to read my September Technology Tutor column on the dangers of online disclosure (ct.counseling.org/2016/08/thinking-discussing-clients-online-think-twice/). It’s not as simple as making sure that you don’t use identifying information.
An excellent way to address this is to develop a social media policy that you can then incorporate as part of the client orientation/informed consent process. Keely Kolmes offers a wonderful template as a starting point (drkkolmes.com/social-media-policy/).
Business and technology evaluation
Even if you have all of the above buttoned up nicely, it’s always a good idea to evaluate your business operations at least once per year. Is what you are doing working? Could it be improved? Can you implement technology, streamline processes or align your efforts to better move toward your goals? This is also a great opportunity to examine the return on investment (bit.ly/ROITYP) on things you’ve already implemented. Are you getting the expected results?
You’ll find plenty of freely available articles at the Tame Your Practice website (tameyourpractice.com) on these topics and more if you need additional details.
Rob Reinhardt, a licensed professional counselor supervisor, is a private practice and business consultant who helps counselors create and maintain efficient, successful private practices. Before becoming a professional counselor, he worked as a software developer and director of information technology. Contact him at email@example.com.
Letters to the editor:firstname.lastname@example.org
Opinions expressed and statements made in articles appearing on CT Online should not be assumed to represent the opinions of the editors or policies of the American Counseling Association.