Sign In

CSS Submit Button Rollover



HIPAA Security and Privacy in
Psychotherapy, Counseling and Mental Health Practices

10 CE Credits/Hours - Online Course - $99.00

Developed by Roy Huggins, LPC NCC

Course fulfills the California and other states' ethics and law requirements.
Course may qualify for insurance discount. Check with your insurer.

CE Credits for Psychologists. CE Credits (CEUs) for LMFTs, Social Workers, Counselors and Nurses.
CE Approvals by BBS-CA, ASWB, NBCC, NAADAC, CA-BRN & more.
Zur Institute is approved by the American Psychological Association to sponsor continuing education for psychologists. Zur Institute maintains responsibility for this program and its content.

This course is also offered as part of a HIPAA Compliance/Security & Privacy
Savings Package of 21 CE Credits.

Save time & money with our Online Packages.

Simply follow these steps:

1. Sign up securely online.
2. Read/watch the articles & videos.

3. Submit evaluation & post-test.
4. Print your certificate.


To order this Course now
Order Course now, click here



HIPAA Security & Privacy This course will explore the ways that security, privacy and technology fit in to the heartful work we do on a day-to-day basis, as well as teach you to understand and get in compliance with the HIPAA security rule and the 2013 updated regulations. We will talk about balancing security standards with client needs and effective therapeutic interventions, while providing the best care we can and being complaint with the HIPAA security rule.

The course is an introductory level program composed of 13 video interviews and an extensive text that covers the topics discussed in those 13 interviews. Very importantly, there is also a resources page that has links to specific information relevant to mental health clinicians looking for deeper details on the concepts we discuss, along with instructions on how to execute the technical measures we recommend in the course. The interviews will cover how security and privacy fit into mental health clinical practice; what our ethical and legal mandates for security and privacy are; how to perform the risk analysis and risk mitigation procedures that HIPAA requires and that give HIPAA security and privacy the flexibility we need; how to balance client needs with legal and ethical mandates; important HIPAA concepts such as security rule standards and HIPAA business associates; and several interviews on how to apply these principles to the actual technology we use in clinical practice.

Educational Objectives:

    This course will teach the participant to
  • Describe what the clinician needs to do to achieve compliance with HIPAA Security and HITECH mandates.
  • Relate HIPAA-compliant security and privacy principles to the clinician's existing understanding of confidentiality maintenance practices.
  • Conduct a formal HIPAA risk analysis and implement proper risk management measures.
  • Assess style of both client and clinician behaviors around security risks.
  • Describe security standards like encryption and when we need them in clinical practice – legally, ethically and practically.
  • Relate legal duties of HIPAA covered entities to ethical duties around standard of care for security and privacy in clinical practice.
  • Evaluate how to best assist the clinician's particular clients in protecting their own privacy in therapy.
  • Assess popular communications technologies for ethical, clinical and practical appropriateness for general incorporation into the clinician's practice.
  • Apply a risk management lens to the process of determining the appropriateness of specific technological tools for use with specific clients.
  • Describe what are "reasonable and appropriate" risk levels in relation to ethical and legal mandates around reducing security risks.

Course Syllabus:

  • How Does "Security and Privacy" Intersect With Professional Mental Health Practice?
    • What role does security and privacy play in therapy and the therapeutic relationship?
    • What are our ethical and legal mandates in terms of security and privacy?
      • What is a "covered entity?"
      • What's happening in HIPAA?
      • How are we motivated to address security and privacy concerns in our practices?
  • Security and Privacy Concepts for Mental Health Professionals
    • Security Centerpiece: Risk Analysis and a Risk Mitigation Plan
      • What is an example of what a risk analysis document might look like?
      • Should I get "HIPAA Compliant" products and services after my risk analysis?
    • Risk Management Approach to Security and Privacy
      • Don't some clients have different needs from others?
      • What about situations where there isn't a bad guy?
      • So, what does HIPAA consider "reasonable" for levels of risk?
  • How Do I Secure Communications With My Clients and Balance That Security With Therapeutic Relationship Forming and Maintenance?
    • The Internet: the environment that many of our communications live in
    • Transmission Security needs and challenges
    • Tools for protecting transmissions
      • What, exactly, is encryption?
      • What is authentication?
      • Can policies help with communication security?
    • Picking good Passwords and other behavioral issues
  • HIPAA Business Associates
    • So who, exactly, qualifies as a HIPAA business associate?
  • How Do I Apply All Those Communications Security Ideas to the Real World?
    • Email and texting risks and risk mitigation
      • An important note about risks in electronic communications
      • Email risks
      • SMS (texting) risks
      • What can I do about email and texting risks?
    • Internet video chat and voice calling risks and risk mitigation
  • How Do I Secure My Records and Other Confidential Stuff I Keep On Computers, Tablets, Phones and Disks?
    • Data and device security needs and challenges
    • What happens if your security gets breached?
  • How Do I Apply All Those Data Storage Security Ideas to the Real World?
    • Computer risks and risk mitigation
    • Tablet, computer and smartphone risks and risk mitigation
    • Backing up your essential data
  • Online Electronic Health Records and Practice Management Systems
    • I keep hearing about how important EHR systems are. What's that about?
  • Citations, References and Resources


Author's Bio


To order this Course now
Order Course now, click here




Instructions for requesting accommodations for disabilities

Refund and Course Exchange Policies

Share This:

Follow Us On:     TwitterFacebookLinkedInGoogle Plus

Click here to receive clinical updates by e-mail.

Online Courses  -  Zur Institute on YouTubeYouTube
Live Workshops  -  Forensic & Expert Witness Services - Consultations for Therapists
Private Practice Handbook  -  HIPAA Compliance Kit  -  Clinical Forms  -  CE Info  -  Discussions
Online Catalog -  Free Articles  - Boundaries & Dual Relationships  - General Public Resources  - Seminars For General Public
Organizational Discounts  -  About Us  -  FAQ  - Privacy, Disclaimer, Terms of Use, DMCA  -  ADA Policy & Grievance - CV
Home -  Contact Us  -  Site Map

Ofer Zur, Ph.D., Director

321 S. Main St. #29, Sebastopol, CA 95472
Phone: 707-935-0655, Fax: 707-736-7045, Email:

© 1997-2016 Zur Institute, Inc. All rights reserved. Privacy Statement, Disclaimer & Terms of Use.
Site design/maintenance by R&D Web