This kit was updated in March 2013 to include the latest
HIPAA Regulations of the Omnibus or Final Rule of January 2013.
The HIPAA Kit and HIPAA Forms are available online in pdf format with links to the forms in word doc. You can access them instantaneously online. You can copy the HIPAA Forms to your word processing program, insert your letterhead and name, make other necessary changes, and you're all set. The HIPAA Kit and Forms are not available in hard copy.
"Ingeniously combining his extensive knowledge of practice with his keen understanding of HIPAA with all its implications, Dr. Zur has compiled a practical, readable guide that addresses the potentially most impacting and disruptive force to confront psychotherapy. No mental health practitioner can afford to be without it as your practice may depend on it."
Nicholas A. Cummings, Ph.D., Sc.D.
Distinguished Practitioner, University of Nevada, Reno
President, Cummings Foundation for Behavioral Health
Former President, American Psychological Association
Receive the entire HIPAA Compliance Kit and HIPAA Forms instantly online via our HIPAA Online Course.
Time Is Running Out!
Yes! As most experts advocate, even therapists in solo practice who do not submit electronic bills and may not be considered a Covered Entity by HIPAA need to become compliant with HIPAA, because HIPAA has become the standard of care in regard to security and privacy of digital-electronic records.
The Kit will aid psychotherapists in private practice with:
- Understanding HIPAA's basic facts and requirements.
- Implementing a simple step-by-step process towards HIPAA compliance.
- Acquiring checklists and ready-to-use, user-friendly forms, which you will be able to personalize and employ right away.
- Avoiding the severe penalties and other risks associated with non-compliance.
- Learning low-tech ways to use billing services and clearinghouses to continue receiving insurance company reimbursements.
HIPAA COMPLIANCE KIT 5th Edition-2013
Table Of Contents ~ List of Forms
Introduction to the Kit
Disclaimer, Copyrights, and Liability Statements
Introduction to 5th Edition
List of abbreviations
Section I: How to Use This Kit
1. What is the goal of the Kit?
2. How is the Kit organized & what terminology does it use?
3. How can I best use this Kit?
4. What is this Kit not?
Section II: HIPAA - The Basics
5. Generally, what is HIPAA?
6. What is a Covered Entity (CE) and am I one?
7. Do I need to comply even if I do not own a computer?
8. What does "scalable compliance" mean for me?
9. What is and who is the Privacy Officer in a solo, private practice?
10. How easy is it to become compliant?
11. What are the basic requirements for compliance?
12. What happens if I did not meet any or some of the original deadlines?
13. What are the Privacy, Security, and Transaction Rules?
14. What are the HIPAA general deadlines?
15. What can trigger the Privacy Rule or HIPAA compliance audit?
16. What will happen if I do not comply with HIPAA?
17. What does HIPAA not do?
18. What do we not yet know about HIPAA?
Section III: The Privacy Rule: Records & Access
19. What is the HIPAA Privacy Rule?
20. How is therapist-patient privacy protected?
21. What is PHI?
22. What about keeping two sets of records?
23. What are Psychotherapy Notes?
24. What do the Psychotherapy Notes include?
25. What is excluded from the Psychotherapy Notes?
26. Can I see an example of the two types of notations?
27. Do individuals have a right to review their Psychotherapy Notes?
28. Do managed-care companies have the right to review the Psychotherapy Notes?
29. Does Medicare have the right to review the Psychotherapy Notes?
30. What about sharing Psychotherapy Notes with other treating clinicians?
31. Can a client authorize disclosure of the Psychotherapy Notes?
32. Can Psychotherapy Notes be disclosed without the patient's authorization?
33. What is the Supreme Court 1996 Jaffee v. Redmond decision all about?
34. What about re-disclosure of Psychotherapy Notes?
Section IV: The Privacy Rule: Consents, Notice, & Releases
35. What do I need to know about consents and authorizations?
36. What is TPO?
37. What about the consent for TPO?
38. Can a patient revoke his/her consent for TPO?
39. If a patient revokes his consent for TPO, can the therapist still be paid?
40. What about the federal amendment to consent for TPO?
41. What are the issues around authorizations?
42. Which basic forms must I have?
43. What is compound authorization?
44. When is neither consent nor authorization required?
45. What about HIPAA's Notice of Privacy Practices?
46. Should I post the Notice on my website or send it electronically?
47. What about patients' rights to request privacy?
48. If I have an Informed Consent, do I also need a HIPAA consent?
49. What is the difference between "use" and "disclosure"?
50. How do I deal with the judicial system and administrative proceedings?
51. How do I deal with law enforcement agencies?
52. What about disclosure where there is a threat or danger?
53. What rights do patients have to access their records?
54. When do patients NOT have the right to access their records?
55. What is the time frame for a patient's request to review his/her records?
56. Must patients pay for copies they request?
57. What rights do patients have to amend their records?
58. What about minors' records?
59. What about business associates?
60. What about consultation?
61. Can a therapist disclose records created by other providers?
62. What about disclosures for research purposes?
63. What are the considerations surrounding substance abuse disclosures?
64. What are the considerations for an account of disclosures?
65. What is the "need to know" requirement?
66. What is the "minimum necessary" requirement?
67. Can therapists disclose to their professional liability insurance?
68. Does the Privacy Rule create a government database of individuals?
69. Can therapists call out the names of patients in their waiting rooms?
70. What about disclosure to collection agencies?
71. Can clearinghouses and health plans use PHI?
72. Can one have joint consents?
73. Can one have combined consents?
74. What are re-disclosures?
75. What is a Disclosure Record?
76. What does de-identifying mean?
77. What are limited data sets?
78. What does HIPAA say about marketing?
Section V: The Security Rule
79. What is HIPAA's Security Rule?
80. What are the differences between the Privacy and Security Rules?
81. What is the good news about the Security Rule?
82. What are the four elements of the Security Rule?
83. What are the Administrative Procedures of the Security Rule?
84. How shall I physically arrange my office so it is HIPAA compliant?
85. How about protection from disasters?
86. What do I need to consider regarding phones?
87. What do I need to consider regarding fax machines?
88. What do I need to consider regarding copiers (copy machines) and printers?
89. What do I need to consider regarding email security and encryption?
90. What do I need to consider regarding text security and encryption?
91. What is included in the risk analysis and assessment?
92. What is included in risk management?
93. What do I need to consider regarding communication with clients via social networking sites?
94. What about general computer security and protection?
95. What about email signature?
96. What about HIPAA encryption requirements?
97. What about security issues with Skype and other video-conferencing Technologies?
98. What about the conduit exception?
99. What about breach risk assessment and breach notification analysis?
Section VI: The Transaction Rule
100. What is the Transaction Rule?
101. What about uniformity of electronic claims?
102. Which ICD, DSM, or CPT codes are required under HIPAA?
103. Does HIPAA mandate therapists to use electronic claims?
104. What are my choices in regard to billing?
105. What are my options in regard to electronic insurance claims?
106. What is the role of a clearinghouse?
107. What are the identification standards and what is NPI?
108. What about Code Sets?
109. Does Medicare mandate electronic billing?
110. What are some of the Transaction Rule’s basic terms and acronyms?
Section VII: Additional Requirements & Considerations
111. What are the general administrative requirements?
112. What about staff training?
113. What about procedures in my office?
114. What are some of the steps towards HIPAA compliance?
115. What about Electronic Health Records (HER)?
116. What is the Omnibus rule of 2013?
Section VIII: HIPAA, Ethics, Preemption Analysis and State Law
117. What is the preemption analysis?
118. Under what conditions does HIPAA preempt state law?
119. What happens when state law conflicts with HIPAA?
120. What happens when state law and HIPAA are not comparable?
121. What are the relationships between HIPAA & the Codes of Ethics?
Section IX: HIPAA, Ethics Codes and California Law
122. What are the relationships between HIPAA and California law?
123. Can you provide me with examples of HIPAA regulations that preempt California laws?
124. What are some of the instances where California laws preempt HIPAA?
125. Where can I find online resources for implementing HIPAA in California?
Section X: Ready-to-Adapt Forms
Form I: HIPAA Compliance Checklist
Form II: HIPAA Notice of Privacy Practices
Form III: Authorization to Release Information
Form IV: Request for Amendment of Health Information
Form V: Standard Office Policies & Informed Consent
Form VI: Tracking of Releases
Form VII: Account of Disclosures
Form VIII: Denial of Access to PHI
Form IX: Denial of Request for Amendment
Form X: Complaint Form
Form XI: Acknowledgment of Receipt of Notice
Form XII: Risk Assessment
Form XIII: Breach Assessment
Form XIV: Authorization/Consent to use unencrypted e-mail and text
Form XV: Patient's Right for Confidential Communications
Form XVI: Patient Request for Restriction on Use and Disclosure of PHI
DISCLAIMER: The HIPAA Compliance Kit is designed specifically for psychotherapists in solo private practice. It is written in simple understandable language, which intends to start you on your road to HIPAA compliance. Unlike many manuals which are priced in the $200 to $800 range, are written in incomprehensible language, provide lengthy, unintelligible quotes and give overwhelming quantities of information, this concise Kit is written in straightforward, comprehensible language. It will provide you with basic understanding, straightforward advice, refer you to important resources and will give you a step-by step process covering the minimum requirements you need to become compliant. It neither intends to be a substitute for legal or ethical consultation nor provides a state-by-state preemption analysis. The Kit, like the seminars, only expresses Dr. O. Zur's opinion and understanding of the regulations and does not claim to give definitive or comprehensive answers or the 'right' interpretation to many of the complex and often ambiguous questions which are brought up by the new HIPAA regulations. Many regulations may be still changing and the material may not reflect such changes. There are also many disagreements and different understanding of the regulations. Contact your professional association, your malpractice insurance, attorney, boards and other state agencies or the federal government for more information. You will need to adapt the forms according to your needs, according to your state law and your professional requirements. It also provides a general summary of California's preemption analysis.
There are no refunds or returns and all sales of catalog items are final.