A guest post from Hushmail
The virtual practice is here to stay. What started as a necessary transition during the pandemic-driven lockdowns has turned into an economical and convenient option for providing care to clients. Many practitioners are going back to in-office sessions while still offering telehealth to clients that need or prefer it.
Now is a good time to consider how you’ll move forward as a hybrid practice combining virtual with in-office sessions.
Today, we’re taking a look at what you can do to make sure your hybrid practice meets your financial goals, satisfies HIPAA compliance requirements, and puts your best foot forward when caring for your clients.
Where will you practice?
If you’ve gotten used to not paying rent for your virtual practice, going back to a brick and mortar office might be financially intimidating, especially if you expect to not be in the office full-time.
You might have looked into using a coworking space such as WeWork or Regus. Coworking spaces are a good option, allowing plenty of flexibility when it comes to seeing clients in an in-person office setting.
However, therapists require some very specific amenities from their office setting, privacy being the most important, but also an atmosphere conducive to making your clients comfortable. The conventional bustling coworking space isn’t necessarily going to cut it. Fortunately, niche coworking spaces are springing up to meet this growing demand.
Type “coworking space for therapists” into Google and you’ll find a few in most major cities, such as Chicago Minds, which offers not only private office space but a virtual business address, as well as numerous professional resources and business tools just for therapists.
How will you keep you and your clients safe?
Switching to a virtual practice during the pandemic made sure no one got sick in the course of attending a therapy session. It took that responsibility and worry completely off your hands.
Seeing clients in person again brings up numerous questions. What are the risks of meeting in person? What will you require of your clients? Of yourself? What will your clients require of you?
Your ultimate goal is safety, but, of course, you also want your clients to be comfortable. It’s a good idea to lay out some ground rules so everyone is on the same page.
The American Psychological Association (APA) has developed an Informed Consent template just for this purpose, and has given Hushmail permission to add it to its template directory as a customizable template available to Hushmail customers.
Preview the template and see what it would look like in use: Informed Consent for In-person Services During the COVID-19 Public Health Crisis
Keep in mind that laws, regulations, and related information continually change, and it’s best to monitor local, state, and federal officials and update this form as necessary to stay in compliance with their guidance.
It’s also a good idea to include a standard COVID-19 screening questionnaire in your practice forms. Such a questionnaire allows you to screen your clients as needed to ensure everyone stays safe when they meet face to face.
How will you communicate with your clients?
Carol Park, a Licensed Professional Counsellor and dietician, is by her own admission not the most tech-savvy person in the world. Yet, when the pandemic began, she found herself making the sudden shift from a practice that was 90 percent in-person to one that was 100 percent online. Part of that rapid shift was figuring out how to communicate securely with her clients so they could sign the forms that were necessary to begin telehealth.
Fortunately, she had been using Hushmail encrypted email to communicate with her clients for years and had just started testing Hush Secure Forms (which comes with every Hushmail account).
For Carol, it was important that she could attach multiple web forms to one secure email to send to new clients to get them started with telehealth immediately. She found that Hushmail’s all-in-one email, web forms, and e-signatures made the process very convenient.
“All I had to do was start a Hushmail email, attach all the necessary forms to get them started, and send. The fact that I didn’t have to send multiple emails, have my clients print the forms, scan them, and send them back made everything so much easier.”
Like Carol, you might have set up your virtual practice last year in a hurry. Now’s the time to make sure you have your hybrid practice set up correctly, especially when it comes to communicating with your clients and getting their forms filled out.
Paper forms clearly don’t work when you see clients virtually. You need secure online forms to collect their information in a timely manner. If you’re seeing people face to face again in a hybrid practice, paper forms don’t make sense there either. Using web forms for your virtual practice but paper for your office creates opportunities for confusion and errors. Plus, paper has proven time and again to be an inefficient way to collect information, resulting in unintelligible forms and missing information.
Online forms limit time spent in the waiting room, are easier to read, and do a better job of getting clients to enter all the information you need for your records. And they can be filled out in the comfort of the client’s home.
There are numerous form services out there that you can use, but you want to look for one that is encrypted, HIPAA compliant, and allows you to easily customize your forms.
If you’re curious about the forms another practitioner is using, you can find Carol’s forms on her Helpful Forms page. They can serve as examples as you build your own forms.
Is your practice HIPAA compliant?
Communicating securely with clients is a given if you’re a therapist, especially if you’re having detailed conversations with them about their care. Even seemingly benign information such as phone numbers and email addresses is considered protected health information (PHI) that should be communicated in a secure manner according to HIPAA.
Even if you aren’t a covered entity required to comply with HIPAA rules, securing your online communications with your clients is important from a professional, ethical standpoint.
Here are a few basic actions you can take to lay a strong foundation for your hybrid practice’s HIPAA compliance.
- Make sure any third parties that handle your clients’ PHI are HIPAA compliant and provide a signed Business Associate Agreement (BAA). A BAA affirms a third-party service provider’s willingness to accept responsibility for the safety of your clients’ PHI, maintain appropriate safeguards, and comply with HIPAA requirements when they handle PHI on your behalf. Third-party services might include billing, email, and telehealth platforms.
- Use encryption when you exchange PHI with clients. As a hybrid practice caring for clients both virtually and in the office, you should implement technical safeguards to protect your clients’ electronic PHI. Should a data breach occur, the fact that you used an encrypted email and web form service will demonstrate to HIPAA officials and others that you did everything you could to safeguard your clients’ information.
- Use your encrypted services correctly to protect PHI. Encryption protects PHI but only if it’s used in your hybrid practice along with a common-sense approach to protecting your clients’ privacy. Here are some simple but effective things you can do to ensure that your emails are confidential:
- Don’t put PHI in subject lines. Subject lines are the most visible part of an email. They are displayed in the inbox and can be seen in notifications on some devices. For this reason, it’s important not to place any private or identifying information in the subject line.
- Doublecheck email addresses before you send. You’d be surprised how many errors are made by not looking closely at an email’s recipient. When your email application automatically fills in a name, it’s easy to mistake a John Smith with a Jon Smith. Or a Heather Bell with a Heather Biel. The solution is to slow down when sending an email and take the time to carefully select the correct address.
- Be careful about sending group emails. As a rule, group emails are a bad idea when it comes to protecting PHI. If the email implies information about the recipients, such as an email welcoming new members to a support group, then it’s considered PHI and under the protection of HIPAA. If you must send group emails, make sure they contain only very general information.
Need an encrypted email and forms service for your hybrid practice?
Hushmail for Healthcare is your all-in-one solution for secure client and patient communication. It’s perfect for therapists, psychologists, optometrists, dentists, chiropractors, physical therapists, and other healthcare professionals. Hushmail for Healthcare comes configured for HIPAA compliance right out of the box. All plans come with a signed Business Associate Agreement and built-in email archiving.
Chicago Minds members receive a 10% lifetime discount at Hushmail, join us today!