Imagine if the President was your client
Imagine: you get a call from a mom, wanting family therapy for herself, her husband and their 2 daughters. She tells you that her husband has a highly, highly stressful job, one that has pretty much taken over their lives, and each member of the family has started showing various signs of stress. This is not an unusual phone call, right? You know how to handle this phone call, the intake, the client, the paperwork, the communication, the records. This is what you do for a living! :^)
But what if that mom was Michelle Obama, and your new client family included the President of the United States?
Would you feel confident that your paperwork, policies, and the security of your medical records would be good enough for this new client? Would you feel confident that your security practices be able to withstand the onslaught of hackers looking for information about this client?
Yeah, me neither. :^)
This mental exercise was suggested to me by an attendee of one of the live HIPAA for Therapists workshops. Most of us solo/small practice psychotherapists can’t imagine someone going to the trouble of hacking in to our computers, and indeed the risk is probably pretty small. But what if?!?
What if you have a client who has some personal characteristic, job or ex-job, criminal connection, enemy, ex-spouse, etc… someone out there who does highly value that client’s medical record… someone who might (accurately) believe that mental health/psychotherapy notes could be used in a number of ways to enrich themselves or harm your client. It might be hard for us to imagine that kind of criminal intent, but it is out there.
Of course, only you know the specifics of your practice and the needs of your clients, but consider this a reminder that the security of your client medical records is very important, and that you might do well to imagine, even for a moment, what you would need to know and do to provide secure medical records if the President was your client.