Put Your Practice In The Clouds

photo: MedithIT CC

Staying HIPAA compliant can sometimes translate to, “being prepared for the worst.”  For some therapists, having hard copies of everything seems like the safest way to ensure that information does not land in the wrong hands.  For those people, the idea of putting information “in the cloud” may cause anxiety.  If you’re one of those people, this article is for you!

This month, we’re going to give a shout-out to the cloud-based practice management company that I use and trust – SimplePractice.  I started using SimplePractice in 2013, and it has been a wonderful asset to my business.  SimplePractice has the power to make everything about your practice paperless: intake forms, client communication, appointment scheduling, and billing and payments.  The whole process is streamlined, from making the initial appointment to the final billing, for both you and your clients.

Because I love them so, I reached out to the folks at Simple Practice for some help answering one of the biggest questions people often have when checking into cloud-based practice management: How is my information kept secure? A summary answer: “be prepared for the worst.”  Here are just a few of the precautions they are taking, straight from the pros at SimplePractice (read more here: https://www.simplepractice.com/blog/keep-data-secure/):

Internet security awareness trainings. As therapists, we’re constantly having to do continuing education – it makes sense that other experts are doing the same.  HIPAA is always changing as technology evolves, and the internet security awareness trainings reflect those changes.

Use a HiTrust certified hosting provider (the industry standard for HIPAA compliant infrastructure.)  If you’re looking to overhaul how you run your practice, the first question is “Is this new way compliant?”  While switching to a paperless way of business may not be easy, rest assured that it will be compliant.

Prepare for the worst.  Cloud-based data storage allows for backups kept in different physical locations.  SimplePractice uses multiple data centers in locations 1,000 miles apart, so their data can be recovered and available within a few minutes if a natural disaster were to occur.

Encryption!  SimplePractice uses military grade data encryption and protection from unauthorized persons and processes. Are you one of the aforementioned people who thinks that the safest way to ensure that information doesn’t land in the wrong hands is by having a paper copy?  Encryption is the paperless solution to that!

However, even if you use SimplePractice or another cloud-based service, there are still a few things you personally have to do to ensure your information is secure. For example:

  • Keep your computer and browsers current with the latest software and security updates.
  • Protect your computer and network. Install and update anti-virus software. Use personal firewalls on your computer and network. Password protect your home and office computer network.
  • Manage passwords appropriately. Do not enable automatic login to SimplePractice (or other important accounts). Change your password periodically, use strong passwords and avoid re-using it for other accounts. We recommend using a password manager.
  • Be mindful. Don’t share your login credentials with anyone. Always make sure you are logged out of important accounts when you are finished. When using computers that are not your own, make sure you are fully logged out and close the browser.
  • Lock your phone. Enable a passcode / Touch ID on your mobile device.

For more information on SimplePractice, visit their website here.

To read their article, “How We Keep Your Data Secure,” in full, click here.

To further get your ducks in a row when it comes to data security, check this out.