HIPAA Specifics for Mental Health


Increased HIPAA requirements for your mental health practice could be a ticking time bomb.

HIPAA audits, violations and penalties are on the rise. And you can bet that mental health practices are on the Feds radar. And if you think providing your patients with a HIPAA privacy notice and encrypting their records takes care of it, THINK AGAIN!

The hard part is knowing specifically what you have to do to be compliant. That’s where HIPAA expert, Brian L. Tuttle, CPHIT, CHP, CHA, CBRA, can help. Brian is presenting a mental-health specific training session that will provide you with the precise steps you need to implement ensure your compliance.

Below are just a few of mental-health related privacy and security topics you need to master to be HIPAA compliant (you may be surprised at the answers):

  • If the patient doesn’t give authorization, when can you communicate with family and friends?
  • Do you have to release psychotherapy notes if the patient asks for them?
  • Does a parent have the right to receive a copy of their child’s psychotherapy notes?
  • If the Federal and State HIPAA laws contradict, which one should you follow?
  • Can you release patient records, including psychotherapy notes, to insurance carriers without the patient’s specific consent?
  • If the patient denies consent, can you still share patient records with another provider?
  • When does mental illness or another mental condition constitute incapacity under the Privacy Rule?
  • And so much more

HIPAA compliance is no easy task. Not only do you have to tackle the questions above, but you also need to manage your business associate risk, conduct a practice risk assessment, know how to respond to an audit notification, etc. In only 90 minutes, you’ll get all this and so much more.

Getting it wrong can land you in a world of HIPAA legal hot water. Don’t risk it, order this targeted training session today.

Meet Your Expert

Brian L. Tuttle
CPHIT, CHP, CHA, CBRA, CISSP, CCNANationally Renowned HIPAA Compliance Consultant

Brian is a Certified Professional in Health IT (CPHIT), Certified HIPAA Professional (CHP), Certified HIPAA Administrator (CHA), Certified Business Resilience Auditor (CBRA), Certified Information Systems Security Professional (CISSP) with over 17 years’ experience in Health IT and Compliance Consulting.

With vast experience in health IT systems (i.e. practice management, EHR systems, imaging, transcription, medical messaging, etc.) as well as over 17 years’ experience in standard Health IT with multiple certifications and hands-on knowledge, Brian serves as compliance consultant and has conducted onsite and remote risk assessments for over 1000 medical practices, hospitals, health departments, insurance plans, and business associates throughout the United States.

In addition, Mr Tuttle has served in multiple litigated court cases serving as an expert witness offering input related to best practices and requirements for securing and providing patient access to protected health information. Mr. Tuttle has also worked directly with the Office of Civil Rights (OCR) both in defending covered entities and business associates as well as being asked by the Federal government to audit covered entities and business associates on behalf of the OCR.