loader from loading.io

Episode 608: AI Isn’t the Problem, Lack of Governance Is – A PSA for Group Practice Leadership

Group Practice Tech

Release Date: 03/02/2026

Episode 615: Your Data is Not Your Own: Why VC-Owned Healthcare Wants Your Information show art Episode 615: Your Data is Not Your Own: Why VC-Owned Healthcare Wants Your Information

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we share a cautionary tale about a Talkspace client whose healthcare information was weaponized against them. We discuss: Venture capital firms buying therapy practices, monetizing, and weaponizing client data to make more money A recent case where a Talkspace client’s data was read aloud in court Platforms using client communication to train LLMs and AI platforms How these platforms are profoundly detrimental to clients, therapists, and the profession Why...

info_outline Episode 614: AI Is Just The Latest Example - Why Training Matters For Every New Tool show art Episode 614: AI Is Just The Latest Example - Why Training Matters For Every New Tool

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we talk about the importance of proficiency and competency with any tool or modality used in your practice. We discuss: Why training is necessary with any tool or modality used in your practice, not just AI What the professional ethics codes say about competence and proficiency for tools and modalities used How PCT evolved to help clinicians manage the advent of new technology Our upcoming CE training on how to evaluate AI and incorporate it into your...

info_outline Episode 613: You Discovered Non-Compliant AI Use in Your Practice. Now What? show art Episode 613: You Discovered Non-Compliant AI Use in Your Practice. Now What?

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we share concrete steps to take if you’ve discovered staff members using non-approved AI platforms in your practice. We discuss: The misconceptions around what constitutes PHI (and why information used to write a progress note absolutely is PHI) Why this is a reportable HIPAA breach Why reporting a HIPAA breach is nowhere near as scary or impactful as you may fear  The difference between a large breach and a small breach, and reporting deadlines for...

info_outline Episode 612: Free Email Isn't Worth It: Why It's a Bad Idea and What To Do Instead show art Episode 612: Free Email Isn't Worth It: Why It's a Bad Idea and What To Do Instead

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we explain why free email providers are inherently not HIPAA compliance compatible. We discuss: Why it’s necessary to have a Business Associate Agreement with your email service provider Why clients can’t opt out of HIPAA What requests for alternative or non-secure communication actually mean under the HIPAA Privacy Rule What counts as Protected Health Information (PHI) Why a free email address might be a red flag for prospective clients How to get a BAA...

info_outline Episode 611: The Real Risks of Using Non-Vetted AI Platforms with Client Information show art Episode 611: The Real Risks of Using Non-Vetted AI Platforms with Client Information

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we continue our series on AI use within therapy practices by sharing how to explain to your team members why using non-vetted AI platforms is not permissible. We discuss: What counts as Protected Health Information and a breakdown of the often misunderstood 18th identifier under HIPAA How therapy progress notes and clinical notes are inherently identifying AI re-identification risk and why this is possible Why AI use involving client information must be...

info_outline Episode 610: Don't Panic - But Do Pay Attention: What the Darksword iPhone Exploit Actually Means show art Episode 610: Don't Panic - But Do Pay Attention: What the Darksword iPhone Exploit Actually Means

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we share information about the recent Darksword iPhone exploit, and what that means for therapy practice owners regarding device security. We discuss: What you need to know about this exploit Device hardening within your security circle Device security gaps we see in everyday practice Pairing technical security measures with behavioral security measures PCT’s resources around risk management and device security Listen here: For more, PCT Resources ...

info_outline Episode 609: Update: HHS Releases Model NPP for Part 2 Changes — What It Means for Your Practice show art Episode 609: Update: HHS Releases Model NPP for Part 2 Changes — What It Means for Your Practice

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we discuss HHS’s new model Notice of Privacy Practice for Part 2 programs, what has changed, and what that means for your practice.  We cover: The Part 2 Final Rule from 2024 Why the Feb. 16th enforcement deadline has been so confusing The model Part 2 NPP and Patient Notice from HHS, and the function of each document Who is considered a lawful holder and what that means Whether you need to switch to the HHS templates What to do if you already used...

info_outline Episode 608: AI Isn’t the Problem, Lack of Governance Is – A PSA for Group Practice Leadership show art Episode 608: AI Isn’t the Problem, Lack of Governance Is – A PSA for Group Practice Leadership

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we share a PSA for group practice owners to address unauthorized AI use within your practice. We discuss: What we mean by governance What counts as Protected Health Information (PHI) The standard we use at PCT to determine if something is PHI Why AI tools like ChatGPT are inappropriate for PHI De-identification standards under HIPAA Ethical standards and informed consent for clinical use of AI Concrete next steps to take as a practice leader to address AI...

info_outline Episode 607: HIPAA After Retirement – How to Close Your Practice the Right Way show art Episode 607: HIPAA After Retirement – How to Close Your Practice the Right Way

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we discuss the HIPAA responsibilities for therapy practice owners when closing their practice or retiring. We cover: Common assumptions about responsibilities after retirement What determines your record retention length How long you must remain contactable after closing your practice and why The key functionalities you need to maintain, and the most economical ways to DIY them Outsourcing to an executor service as an alternative to the DIY approach Common...

info_outline Episode 606: Being Findable in an AI-Shaped Referral World show art Episode 606: Being Findable in an AI-Shaped Referral World

Group Practice Tech

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we offer actionable tips for practice owners regarding the rapidly changing landscape of online referral sources. We discuss: How online referral sources have changed over the last year Why Psychology Today is no longer the dominant referral pathway Emphasizing community based referrals How clients are using AI to find therapists How AI tools prioritize results Practical do’s and don’ts for being findable via AI Listen here: For more, PCT Resources ...

info_outline
 
More Episodes

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech.

In our latest episode, we share a PSA for group practice owners to address unauthorized AI use within your practice.

We discuss:

  • What we mean by governance
  • What counts as Protected Health Information (PHI)
  • The standard we use at PCT to determine if something is PHI
  • Why AI tools like ChatGPT are inappropriate for PHI
  • De-identification standards under HIPAA
  • Ethical standards and informed consent for clinical use of AI
  • Concrete next steps to take as a practice leader to address AI use in your practice

Listen here: https://personcenteredtech.com/group/podcast/

For more, visit our website.

 

PCT Resources:

  • Article + 18 Identifier List: De-Identified or Not? The Truth About HIPAA, AI, and Client Data
    • In this article, Person Centered Tech breaks down one of the most misunderstood concepts in HIPAA compliance: de-identification. It clarifies the difference between simply “removing identifiers” and meeting HIPAA’s strict legal standards for de-identification (Safe Harbor or Expert Determination). The piece explains why narrative clinical information is often inherently identifying, why a session transcript cannot realistically be considered de-identified, and how AI systems introduce heightened risks of re-identification. It reinforces a critical takeaway for practice leaders: HIPAA sets the floor—not the ceiling—for protecting client information, and governance must keep pace with emerging technologies.
  • PCT CE Course: Law & Ethics of the Clinical Use of Artificial Intelligence: Implications in Clinical Practice
    • If you’re wanting a deeper, structured framework for evaluating AI in clinical practice, this 3-credit legal-ethical on-demand training with Eric Ström, JD, PhD, LMHC, walks through the evolving legal standards, HIPAA considerations, and ethics code guidance that apply to AI use in behavioral health. You’ll gain practical strategies for assessing new technologies, understanding emerging standards of care, and implementing AI tools in a way that is legally defensible and ethically sound.
  • PCT CE Course: Modern Progress Notes: Considerations for Teletherapy, Insurance Audits, and Artificial Intelligence (AI)
    • If your clinicians are feeling the pull to use AI for documentation, this 1.5-credit legal-ethical training with Dr. Maelisa McCaffrey (Hall) provides a grounded, practical framework for evaluating that decision. The course addresses how AI is currently being used in progress notes and introduces a clear thought rubric for determining the ethical risks, compliance implications, and appropriateness of integrating AI into documentation workflows. It also reinforces core documentation principles—like medical necessity and audit risk reduction—so that efficiency never comes at the expense of defensibility. A strong next step for practice leaders who want to move from reactive prohibition to thoughtful, structured governance. (Useful for all clinicians) 
  • Group Practice Care Premium
    • weekly (live & recorded) direct support & consultation service, Group Practice Office Hours — including monthly session with therapist attorney Eric Ström, JD PhD LMHC
    • + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost)
    • + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more