toot.wales is one of the many independent Mastodon servers you can use to participate in the fediverse.
We are the Mastodon social network for Wales and the Welsh, at home and abroad! Y rhwydwaith cymdeithasol annibynnol i Gymru, wedi'i bweru gan Mastodon!

Administered by:

Server stats:

872
active users

#psychotherapists

0 posts0 participants0 posts today

"Advocates look toward future for psychedelic-assisted therapy in #california -- Note-- we have #psychotherapists, we have psychedelics. Let #psychedelics be prescribed by doctors in conjunction with therapy. Licensed therapists already exist. Decriminalize what people would like to do to address their own mental health, and offer them supportive services for medicines and treatments that have been studied. This is an easy clarification by BBS to assure that the scope of practice in licenses

Continued thread

UPDATE: I see lots of people of suddenly just discovered this series of posts.

It is still the case that providers are not being paid.

You might be interested in seeing this post that showed up on Reddit yesterday, by a therapist who was already getting stiffed by insurance company shenanigans before this started, and has now gone 4 months without being paid:
reddit.com/r/therapists/commen

("Credentialed" here means "signed up to take an insurance with an insurance company".)

Much angsty discussion ensues among therapists about taking insurance.

And here's an account just published of doctors having not been paid for a month:
ctinsider.com/columnist/articl

It points out something that the Reddit post alludes to: providers apparently can't submit prior authorization requests, either. That means that when they DO submit bills for those services, they'll be denied.

@psychotherapists #ChangeHealthcare #therapistsConnect #psychotherapists

#psychotherapists and #psychotherapy clients! The following image was posted to reddit.com/r/therapists/commen . It appears to be a screenshot or a paper flyer. I have not vetted its authenticity.

It is apparently a solicitation to patients to secretly record their psychotherapy sessions to sell to this company for $50 each.

It expressly addresses the question of whether one needs to ask permission from one's therapist to record the session saying,

> From a legal standpoint, you only need permission from one of the party's present (i.e. yourself) to record your conversation in the vast majority of US states.
> Note that in the following states, consent from the other party is legally required: California, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Pennsylvania, and Washington State.

Note that in addition to being incredibly rude, there are CLINICAL reasons not to record sessions, so you should not do this without talking to the therapist!

Continued thread

Some hero leaked a recording of a phone call between UnitedHealth's COO and some hospital cybersecurity officers to STAT News - statnews.com/2024/02/29/change - in which the COO seemed to suggest the outage might go on for weeks.

Which, honestly, would not be surprising. When ransomware took out Harvard Pilgrim Health Plan, it was down for like three months.

@psychotherapists
#TherapistsConnect #psychotherapists
#ChangeHealthcare

STAT · Change Healthcare cyber attack outage could persist for weeks, UnitedHealth Group executive impliesChange Healthcare cyber attack outage could persist for weeks, UnitedHealth Group executive implies

So a lot of people don't know this is happening, including a lot of the people it is happening to:

Some very large amount of health care providers in the US are not getting paid by insurance right now, including a large number of psychotherapists, a third of a million physicians, and about 25% of pharmacies.

This is because their claims processing systems run against UnitedHealth's Change Healthcare, a claims routing service, and Change Healthcare has been down for a week, the victim of a "cyberattack" apparently by a notorious ransomware gang.

The news has only really started covering this in the last few days, and particularly today. The search string "Change Healthcare" submitted to news.google.com will probably turn up an abundance of information about the situation for those who want to know more.

#ChangeHealthcare #psychotherapists @psychotherapists #TherapistsConnect

1 of 2

TITLE: Doxy.me Privacy Considerations

Here is a posting or two from April 2022 when I took a look at Doxy.me privacy policies in force at that time. I am of course not a lawyer and could misunderstand something. Maybe.

As you read this, please keep in mind: Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates hhs.gov/hipaa/for-professional

This HHS and OCR guidance includes several sorts of 3rd party tracking technologies possibly in use by Doxy.

To be crystal clear – I am NOT accusing Doxy of breaking HIPAA or other laws, sharing PHI, or sharing video content. I am “accusing” them of doing exactly what they allow themselves to do in their “privacy” policy – communicate “de-identified and anonymized” data to 3rd parties having little to nothing to do with the operation of the service. The huge problem is that “de-identified and anonymized” data can be easily reattached to client names by any data broker worth their salt with a big enough database.

– Michael

On Thu, Apr 14, 2022 at 12:54 AM Michael wrote:

doxy.me/en/privacy-policy/

Picture me having an angry laugh (at Doxy, not you) as I read this "privacy"policy. It’s ridiculous.

In summary: They give themselves permission to do quite a lot, and by using their product, you are consenting to it. They say they are “anonymizing” everything – but what good is that if the data can be used to easily reconstruct client identity? They don’t say they are sending along tracking cookie data to 3rd parties, but they give themselves permission to do it.

A few choice pointers:

“This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information—when You use the Doxy.me Service or visit this web site”

Your permission is granted…

“Usage Data is collected automatically… Usage Data may include information such as Your Device’s Internet Protocol address, browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers, and other diagnostic data. However, this Usage Data is de-identified and anonymized and not linked to a particular data. As such, it is not considered personal information; it is incidental to providing the Service.”

Several Internet security sources point out (sorry – I don’t have a reference immediately available) that when data brokers accumulate several data points on you (such as browser type, IP address, “other diagnostic data”) that it can act as a unique fingerprint to figure out who you are. Keep in mind that data brokers track across several websites across time. This is exactly the sort of information that cookies are commonly used for to store and pass along.

Internet Protocol address – If a user happens to have a static IP address, this is a unique identifier of the user. If its not static, it still serves to pinpoint the general geographic area the person is in (unless a VPN is used) and can be combined with other data to identify the person.

Unique device identifiers – Each device (laptop, smart phone, etc.) has a unique serial code that identifies it. If this information is being passed along to 3rd parties, its a unique fingerprint of the person.

Let’s take an easy fictional example – let’s say a client creates a Google account. In the process of creating the Google account, the client enters their name. Let’s say Google also captures their unique device identifier at that time. Now then, if the unique device identifier is passed along to Google whenever that person visits a website (say doxy.me for example), Google knows the name of the person visiting the website because its already in Google’s database.

“de-identified and anonymized” data – Sure. Internet Protocol address, browser type, browser version, unique device identifiers, and other diagnostic data do not have the client’s name attached – or any other PHI data. But so what – the data broker already has a database to readily reattach the client’s name when/if this information is provided.

"We may also collect information that Your browser sends whenever You visit this Website "

Well, I don’t know – does this mean they can capture anything else your web browser is sending out at the time you are connected to their website?

Cookies:
“Any use of Cookies – or of other tracking tools – by Us or by the owners of third-party services used by Us serves the purpose of providing the Service as requested by You.”

Hmmm… Slippery. We are requesting/consenting to anything they do as defined earlier in the document.

From: doxy.me/en/cookie-policy/
" Please be aware that some Cookies are required to use the Doxy.me Service; some are useful but not mandatory to measure and improve performance; and some are used for advertising or marketing activities that customize information based on your interests."

So – yes – they ARE using cookies to advertise and market to our clients.

They do at least promise not to pass along PHI or name information.

They may or may not be passing along the above information to 3rd parties, but my September 2021 investigation showed that their servers WERE contacting 3rd parties (some known to be data brokers / ad networks). SOMETHING was passed along.

– Michael

On 4/13/2022 5:24 PM, NAME REDACTED__ wrote:

Based on Michale’s recent post, I contacted the legal office at doxy.me to ask whether doxy.me does the following:

“Doxy.me reports out cross-site tracking cookies to at least 10+ different services including Google, YouTube, Facebook, LinkedIn, and Hotbot.”

The legal department directed me to their policies here:

doxy.me/en/privacy-policy/

Please look at this page, especially the sections labeled “If You are a Provider” and “If You are a Patient.”

I could not find anything to indicate that doxy.me shares cookies or any other information with anyone.

If anyone can find specific information to the contrary in doxy.me’s policies, please share.

Thank you– NAME REDACTED

..............
#psychology #neurology #socialwork #psychiatry @psychology @socialwork @psychiatry #mentalhealth #psychotherapists @psychotherapists #cookies #tracking #hacking #3rdpartytrackers #HIPAA #privacy #dataprivacy #webbeacons #telehealth #video #doxy #healthcare

HHS.gov · Use of Online Tracking Technologies by HIPAA Covered Entities and Business AssociatesThe Office for Civil Rights at the U.S. Department of Health and Human Services is issuing this Bulletin to highlight the obligations of Health Insurance Portab

This is Zoom's privacy policy. It is an amazing piece of legal engineering granting them the rights to buy, sell, and gather just about any data about business users they want -- including listing you in a Business or Professional Profile (the "directory"):

zoominfo.com/about-zoominfo/pr

This is their form to opt-out of all tracking in their database which they use to sell your information to 3rd parties. Somewhat ironically, this page won't work unless you turn-off Privacy Badger and Ghostery web browser plug-ins:

zoominfo.com/privacy-center/up

If you use Zoom at work through a business account and don't wish to be listed, consider opting out. They are also collecting information from around the Web outside of Zoom apparently to help build out your profile.

#psychology #neurology #socialwork #psychiatry @psychology @socialwork @psychiatry #mentalhealth #psychotherapists @psychotherapists #cookies #tracking #hacking #3rdpartytrackers #HIPAA #privacy #dataprivacy #webbeacons #videoconference #televideo #telehealth #zoom #databrokers

ZoomInfoPrivacy PolicyUpdated: July 25, 2022Effective: August 1, 2022 ZoomInfo understands that you care about how information about you is used. This Privacy Policy (the “Policy”) explains how we process personal information, including information pertaining to business people (“Business Information”) and all other types of personal information through our online services (the…

TITLE: GHOSTS IN THE MACHINE

m.youtube.com/watch?v=VA4e0Nqy

This has been out for a year, but I had not seen it.

This is supposedly put out by the the US Army's PSYOPS (Psychological Operations) unit out of Fort Bragg.

**The video is intended as a recruiting tool.**

Well -- it's creepy -- I'll give them that.

I suppose if we want recruits angry and ready to do anything to manipulate the world -- it is successful.

And I find myself both getting angry towards the end, AND trying to catch what subliminal messaging they are inserting.

Hmmm... I'm giving away too many of my psych battery answers to their exam, aren't I?

What do you think about this kind of recruiting, assuming that is what it is?

Fair warning -- It is disturbing, threatening, and creepy.

m.youtube.com/watch?v=VA4e0Nqy

Michael Reeder LCPC
Baltimore, MD

 #psychology #neurology #socialwork #psychiatry @psychology @socialwork @psychiatry #mentalhealth #psychotherapists @psychotherapists #PSYOPS #goarmysof #manipulation #creepy #army #armyrecruiting #recruiting #creepy #war #weapons #USA #cyberwar

TITLE: Confusion in Text Messaging, Encryption, and HIPAA

A therapist colleague of mine contacted Ring Central (a video and
telephone platform that provides HIPAA BAA subcontractor paperwork upon
request) with questions about their messaging capabilities and
encryption.  They were looking for a compliant way to text message with
clients.  The support staff directed them to this article:

support.ringcentral.com/articl
<support.ringcentral.com/articl>

At first glance, the article would seem to make messaging with clients
golden as a good level of encryption is described and the therapist has
a HIPAA BAA with Ring Central.  Right?

Wrong.

A few different topics are getting confused here -- smart phone SMS text
messaging, messaging within Ring Central apps and websites, and HIPAA
BAA subcontractor agreements.

With SMS text messaging by phone it will never be HIPAA compliant (even
if the therapist sends it from within Ring Central) because the client
will get the SMS text message unencrypted on their smartphone.

Messaging within the Ring Central apps and website *IS* at an excellent
level of encryption -- but won't be covered by the therapist's HIPAA BAA
agreement unless the people messaged are also part of the therapist's
company account or are other therapists with their own Ring Central
accounts with HIPAA BAA subcontractor agreements.  This will rarely if
ever cover therapy clients.

This gets confusing.  So -- for example -- when I go into my Ring
Central account online and click on "Message" I'm invited to email a
messaging link to anyone I choose.  So far so good.  But when that
person (like a client for example) goes to that messaging link, Ring
Central REQUIRES them to sign up for their own FREE Ring Central
account.  That FREE account WILL NOT be covered by a HIPAA BAA
agreement.  So the messages sent to them (inside a Ring Central app or
website) will be encrypted but not HIPAA compliant.

Similar problem with Ring Central video conferencing.  As long as the
client DOES NOT sign in with their own free account -- and instead goes
to my anonymous video link -- it will be covered under my BAA agreement
with Ring Central.  However, Ring Central invites clients to sign up for
their own FREE account in order to video conference with me.  If the
client makes that mistake, then its no longer a HIPAA compliant video
conference session because only one of our two Ring Central accounts is
covered by BAA.

I sometimes wonder why this all is left in such a confusing state?

Of course, I'm not a lawyer, so do your own research too.
*
Michael Reeder, LCPC
*
*Hygeia Counseling Services : Baltimore / Mt. Washington Village location*

 #psychology #neurology #socialwork #psychiatry @psychology
@socialwork @psychiatry #mentalhealth
#psychotherapists @psychotherapists #pharmacy
#medicationchecker #drugs #druginteractions #cookies #tracking #hacking
#3rdpartytrackers #HIPAA #privacy #dataprivacy #webbeacons#RingCentral
#VoIP #telephony

support.ringcentral.comarticle-v2RingCentral support featuring knowledgebase documents, videos, and community.

Doctors and psychiatrists -- I'm doing a bit of research for a psychiatrist I know.

Are there any e-prescribing platforms (EHRs) for the United States that have a time delay function as to when they send the scripts?

I'm told that ADHD meds (and other similar controlled substances) have to be e-prescribed ONE at a time with no refills. This is making doctors who normally see a client, say, once every three months have to remember to send in the scripts once per month. Wanting a system that lets the doctor program the computer system to electronically send the scripts spaced out once per month without further manual intervention.

Thanks for any and all leads.

-- Michael

@psychiatry @psychology @socialwork @psychotherapists @psychotherapist #doctors #psychiatrists #psychologists #e-prescribe #EHR #psychologists #socialworkers #psychotherapists #mentalhealth

TITLE: Opposed by Iowa Psychological Assn, Interstate Compact for Professional Psychologists Fails to Advance in Iowa House

Thank you Dr. Pope

---- Forwarded----

The Times Delphic includes an article: “Interstate compact for professional psychologists fails to advance in Iowa House.”

Here are some excerpts:

House File 24 would have allowed Iowa to join the Psychology Interjurisdictional Compact, otherwise known as PSYPACT. The compact allows psychologists to work freely across state lines in the 33 states that currently participate. Seven more states, including Iowa, are currently considering legislation that would allow them to join.

Spurred by a renewed push for the expansion of mental health services during the pandemic, PSYPACT was launched by seven states – including Nebraska, Illinois and Missouri – in July 2020. Minnesota, Kansas and Wisconsin are also participants.

“We don’t have enough psychiatrists, psychologists, social workers, nurses…we didn’t have enough before the pandemic, [and] the pandemic made it worse,” said Peggy Hupert, the Director of Iowa’s chapter with the National Alliance on Mental Illness (NAMI). “So, NAMI recognizes the crisis that exists, and we are going to be in favor of any legislation that aims to make it easier for someone to offer services in Iowa.”

Iowa Republican legislators have proposed bills addressing interstate psychological services multiple times since 2018. The bill was recommended for passage by the Human Resources subcommittee in 2020 but stalled in 2021.

“I’m interested in addressing some of the heightened need in services in addiction, mental health concerns,” said Rep. Michael Bergan, R-Dorchester, the author of the current bill and a licensed social worker. “We’ve seen an increase with the pandemic in anxiety and depression.”

<snip>

While other professional fields like nursing established interjurisdictional compacts years ago, mental health professionals are largely confined to practice in states in which they are licensed.

As it stands, psychologists licensed in another state cannot provide services in Iowa, even via telehealth.

PSYPACT would impact the nearly 29% of U.S. mental health professionals considered clinical and counseling psychologists, according to the latest available data from the Department of Labor’s Bureau of Labor Statistics.

Compacts for social workers and counselors – the next largest categories of mental health professionals – have also been proposed in legislatures across the country, including the Iowa Senate, but no state has approved either compact.

<snip>

As of this writing, NAMI Iowa and Wellmark Inc. are the only organizations registered in support of the bill.

Representatives from the Iowa Psychological Association (IPA), the only organization registered against the bill, expressed concern that PSYPACT makes it harder for psychologists to be held accountable for cases in which a patient discloses that they plan to end their life, hurt people in a public area or engage in other harmful actions.

“PSYPACT oversight does not require that psychologists practicing across state lines follow the regulations of the state in which their patients reside,” wrote Nicole Keedy, former IPA president, in an email to Rep. Shannon Lundgren, R-Dubuque.

“Therefore, within this compact, Iowans could receive services from psychologists who would not be required to report abuse or to warn others of threats to their safety.”

<snip>

Though the IPA recognizes the plight of college students and frequent out-of-state travelers, according to lobbyist Amy Campbell, they don’t believe PSYPACT is the solution.

“We have member psychologists that work in university clinics and were frustrated that they could not maintain connection during the pandemic, or similarly, we share concerns that someone could not continue to see a therapist from their home state via telehealth,” Campbell said. “I think we just see other options to making this happen. Some universities have contracted with a national telehealth group to provide on-campus and back-home services [and] our board of psychology makes it very easy, very fast to get licensed.”

Dr. Paul Ascheman, the State Advocacy Coordinator for the IPA, said the association would support a compact that requires psychologists to adhere to the regulations of the state in which their patient resides, such as the newly introduced Counselors Licensure Compact currently making its way through the Senate.

As the professional association representing those impacted by the bill, Hupert said the IPA has an outsized influence on its fate.

“If [a bill] has to do with professional licensure and who can practice – scope of practice, who can practice where and doing what – they’re gonna look to the professional groups, first and foremost,” Hupert said.

Ken Pope

~~

Merely forwarded by:

Michael Reeder LCPC

@psychotherapists @psychology #psychotherapists #PSYPACT #mentalhealth @psychiatry #abortion

#Research #Race Based #TraumaticStress : #CounsellingPsychologists , #psychotherapists , and #counsellors , 21+ (white therapists included...), with three years of experience working with diverse clients. All participants must have worked with #Black clients (in their caseload) who have experienced or described the phenomena associated with Race-Based Trauma Stress. emdrassociationevents.org.uk/c

www.emdrassociationevents.org.ukCalling for research on Race-Based Traumatic Stress – EMDR Events