By Sage Breslin, PhD, GoodTherapy CE Presenter

Senior man looking at his phoneAt a time when we are all “sheltering in place” in order to diminish exposure to and transfer of COVID-19, the urge to provide telehealth services is intense. 

And yet, is telehealth safe for all?

Is there a downside to providing telehealth services? What, if anything, can we do to ensure the safety of our clients?

Therapy in the Digital Age

We live in an age in which most people utilize some form of technology throughout the day, whether it’s a computer, internet technologies, a cell phone, an iPad, or even a fax machine. Unfortunately, many of the psychological therapies that have been developed have in their foundation the form of face-to-face contact that allows for therapist and client to access all of the senses present in the room, rather than just the verbal information.

Technology enables therapists to provide service across the world, in remote locations where other clinicians are unavailable, and in circumstances that may otherwise prohibit individuals from receiving care. But despite all of our advances, there’s something left to be desired in treatment of the individual using technology.

Maybe the pixelation of the screen blurs our ability to adequately perceive a client’s expression, or what we see of the client’s world is limited to what we are allowed to see—or perhaps in some cases, we can only access verbal and auditory data during telehealth services. There may be something inherently inadequate about the treatment we can provide using technology. Yet sometimes, it is the only strategy available for communicating with the client.

Using Technology to Transmit or Store Client Information: Tips for Therapists

Telehealth enables those with agoraphobia to receive desperately needed services that have, until recently, been unavailable unless a clinician was willing to make house calls. For those with physical limitations or those unable to access transportation, telemedicine is often accepted with deep gratitude. For those who live in remote areas or who travel for a living, treatment using technology can be a lifesaver. And, at a time when we are confined to our homes, it may be the only way to connect.

Communicating with your clients

It’s rare to see a landline sitting atop a desk these days: either for client or therapist. Cell phones, PDAs, iPads, tablets, and computers have largely replaced phones and faxes. As a result, communication that was once easily secured now carries inherent vulnerabilities to breaches of confidentiality for our clients.

More problematic is that often our first communication with a client is via email. Many resource networks enable clinicians to provide telephone, web address, and email information on their clinical profiles. Given the ease of a single click, prospective clients will reach out by email more often than not.

While the originating platform may be secured, as soon as we respond from our own email servers, we place the potential client at risk for a security breach, usually completely unaware of the dangers of our actions. Email encryption can enable more secure communication, as can firewalls and virus protection. But the use of cell phones (especially “smart” devices), whether for texting or talking, can carry security risks that may be downright difficult to resolve.

Once communication has been made with a prospective client, the informed consent process can begin, and the client can actively participate in the discussion about these issues. The client may opt to accept the risk associated with such non-secure modes of communication and thereby relieve the clinician (to the extent that this is possible) of the legal mandates, largely posed by HIPAA.

Even at a time when some states have relaxed HIPAA standards in order to enable clinicians to provide telehealth services, HIPAA is not just concerned with confidentiality; it also supports the autonomy of the client within psychotherapeutic practice. This means that an informed client who desperately wants to communicate through text or email may accept the risk and waive the right that the clinician is actively trying to protect.

Scheduling clients

Additional security issues may be evident if clients schedule their appointments with you utilizing scheduling software like Square or Google Calendar, or even if the practice management software that you use is insufficiently protected. True informed consent means you review all of these potential breaches to their confidentiality prior to the technology being utilized.

Maintaining electronic records

In the event that you maintain any form of electronic medical record, whether for scheduling, billing, or communication or progress notes, prospective clients must understand the risks that may accompany the technologies used in your practice. To the extent that you are able, use software to manage any potential security breaches.

Submitting electronic payments

While most merchant machines are now designed so that data storage is at a minimum and most users are required to pass an annual test ensuring that they are actively managing the security of their equipment, it is still important to inform your clients of potential risks when financial or PHI is transmitted electronically.

Submitting electronic billing

While most software vendors and billing platforms have incorporated methods to minimize security breaches, informed consent requires that your clients know the potential risks involved in your transmitting data electronically, especially when the information being disseminated includes their diagnosis(es).

To the extent that we are able, we must attempt to use whatever safeguards necessary to secure communication with clients and prospective clients.

About the Author

Dr. Sage Breslin

Dr. Sage Breslin is a licensed psychologist known for her innovative approach to trauma recovery. She is a professional speaker and published author of Lovers & Survivors: Living with and Loving a Sexual Abuse Survivor. In March 2020, Dr. Breslin presented Understanding and Treating Domestic and Interpersonal Violence, a 2-hour continuing education webinar hosted by GoodTherapy, available with 2 CE credits.



* This page contains at least one affiliate link for the Amazon Services LLC Associates Program, which means GoodTherapy receives financial compensation if you make a purchase using an Amazon link.


  1. Anthony, K., Nagel, D. M., & Goss, S. (2010). The use of technology in mental health: Applications, ethics and practice. Springfield, IL: Charles C. Thomas Pub Ltd.
  2. Code of ethics. (2015). American Association for Marriage and Family Therapy. Retrieved from
  3. Huggins, R. (2014, April 27). Emailing and texting security vs. The ACA Code of Ethics. Retrieved from
  4. Huggins, R. (2013, October 6). Clients have the right to receive unencrypted emails (and texts) under HIPAA. Retrieved from