How HIPPA Compliant Is Your Answering Service?
Even since 1996 when the Department of Health and Human Services established the Health Information Portability & Accountability Act (HIPAA), anyone dealing with a patient’s private medical information must take measures to protect the privacy of the patient. Every form of communication must be guarded to prevent patient health information (PHI) from being available to anyone but the patient, his or her authorized representative, and pertinent medical persons. This directive poses special challenges to third parties such as answering services who are hired to facilitate communication between doctor and patient.
Rite Response Is Committed To Maintaining Patient Privacy
In a technological age, keeping PHI private is about much more than refraining from indiscrete conversations about a patient’s health issues to colleagues; all phone, text messages, emails, faxes, or internet must meet HIPPA standards as well. As a medical provider, when you hire an answering service to handle communication, you must verify that the service has systems in place to ensure privacy.
The advantage of working with Rite Response is that our personnel know the dynamics of the medical field and observe the letter of the law regarding HIPAA.
Protecting PHI In A HIPPA Compliant Manner
Here are some things to consider when selecting an answering service.
Are employees trained in HIPPA compliance? Workers who deal with medical records or who talk with patients should know the current rules about HIPPA privacy. Medical organizations can be heavily fined for violating HIPPA laws, even if a contractor for the facility violated confidence. It is important that any answering service you choose has ongoing training in the latest HIPPA updates for its workers.
- Does the company pass information to you via pager? Alpha and text pagers are not secure as the data sent using them is not encrypted. Anyone with access to the radio broadcast can intercept the information. Since pagers are not password protected, a lost or carelessly disregarded pager could reveal PHI to anyone who looked at it.
- How is text messaging handled? Compliant text messaging must be only sent from phones with a secure text messaging app, as standard text messaging is not secure. Without the security app, messages can be intercepted by rogue cell phone towers, while text messages can sometimes be viewed even if the screen is locked.
- How is email secured? As with other types of messaging, email messages must be encrypted with methods such as TLS to prevent interception. All servers must be configured to support this technology. Alternatively, email scan be set up with a certificate obtained from a public or private certificate authority (CA) to ensure security.
- What physical and network security measures are in place for phone systems? Many facilities use VoIP equipment that employs the internet in transmitting calls. While no encryption may be needed on the phone line, it is important the lines be secure and that voicemail is only accessed by the intended recipient. All phone software should be up to date.
Rite Response Uses HIPPA-Compliant Technology
In selecting Rite Response for your health-related business, you are choosing a company with a strong commitment to state-of-the art technology with all the proper encryption tools in place. To learn how we can assist your operation, fill out the contact form on our website or give us a call today at 866.828.RITE or 713.868.7500.