What is HIPAA?
In short, the Health Insurance Portability and Accountability Act, or HIPAA, is a federal law that was enacted to keep health care information private and confidential. There’s a lot more to it & more of the details can be found here.
What is Call Tracking?
In case you’re not familiar, call tracking is the process of attaching a unique phone number to individual marketing channels to help collect data. This helps improve lead generation and proving ROI. More on call tracking can be found here.
Why Do I Need HIPAA Compliant Call Tracking?
As an organization in the health care industry, you have to consider more than just providing exceptional patient care. While providing exceptional patient care should be a major focus, you also have to consider how to grow your business.
Call tracking provides a pretty fool proof way for any business in any industry to collect the data needed to make better investments and earn new business. It will help you determine how to best market your health care organization to new customers and patients.
However, the decision to add call tracking into your business development strategy can’t compromise your ability to meet HIPAA’s minimum standards. Your organization still has an important obligation to keep protected health information secure and confidential.
Put the business aspect of your practice aside for a moment. Your patients trust you with very intimate parts of their lives. They share details of their personal live and medical histories over the phone and in person. If they ever felt as if that information could be accessed by just anyone or used inappropriately, they will be less likely to be honest, making it difficult – if not impossible – for you to provide your best level of service and care.
Health care organizations have to be sure that they choose a call tracking provider that understands the details of HIPAA compliance and have their own processes in place to help their customers achieve compliance.
How to Pick a HIPAA Compliant Call Tracking Provider
To ensure your call tracking is meeting HIPAA requirements, look to work with a provider that minimally offers the following:
Business Associate Agreement: Any business providing HIPAA compliant call tracking should work with you to complete a business associate agreement. A business associate agreement is a contract between a HIPAA-covered entity and a HIPAA business associate. Essentially, the document ensures that the third party safeguards your data in the same way you would as a HIPAA compliant organization.
Data Encryption: All data should be protected via SSL encryption. This establishes an encrypted link between your server and another server, allowing for the secure transfer of information. All of your call records, web visitor sessions and call routing records should also be stored in an encrypted environment.
Secure Transfers: Your call tracking provider should not transfer any protected information to a non-compliant external system.
Information Accessibility: Each user should have a unique set of log in credentials that grants them individual access to all reporting or call details. Sessions should be timed out after a period of inactivity.
Access/Modification Detail Reporting: HIPAA mandates that records be kept of any time protected information is accessed or modified. Reporting should be secure and accessible 24/7.
Maintaining HIPAA compliance is an absolute necessity for organizations in the health care industry. Achieving it should be viewed as an asset & an accomplishment, not a deterrent to business growth. By working with an organization that is capable of providing HIPAA compliant call tracking, you can meet your federal obligations while still taking advantage of the tools that help you grow your business strategically & smartly.