What is HIPAA?
In short, the Health Insurance Portability and Accountability Act, or HIPAA, is a federal law that was enacted to keep health care information private and confidential. The rule focuses on limiting the use and disclosure of personal health information. By doing so, HIPAA protects and privacy of patients.
HIPAA
- Requires doctors to provide patients an account of each entity to which the doctor discloses personal health information.
- Allows relevant health information to be communicated securely between covered entities.
- Gives patients the right to access their medical records, and disclose only what they choose to.
What is Call Tracking?
Call tracking is the process of capturing information from a customer phone call. Collecting this information allows businesses to learn when peak calling times may occur. This leads to an overall improvement in customer service. Companies can also improve marketing efforts when they learn how customers found their number in the first place.
Why Do I Need HIPAA Compliant Call Tracking?
As an organization in the health care industry, you have to consider more than just providing exceptional patient care. While providing exceptional patient care should be a major focus, you also have to consider how to grow your business.
Call tracking reports will provide the phone number, location, and time of the call. When an individual calls a medical practice this information would now fall under the domain of personal health information. As such, this information would need to be kept confidential.
Health care organizations, and other covered entities, that want to utilize call tracking need to keep this in mind. Such entities have an obligation to keep protected health information secure and confidential. With this in mind, IVR Technology can help as we are a call tracking provider that understands the details of HIPAA compliance.
HIPAA – 20 Years of Protection
To mark the 20th year HIPAA was in effect. The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that it would launch a series of random HIPAA compliance audits throughout 2016.
In this new round of assessments, providers with fewer than 15 physicians would be included. Therefore any person or group that generates, stores, receives, or transmits PHI on behalf of the covered entity with which they’re affiliated would be subject to the audit.
Requirements of an HIPAA Compliant Call Tracking Provider
Any entity that works with personal health information is required to comply with the following.
Business Associate Agreement: Any business providing HIPAA compliant call tracking should work with you to complete a business associate agreement. A business associate agreement is a contract between an HIPAA-covered entity and an HIPAA business associate. Essentially, the document ensures that the third party safeguards your data in the same way you would as an HIPAA compliant organization.
Data Encryption: All data should be protected via SSL encryption. This establishes an encrypted link between your server and another server, allowing for the secure transfer of information. All of your call records, web visitor sessions and call routing records should also be stored in an encrypted environment.
Secure Transfers: Your call tracking provider should not transfer any protected information to a non-compliant external system.
Information Accessibility: Each user should have secure credentials that granted individual access to all reporting or call details. Sessions should be timed out after a period of inactivity.
Access/Modification Detail Reporting: HIPAA mandates that records be kept of any time protected information is accessed or modified. Reporting should be secure and accessible 24/7.
MD CALL
IVR Tech Group follows all security procedures set forth by HIPAA builds highly secure voice and text applications that are delivered within a single user experience. We offer a complete answering service product for the healthcare industry known are MDCall. MDCall is a Voice and mobile solution that simplifies patient to provider and nurse to physician communication.
IVR Tech Group follows all security procedures set forth by HIPAA builds highly secure voice and text applications that are delivered within a single user experience. We offer a complete answering service product for the healthcare industry known are MDCall. MDCall is a Voice and mobile solution that simplifies patient to provider and nurse to physician communication.