Phone calls are not in themselves HIPAA violations
- Get link
- X
- Other Apps
Phone calls are not in themselves HIPAA violations, as they are covered by the Conduit Exception Rule
- Which also covers fax transmissions (paper copies of PHI transmitted
by fax). VOIP calls are not excepted and neither are SMS messages.
As
has already been mentioned, the HIPAA Privacy Rule still applies and
the person to whom PHI is disclosed over the phone must be authorized to
receive that information. Care must also be taken to ensure that PHI is
not disclosed over the phone when other people are in the vicinity and
can hear what is being said.
Not in and of themselves, or else most doctor’s offices and health insurance companies would be unable to do business. However,
if someone calls purporting to represent a patient and you give them
that patient’s info without verifying their identity and authority, it
can be, so a covered entity would still need to be cautious.
Physical
and network security measures, as described in HIPAA guidelines,
require that business phone systems can process patient health
information safely over telephone lines. Consider a common medical
office scenario: the administrator on the phone taking patient's medical
or billing information writes it down on a piece of paper and, after a
busy day of multitasking, misplaces the note or, even worse, shuffles it
in with other patient information. The patient's personal information
is at risk.
A secure business phone system ensures HIPAA compliance
and protects your office from penalties and criminal prosecution. So
how do you know the phone system you use in-house is HIPAA compliant?
Among other rules, HIPAA standards require:
- Access control
- Audit controls
- Person or office authentication
- Transmission security
- Workstation security
- Device and media controls
- Security management process
If
you use VoIP, understand that anything transmitted across the web-based
platforms is not guaranteed to be secure, and carries a higher risk of
violating the recommended guidelines. As such, tools like Skype are
generally not recommended. Instead, opt for other secure landline
telephone systems that offer audit trails and backup capabilities,
breach notifications, and encrypted transmission of voice
communications.
- Get link
- X
- Other Apps
Comments
Post a Comment