Five Ways To Tell If Your Physician’s Answering Service Is HIPAA Compliant
If your business is in the healthcare industry and uses a call center to answer your phones, you’ll need to exercise caution. As you know, all medical businesses in this country have strict requirements under HIPAA that are meant to protect patients’ rights and privacy. These regulations also apply to services that your company uses, such as a medical answering service. Failure to comply could put your business in jeopardy. Here are just five ways to tell if your physician’s telephone answering service is HIPAA compliant.
Claims of Being “HIPAA-Certified”
A medical answering service might claim that they are “HIPAA-Certified, ” but you need to know what is behind those words. In truth, there is no official HIPAA certification that gives a company the green light to claim HIPAA compliance. A company acting on your behalf must have the right technology and programs in place to be truly compliant with all applicable laws.
Sending Encrypted Text Messages
Communicating by text message is popular, but it’s not a secure method of sending patient health information (PHI). Standard text messages are not encrypted, so a medical answering service that submits PHI via unencrypted text is not HIPAA compliant. The only way to submit PHI and comply with privacy laws is to use a secure text messaging app.
HIPAA Training Program Has to Be in Place
A large part of being HIPAA compliant is having the right training and guidelines for a business and its employees. If a physician answering service can’t produce a copy of their HIPAA program or tell you about their extensive training program, there is a good chance they are not fully compliant.
Sending Encrypted Emails
If your physician’s answering service sends emails about patient calls, they must be encrypted. If they are not, you are not complying with HIPAA rules. Emails are vulnerable to various threats, so all messages must have TLS encryption enabled to be fully HIPAA compliant. Another option is to use a S/MIME secure email to protect your and your patient’s privacy.
Using Unsecured Paging
A medical answering service that uses text or alpha paging is not HIPAA compliant for several reasons. The first is that data transmitted in this way isn’t encrypted. Also, pagers that receive these messages are not password-protected, which can compromise privacy. If using pagers, they must be HIPPA compliant pagers, or the company should avoid transmitting any sensitive patient health data.
HIPAA compliance is something to take seriously with your choice of physician’s answering service. The penalties for a HIPAA violation can range anywhere from $100 for an innocent mistake to $50,000 for a case of uncorrected willful neglect. Failure to comply with HIPAA can even result in criminal penalties if the Department of Justice becomes involved in the matter. Because of these potential issues, it’s more critical than ever to hire a medical answering service that is 100% HIPAA compliant.
If you are interested in learning how our HIPAA-compliant physicians’ answering services can help your business or have a free consultation, please call Answering365 at 888-588-9800.