On 6/24/14 8:17 PM, Ujjval Karihaloo wrote:
Hi Team Voiceops:
What is needed for an ITSP to be HIPPA complaint? Sounds like a really dark grey area!
Interesting Article here: http://www.linkedin.com/groups/Recommended-HIPAA-Compliant-VoIP-Services-224...
A lot of this is form-over-substance. It is far easier to tap an old-fashioned analog POTS line than to intercept a specific RTP stream on the fly, but as soon as "The Internet" is mentioned then there's a panic. Imagine this (true story): Specification written for a web-based system for sending messages to pagers worn by doctors. Pages and pages about VPN, SSL, triple-DES, certificates, etc. When the message is delivered with high-level encryption and security to the paging terminal, it is then decrypted and *broadcast over the radio* state-wide in plain text to the pager on the doctor's belt. But the transmission over the Internet absolutely positively had to be ultra-secure against eavesdroppers. -- Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV