On 6/25/2014 12:08 AM, David Wessell wrote:

The actual phone calls fall out of the realm of HIPAA. However voicemails, call recordings, and anything similar are all considered to be PHI. A vendor would need to be willing to sign a BAA and assume a large liability in fines if any PHI from the above is exposed.

dw

DW is correct. VM, efax, and other areas where the call which may contain ePHI should be secure and encrypted in storage. A Business Associate Agreement spells out responsibilities, so you could give one that in fact limits your liability. Much of the ePHI spillage is at the doctors' ends - the smartphones, speakerphones, transcription recordings, etc. Many HITECH experts claim the iPhone is the weakest link. - Peter

On Tue, Jun 24, 2014 at 11:51 PM, Alex Balashov <abalashov at evaristesys.com <mailto:abalashov at evaristesys.com>> wrote:

On 06/24/2014 11:17 PM, Ujjval Karihaloo wrote:

Hi Team Voiceops:

What is needed for an ITSP to be HIPPA complaint? Sounds like a really dark grey area!

The claim "we are HIPPA compliant".

-- Alex Balashov - Principal Evariste Systems LLC Tel: +1-678-954-0670 <tel:%2B1-678-954-0670> Web: http://www.evaristesys.com/, http://www.alexbalashov.com/

Please be kind to the English language:

http://www.entrepreneur.com/article/232906 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops

-- -- www.ringfree.biz <http://www.ringfree.biz> 828-575-0030

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops