If you work in the medical field, then you know that keeping a patient’s personal information and other data secure is vital. But how does that apply when you hire an answering service to handle your office calls? Many doctors wonder if they must hire a HIPAA compliant answering service.
The answer to this burning question is “yes.” All medical offices, doctors, etc. that transmit and store a patient’s Personal Health Information, otherwise known as PHI, must meet HIPAA laws. As such, you must make sure that you are using a HIPAA compliant answering service to handle all of your calls regarding your patients.
HIPAA Compliant Answering Service Must Pass Muster
Even if you are sure that you have a HIPAA compliant answering service, you need to make sure there are no security breaches or you could put yourself at risk for fines or other problems.
Some of the things you need to check for include unencrypted or non-password protected emails, texts or SMS messages that may contain PHI information, as well as they can’t send such messages via alpha numeric paging since these aren’t encrypted and could contain a patient’s phone number or name since these devices aren’t HIPAAA compliant storage devices.
Your Answering Service Must Have a HIPAA Compliancy Officer
Another thing to be sure of is that in order to be a HIPAA compliant answering service, it must have a named HIPAA Compliancy Officer. If not, you need to get a new answering service as soon as possible.
It also must have a Business Associate Agreement in place with all of its software vendors that have access to PHI data, whether it is stored or being transmitted. Any PHI information that is stored or transmitted must also be handled properly and destroyed as required by HIPAA law.
Remember that Doctors Are Liable for HIPAA Violations
One thing that some doctors may not realize is if they get any kind of message from their answering service that isn’t HIPAA compliant, they too could be liable. Even if the information is encrypted on the answering service’s side, if it gets to the doctor via text, etc. in an unprotected format, this is where the problem appears.
Therefore, it is vital to make sure that your answering service is capable of protecting HIPAA data on both ends. You may want to look into the various apps that are available that aid in ensuring HIPAA security for mobile devices. All in all, it is important to ensure that a doctor’s office has a HIPAA compliant answering service in order to protect your patients and yourself.
