Medical Answering Service: HIPAA Compliant Medical Call Answering Services Made Simple by PatientCalls
medical answering service clients
med answering service
hipaa compliant sms text alerts
emr integration
security and disaster recovery
hipaa checklist
patientcalls blog
PatientCalls PatientNote Service

How HIPAA Has Affected the Medical Answering Service Industry

Every individual requires the proper care including excellent healthcare facilities and the necessary levels of security in order to enjoy a great quality of life and to have comfort in knowing their personal health information (PHI) remains confidential at all times.

Such confidentiality and the requirement to protect an individual's personal health information gave rise in 1996 to the creation of HIPAA or the Health Insurance Portability & Accountability Act. Since then HIPAA/HITECH/Omnibus regulations have forced the implementation of additional security and compliance methods for organizations handling personal health information which have encompassed significant legal and technical challenges within the medical and healthcare industries including medical and healthcare answering services.

The security and privacy of Protected Health Information (PHI) were strengthened tremendously especially within the HITECH & Omnibus as it relates to HIPAA. Therefore now, details of a patient’s medical conditions, healthcare treatments, contact information, billing information, and incurred payments must be more secure and private than ever before.

Put simply, these implemented rules have impacted how a patient’s information can be stored and transmitted and is precisely why call center providers and answering services thriving within the medical and healthcare industries had to perform heavy lifting in order to comply with past and current HIPAA regulations. Now, in short, there are legal and fundamental procedural differences between an answering service of past and a HIPAA Compliant Medical Answering Service of present. And you must be aware of all of the differences.

What makes these privacy changes so critical?

Experts have dubbed PHI security as the most expensive requirement within the HIPAA Privacy & Security Rules. Experts have done so because apart from improving patient privacy rights, such rules reinforce the government’s capability of enforcing a set of laws with healthcare providers and others professionally associated with them. Finally, the costs for answering services alone in order to comply with HIPAA have been very expensive and time consuming.

Prior to the Omnibus Ruling, Covered Entities assumed most of the responsibility in failing to comply with HIPAA regulations, however, after September 2013, all Business Associates and their sub-contractors who handle PHI have the same levels of liability as the Covered Entities they serve. However, Covered Entities are still fully responsible for performing risk audits of the Business Associates in which they allow to collect, store, and transmit personal health information. This can not be forgotten about.

As you can see, such changes in security requirements and fault liability was shuffled to all entities, now inclusive of medical answering services, which store and transmit PHI of which has had major cost consequences due to the required technological and procedural  upgrades to perform in order to comply with the September 2013 deadline

For reference, please review PatientCalls ePHI flow diagram (show the link or provide a small picture with link) for PHI storage and transmission points specific to a medical answering service and its clients which ensures PatientCalls' expertise and resolve in our HIPAA Compliancy.

How do these changes affect the traditional or legacy answering service?

Due to required HIPAA security, legacy answering services had to rethink and redesign their storage and transmission procedures specifically related to sending PHI to medical oncall staff, via text messaging, alpha-numeric paging and emailing because the these traditional methods are not considered secure within the context of HIPAA-HITECH-Omnibus. In addition, medical answering services must now provide the proper accountability and access logs for all parties whom access PHI both internally and externally.

At present, no medical answering service should be deploying any legacy methods to transmit messages that contain PHI and should have implemented specific methods which are inclusive of the proper levels of encryption and password protection to ensure PHI is not disclosed or intercepted during its transmission or accessed by unauthorized parties while being stored electronically. Such security requirements have given rise to secure web portals, secure messaging applications, and encrusting emails within encrypted paths between various recipients of PHI.

In order to safeguard privacy of patients and remain compliant with current HIPAA regulations when transmitting any form of electronic messages containing PHI, answering services are required implement the following;                     

Emailing: Answering services have been restricted from sending traditional emails that comprise of PHI without identifying possible security limitations within the transmitting network which includes the storage devices on both ends. New concepts include providing secure web portals for PHI retrieval or the implementation of additional security measures as PatientCalls has done.

SMS/Text messaging: If SMS/text messages include any patient information their delivery must also be secure, which includes encryption and password protection. The current carrier networks are not secure therefore current SMS technology also fails to offer the required security.

So when considering how mobile devices have transformed our methods of communication, the medical answering service providers have had a large task to overcome so it is imperative for you, the Covered Entity, to ensure and vet the proper medical answering service, like PatientCalls. PatientNote is our answer to securing PHI over SMS.

Mobile Devices: Some may think that mobile devices are secure simply because you can create a strong password for entry into the mobile desktop, however, mobile devices are not secure within the context of HIPAA. Therefore, you must be 100% certain that your medical answering service  is not sending data insecurely or that your staff is saving any PHI within the mobile devices. PatientCalls at no time asks you to store PHI on your mobile device and has taken the proper measures to help you become HIPAA compliant.

TLS Connections: As a data encryption protocol, TLS guarantees a portion of data security, however, standing alone, TLS does not comply with HIPAA, therefore, the medical answering service must be creative in their attempts to deploy TLS as a part of their security requirements.

As you can see the answering service industry has evolved in the following manner;

  1. Answering Service

  2. Medical Answering Service

  3. HIPAA Compliant Medical Answering

PatientCalls top rated medical answering service is the most trusted Business Associate and industry leader among our HIPAA Compliant Medical Answering service constituents and is proud to have the ability to accurately elaborate upon and to help educate our viewers and prospects of the shear necessity of ensuring your medical answering service is HIPAA compliant and to ensure PatientCalls provides the proper levels of security for us, you, and your patients.

After all, your medical answering service provides more hours of coverage for your office then your daily staff, so please do not waiver on your requirements to find and utilize the proper answering service.


Specialized HIPAA Compliant Medical Answering Service

Built from the ground up, specific for the medical industry, and with over 15 years of experience, was created to receive, process, and protect all Personal Health Information (PHI) obtained 24/7/365 while maintaining the highest level of quality and accuracy within the confines of your requirements. Custom call processing, advanced message scripting, and our unique real-time on-call scheduling and tracking provides the ability to determine how each call is processed, what PHI should be obtained, and the method of transmitting all information to and from your staff whether during the day with our secure emails and/or after hours with our encrypted SMS portal to view and respond in 2 way chats with our staff. Either way, our transmittal methods are all HIPAA Compliant.3

PatientCalls wants to help your organization drastically REDUCE your RISK and EXPOSURE to HIPAA VIOLATIONS. Therefore, you can make a choice to start the risk assessment and auditing process of your current answering service or you can choose to start with PatientCalls today and have confidence in knowing your path to HIPAA Compliancy is on the right track.

Click For Details


Letter Of Introduction - Vince McGlone, Director PatientCalls

I would like to welcome you in exploring PatientCalls’ online resources. Our team understands the time consuming task of searching for your new Medical Answering Service Provider, therefore, we ask to keep the following statement in mind during your vetting process;

 PatientCalls separates itself from the competition by evolving away from the old stigma of “just being the answering service” and morphs into becoming a Trusted HIPAA Business Associate and Expert Service Provider to all Covered Entities due to 3 unique reasons;


First and foremost; Have you taken notice that on many occasions our answers and reactions in conversation are dependent upon our physical identification of the other person? Or notice any difference in our tone when conversing with someone face to face versus emailing or texting?


Virtual types of communicating, such as, SMSing, texting, and emailing have become a necessity within today’s business environment and studies have shown that communicating by these methods heightens our expectancy of rapid responses, beneficially enhances our time productivity, but consequently increases stress and aggression and decreases compassion between interacting parties.


PatientCalls acknowledges the necessity as well as the pros and cons of virtual communications and our team maintains responsive, accurate, candid, and sincere demeanor at all times. This is imperative when considering these overlooked facts;


1.      In most cases, we assume the responsibility of providing preliminary patient care by processing your patients’ calls 67% of each weekday and 100% on weekends.


2.      Chosen time periods in which your organization utilizes PatientCalls creates a higher probability that we will handle a greater percentage of patient care emergencies than your front office.


Secondly; we educate by presenting simplistic and accurate methodologies which promotes trust and confidence, both being prerequisites for solidifying potential business relationships. PatientCalls dilutes the complexity of HIPAA guidelines by presenting simple facts and solutions answering your immediate and general questions. For example, we discuss general HIPAA definitions, such as, Covered Entities and Business Associates and provide a Visual Flow Diagram illustrating the relationship between such entities as it pertains to securing electronic transmissions of patient information (ePHI). In addition, we create a Graphical Competitor’s Checklist Tool for auditing your current answering service provider and PatientCalls.


Lastly; PatientCalls develops and offers common sense HIPAA secure solutions which are cost effective and logistically efficient. Due to the vast expansion of the smart phone and tablet markets, security of patient information is paramount when considering more than 50% of all breaches are due to the theft or loss of storage devices. And because smart phones have been assimilated into the daily workplace, PatientCalls acted responsibly to secure patient information delivered to smart phones and tablets by developing and offering PatientNOTE, our free SMS solution. In addition, now that Google and Microsoft committed to HIPAA compliancy, our team took the initiative to integrate with Gmail, Office 365, and various other 3rd party HIPAA secure products, such as, OnPage and Tiger Text. PatientCalls is now able to offer the most available secure solutions of any other medical answering service provider serving as a valuable asset for any medical organization, private practice, hospital, hospice, homecare agency, visiting nurse, and various healthcare networks.


In reference to our HIPAA responsibility of mandating secure solutions, I would like disclose an occurrence originating from our initial and internal HIPAA Risk Mitigation Analysis. The legacy Alpha-Numeric paging network is unequivocally considered un-secure due to lack of encryption and password protection in transmitting electronic information. PatientCalls immediately contacted those Covered Entities utilizing this antiquated technology to implement an alternative secure solution which was met with resistance. Unfortunately, some customers refused to shelve Alpha-Numeric pagers, which presented PatientCalls with no option other to forcibly terminate those customers from our service and to notify the Covered Entities of their possible breach points.


Hopefully, our resolve to terminate customer relationships based upon non-compliant actions promotes confidence for your organization in acknowledging PatientCalls’ integrity in maintaining our HIPAA compliancy. And if you are currently utilizing legacy Alpha Numeric pagers, texting, and emailing, please be sure to audit your process as required by HIPAA requirements and feel free to contact the PatientCalls team if you require help or guidance.


In closing, PatientCalls takes the responsibility of becoming your HIPAA Compliant Medical Answering Service and Business Associate very seriously. We will mitigate our collective risk and support your organization with the utmost care, quality, accuracy, and professionalism.


Thank you for your time and consideration. I am truly excited of our mutual opportunity of working together in the near future.


Best Wishes in your quest of HIPAA Compliancy,


Vince McGlone
Director, PatientCalls

HIPAA Compliancy Officer


Testimonials From Our Medical Answering Service Customers

“We have been clients for 10+ years and have been satisfied with their professional handling of our patients. Problems are resolved quickly and efficiently. They are respectful and caring in their dealings with both patients and staff.”

Maryellen Cannery, Practice Manager 
Mercy Internal Medicine Associates

“We have always appreciated their excellence in the customer service they provide our practice.”

Leslie Coleman, Practice Manager 
Dr. D'Angelo Offices

PatientCalls Complete Inbound Medical Answering Service Solution
First-responder 24-hour medical messaging Appointment setting and call patching
Appointment scheduling Doctor-to-doctor consultation calls
Physician referral(s) Prescription dispatch
On-call management Lab results protocol
After Hours Emergencies Stat And Routine Consults
      Click for more healthcare specific call center services

With just a few minutes of your time, you can experience PatientCalls top rated answering and paging services tailored specifically to the needs of your healthcare organization.

Try PatientCalls Medical Answering Service! Call 1-866-333-7922


Toll-Free Number: 866-333-7922
PatientCalls logo

Serving the medical community for over 15 years.

Patientcalls Clients

Privacy Statement HIPAA Compliance Statement

Top Rated - PatientCalls Medical Answering Service