Very simply, you cannot afford to continue with your current answering service if they are not compliant. PatientCalls top-rated medical answering service is the most trusted business associate and industry leader among our HIPAA-compliant medical answering service constituents. We are proud to ensure PatientCalls provides the proper levels of security for our company, your practice, and all patients.
How HIPAA Affected the Healthcare Industry
The need to protect an individual’s personal health information gave rise in 1996 to the creation of HIPAA, or the Health Insurance Portability & Accountability Act. Since then, HIPAA, HITECH, and Omnibus regulations have forced the implementation of additional security and compliance methods for organizations handling personal health information. These have encompassed significant legal and technical challenges within the industry including medical and healthcare answering services.
The security and privacy of protected health information (PHI) were strengthened tremendously especially within the HITECH & Omnibus as it relates to HIPAA. Now, details of a patient’s medical condition, healthcare treatments, contact information, billing information, and incurred payments must be more secure and private than ever before. These regulations have fundamentally impacted how a patient’s information can be stored and transmitted.
Since September 2013, the responsibility to comply with HIPPA has shifted to include covered entities, as well as their business associates and subcontractors that handle PHI. Now, these entities share the same levels of liability as the organizations they serve. In fact, covered entities are fully responsible for performing risk audits of the business associates which they rely on to collect, store, and transmit personal health information.
The Impact of HIPAA on Medical Answering Services
Experts have dubbed PHI security the most expensive requirement within the HIPAA Privacy & Security Rules. These important regulations apply to medical answering services, which store and transmit PHI, and they have had major implications in terms of technological and procedural upgrades. For answering services, the costs involved with reaching compliance are high and making the required changes is time-consuming.
Legacy answering services had to rethink and redesign their storage and transmission procedures related to sending PHI to medical staff via text messaging, alphanumeric paging and e-mail. These traditional methods are no longer considered secure within the context of HIPAA-HITECH-Omnibus. In addition, medical answering services must now provide the proper levels of encryption, accountability, and password protection for all parties who access PHI both internally and externally.
How PatientCalls Ensures HIPAA Compliance
PatientCalls is consistently at the forefront of HIPAA / HITECH / OMNIBUS compliance and we partner with our clients to ensure that they meet regulations. Our company provides all the documentation and technological solutions that your organization needs for HIPAA-compliant medical answering services. With our assistance, your company is enacting the right security measurements to avoid costly fines and embarrassing non-compliance violations.
Auditing Requirements
As a covered entity, your organization must audit all business associates, including your answering service, in order to mitigate your risk of breaching HIPAA/OMNIBUS regulations. PatientCalls helps to organize those audits and assumes the required responsibility that your office demands of us. Additionally, our HIPAA Compliance Officer (HCO) implements stringent and frequent internal audits of our policies and staff members to ensure PatientCalls stays ahead of its competition within the medical answering service and call center industry.
Technology
We deploy exclusive and proprietary methods of encryption technology to securely obtain, store, and transmit all personal health information (PHI) in order to provide confidence for our covered entities.
Answering services are restricted from sending traditional e-mails that include PHI without identifying possible security limitations within the transmitting and storage network. In response to these requirements, PatientCalls has implemented specific security measures and the use of secure web portals for PHI retrieval.
SMS/Text Messaging
Text messages including patient information must be transmitted with the proper encryption and password protection. Despite the importance of mobile devices to our everyday lives, current cellphone carrier networks and mobile devices that support text messaging do not meet the security requirements for HIPAA compliance. To provide the same immediacy and convenience as traditional texting, we developed PatientNote, a HIPAA-compliant mobile message service app.