Is Your Call Center HIPAA Compliant?

Is Your Call Center HIPAA Compliant?


Health-related businesses must carefully choose a telephone answering service (TAS) partner who has in-depth experience in the medical industry. Federal regulations govern how confidential patient health information (PHI) is transmitted/ These regulations also apply to third-party providers. Choosing the wrong TAS partner can have detrimental consequences for your practice. The Health Insurance Portability and Accountability Act (HIPAA) governs how to protect and store sensitive information. Non-compliance with sections of  HIPAA is a serious offense. It can result in hundreds of thousands of dollars in fines. It also jeopardizes your hard-earned credibility in the community.


As a result, you should not pick just any TAS provider to manage your patients’ incoming calls and messages. It is vital that you evaluate whether your virtual receptionist follows these five essential elements of HIPAA compliance:


Secure Text MessagingSecure Text Messaging

Standard pagers and text messaging applications transmit through unsecured towers. It is easy for thieves to monitor and intercept these. In order to protect patients’ privacy, HIPAA-compliant answering services must use an encrypted service that provides additional layers of protection with stringent password requirements to access files. A secure text messaging system must also deploy remote data wiping software that automatically deletes files after a pre-determined length of time. Implementing these additional safeguards means that your company is doing its due diligence to protect patients’ identities when sending PHI to on-call physicians.


Encrypted Email Servers

Like text messages, standard email servers do not provide the elevated security that  HIPAA’s HITECH Act regulations require. HIPAA-compliant answering service providers either utilize TLS encryption email servers or use S/MIME certifications, which both prevent personal messages from being illegally intercepted or modified.


Appointment Setting Protections

TAS providers do not generally store sensitive medical records. However, patients often reveal a tremendous amount of information about their health history when calling to set up an appointment. Additionally, agents may be require answers to specific personal questions to determine the best physician and time for the appointment. Hiring a HIPAA-compliant answering service ensures that any sensitive details shared over the phone remain confidential.


Real-Time Message Relay Pickup

TAS providers who specialize in the health industry will provide a secure portal for medical professionals to log in and pick up messages. Even when these relay messages do not contain sensitive information, they must never be stored on a personal smartphone, which violates HIPAA regulations. Endicott utilizes proprietary software that supports full confidentiality alongside simple ways to instantly retrieve messages in real-time. Our cloud-based message management system also allows medical professionals to quickly print messages, forward emails to colleagues or store file messages for later retrieval.


Employ HIPAA-Certified AgentsEmploy HIPAA-Certified Agents

Reputable TAS providers have a commitment to following all HIPAA rules. Every staff operator should be proficient in how those regulations apply to general callers, ongoing patients and medical practices. Every Endicott agent trains in HIPPA and HITECH procedures during the onboarding process. They are also recertified annually and receive ongoing training in the continually evolving best practices and regulatory updates.


As a full-service telephone answering service provider with in-depth knowledge of HIPAA regulations, Endicott supports health practitioners with a variety of communication tools. In addition to sending original notifications, our agents can escalate calls to emergency services, page other physicians for support and route patients to qualified problem solvers on staff. We can even deliver outbound support to follow up with patients’ concerns and quality of care.  Every caller receives immediate, compassionate service during every interaction.