What Does It Mean For a Medical Answering Service to be HIPAA Compliant?
In a detailed study to the medical answering service industry, it was very clear that healthcare call centers and answering service companies were atrociously under-educated with regards to the security safeguards that HIPAA requires to be implemented to protect patient information, many answering services stated that they did not know what HIPAA specifically requires from them or for matter what it even refers to. The study concludes that only a small portions of all US based medical answering services are truly, by definition, 100% HIPAA Compliant. Due to the sizable software upgrades many call centers have just elected to ignore their responsibilities. Every healthcare practice should make it a priority to determine if their medical call center is able to adequately meet these important guidelines. Simple stating they are HIPAA compliant will not do, so be sure to ask for specifics as to what they have done to comply.
HIPAA Compliant guidelines require the medical answering service to employ proper training and security of transmitting patient healthcare Information (PHI) by fax, email, and text messaging. If any medical answering service references any individual HHS guideline ask them for details in writing. The personnel at Health & Human Services (the government agency enforcing HIPAA) require much more security than that and the represented hospital or practice is responsible for their suppliers’ actions if a breach of PHI has been encountered, this includes your medical answering service provider.