Table of Contents

Quality patient care is necessary for your healthcare practice to stand out. Your patients move at a very fast pace and are very tech-friendly, which means they expect the same from their healthcare provider. A professional medical answering service is one way you can give your patients the care they may need when your office is closed for the day. You may think you have found the right service for your medical practice, but is your medical answering service HIPAA compliant?

What is HIPAA, and why is it so important?

HIPAA stands for the Health Insurance Portability and Accountability Act. It refers to laws protecting a patient’s privacy by keeping their personal information secure.

Who needs to comply with HIPAA?

All healthcare organizations and their business associates should comply with the HIPAA and the HIPAA HITECH (the Health Information Technology for Economical and Clinical Health Act). Medical answering services fall under the “business associate” category, meaning they must strictly comply with every HIPAA guideline while providing answering services to healthcare organizations, medical offices, and other companies in the healthcare industry that are trusted with patient information.

What does this mean for your medical answering service?

Your medical answering service should provide a safe and secure location (either online with software or offline in their physical office) for exchanging patient information. Every answering service agent must understand and comply with HIPAA regulations.

Anyone in the healthcare industry knows the significance of HIPAA compliance for protecting a patient’s health information, but there is no guarantee that your medical answering service knows about the guidelines. Below are some questions you can ask your medical answering service to see if they are HIPAA compliant:

Do they send protected health information (PHI) to your phone?

Most physicians are unaware that receiving a patient’s health information (like name, contact number, and health complaint) via an unsecured SMS or text message from an answering service violates HIPAA regulations. A text message is not safe for multiple reasons. Any information sent to your phone is not encrypted. Although a provider may use a password-protected phone, it does not prevent others from reading their patient’s medical information once it is unlocked. If your phone is stolen or accidentally left behind, it could be quite easy for others to gain access to sensitive information.

Do they email valuable patient information?

If your answering service sends an email with a patient’s medical information, you must ensure it is encrypted. An unencrypted email sent from one user’s computer to another is vulnerable to hackers. These emails not only put the patient’s information at risk but also reveal the identities of the sender and receiver.

Even though the answering service verifies that the message is encrypted on their side, he violates HIPAA laws if the information pops up on the doctor’s screen. As a physician, it is your responsibility to prevent such mistakes from happening.  However, many providers are unaware that this type of communication is not considered secure by HIPAA standards.

Overall, HIPAA compliance is an ongoing process. As a physician, you are responsible for ensuring that your medical answering service is protecting you and your patients in every stage of the communication process. If their service does not meet your guidelines, hiring a new company may be in your best interest.

Contact us if you would like to learn more about establishing a HIPAA-compliant answering service for your medical practice. We have provided superior quality call center services to healthcare businesses since 1967.

By Last Updated: November 21, 2022Categories: Blog2.9 min read