hipaa
Differences
This shows you the differences between two versions of the page.
Previous revision | |||
— | hipaa [2023/12/27 16:02] (current) – [HIPAA COMPLIANCE] jim | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | =====HIPAA COMPLIANCE===== | ||
+ | {{: | ||
+ | Ring-u is neither claiming HIPPA compliance, not denying that it is HIPPA compliant. Such compliance is a mix of technologies that ring-u can control, and procedures and usage that ring-u can not control.\\ \\ | ||
+ | As with our upstream provider, it is our position that we fall under a " | ||
+ | |||
+ | ====Secure Communications==== | ||
+ | All VoIP traffic is encoded and encrypted as far in and out of the call as possible. The other end of the call may not be. A call to a standard " | ||
+ | |||
+ | ====Local Storage==== | ||
+ | Other than call detail records (CDR) used for billing, ring-u and it's upstream providers do not store any data. Ring-u and its upstream providers do not record phone calls, store faxes, or store voicemail on their systems.\\ | ||
+ | **All confidential patient and business data is stored on the Hello Hub at your facility.**\\ | ||
+ | If a USB drive is attached, all recorded calls, voicemails, and faxes are stored on the USB drive.\\ | ||
+ | Ring-u staff does not have access to that data at your location. | ||
+ | |||
+ | ====Voicemail/ | ||
+ | If the Hello Hub is configured to convert voicemail and faxes to email, the Hello Hub will transport those emails using TLS (Transport Layer Security) v 1.2 to the receiving mail server. If your email server is considered HIPAA compliant, this function is also HIPAA compatible.\\ | ||
+ | **If your email server is not using TLS 1.2, or you are not sure, do not configure your Hello Hub to send voicemails or fax via email.**\\ | ||
+ | They can be retrieved locally via the phone. | ||
+ | |||
+ | ====Access/ | ||
+ | The ring-u control interface logs all access and what a client does when logged in. These logs are available via the reporting interface. It is the client' | ||
+ | |||
+ | ====Addressing Lore==== | ||
+ | There is no reason VoIP is or is not HIPAA compliant. It is at least as secure as a " | ||
+ | |||
+ | When using a ring-u Hello Hub, all calls in and out of your location are encrypted and spread over random ports. Your end of the connection is as secure as we can make it, and while not impossible to tap, it is much more secure than the typical analog or digital/ | ||
+ | |||
+ | Fax is not expressly HIPAA compliant. Fax is a 150+ year old analog protocol that on an analog phone line can be recorded, tapped and replayed. Doing fax over VoIP using SRTP and TLS-encrypted T38 digital transport makes it as secure as practical, as far as possible. The other end may be using plain old phone lines.\\ | ||
+ | Password controlled PDF's, encrypted emails and secure web interfaces are much more secure and practical.\\ | ||
+ | If your location has a JCAHO, HHS, or other audit, ring-u staff will gladly assist you with answering your auditor(s)' | ||
+ | |||
+ | |||
+ | ====References==== | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | //**note -** If you have specific questions, please ask. We'd love to help, and if there is a way we can address the technology issues for better HIPPA compliance, we will. | ||