Telzio provides automated phone systems for doctors’ offices that are HIPAA compliant and feature-rich. Features like auto attendants, call queues, and virtual fax facilitate incoming calls and documents for busy medical offices. In this article, you’ll learn about these features, and important rules for setting up a HIPAA compliant phone system.
Healthcare providers have a responsibility to apply higher standards when choosing the best phone system for their medical practice. HIPAA phone systems from Telzio keep calls, text messages, and faxes secure, and there are additional steps you can take to be diligent on your part. In addition, Telzio gives you easy-to-use tools to provide great customer service as part of continuing patient care beyond the exam room.
Dos and Don’ts with Your Phone System
Here are some important tips to keep in mind as you set up a phone system for your medical office.
- Choose a HIPAA Compliant phone service provider
- Request a BAA (Business Associate Agreement)
- Put data retention tools to use
- Use strong passwords and enable 2FA
- Register your caller ID name
- Don't over-complicate auto attendants
- Don't keep callers on hold for more than 3 minutes
- Don't use analog fax machines for patient information
Choose a HIPAA Compliant Phone Service Provider
One of the first questions you should ask a potential telephone provider is whether they are HIPAA compliant. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the US Department of Health & Human Services to create security rules for healthcare providers and their business associates to protect medical information. Essentially, anyone who holds or transfers protected health information in electronic form must follow these HIPAA compliance rules. This includes your phone service provider.
Request a Business Associate Agreement (BAA)
Your phone service provider should meet the conditions and offer a HIPAA business associate agreement (BAA), which outlines their responsibilities as a HIPAA compliant provider. Calls and voice messages may contain customer electronic personal health information (ePHI). That also holds true for email and fax.
This is what essentially makes a phone service provider a business associate under the HIPAA Privacy Rule. The storage of voice, email, and cloud fax messages is one of the services that the provider makes available to the doctor’s office. Under HIPAA this classifies because of the potential for ePHI.
As a HIPAA compliant phone service provider, Telzio meets the HIPAA security rules and has the systems and knowledge to meet the liability conditions when signing a BAA for your covered entity. Simply request the BAA from us and you’ll have it the same day.
Implement a Data Retention Policy
Healthcare providers should have data retention policies to govern how all records and communications are retained for legal and audit purposes that may arise. Because healthcare phone systems store call records, voicemail, and faxes that containt patient data, it’s imperative that you have the data retention tools necessary to stay HIPAA compliant. These patient-to-provider, provider-to-patient, and provider-to-provider communications may include ePHI.
Data retention procedures may include how long records should be kept. For example, you may have a policy to delete certain types of files after X number of years. When it comes to your phone records, Telzio provides easy-to-use data retention tools that allow you to automate these processes and maintain compliance.
Related: Data Retention Tools for Your Phone System
Secure User Credentials with Strong Passwords and 2FA
Currently, 81 percent of all breaches are caused by stolen or weak credentials according to the 2019 Verizon Data Breach Report. To protect patients’ health records, many organizations have turned to two-factor authentication to maintain data security. The goal is to go beyond passwords and add something unique to the user that makes it harder for hackers to spoof.
To make sure that mobile phone theft or bad actors cannot gain access to your phone calls and voicemail, your office phone system should have Two-Factor Authentication (2FA) enabled for all users. Telzio makes 2FA an easy process to implement and ensure your phone services secure.
Register Your Caller ID Name
Updating your caller ID name so that it shows the name of your medical practice is a given. It would be unprofessional and confusing for patients and other healthcare professionals to receive a call from you, but see a different name on the caller ID.
By displaying the name of your practice as part of your caller ID, you can cut through the clutter of general calls that your patients are receiving. This helps your staff call out about appointment reminders in a way that ensures they will see the name and know its importance.
Telzio enables you to customize your caller ID name (CNAM) on your phone numbers, which works when you call out from desk phones (VoIP phones) and cell phones (Telzio Mobile App). You can choose up to 15 characters to be displayed as your caller ID name, and it’s as easy as submitting a simple form through the Telzio website.
Related: CNAM - FAQs about Caller ID Name
Keep Auto Attendants Concise
An auto attendant is an efficient way to route incoming calls as well as provide information to callers. This saves your staff time so they can focus on patients in the office.
Depending on how busy your medical practice at any given time, it isn’t always possible to answer every call live. An auto attendant can greet your callers and keep them on a brief hold until a staff member is able to answer the phone. A clear and simple greeting is best. A concise phone menu gets callers to the right place quickly, without frustrating them with too many options.
According to our VoIP usage survey , the average auto attendant for a small business contains 3 options and lasts for 15 seconds.
Provide callers with only the options they need, and nothing else. This requires some thought on your part when setting up the auto attendant about what quickly and painlessly gets your patients to the people and information they need.
With Telzio you can type out your script and use a life-like automated voice to announce your greeting. Through the online portal, it’s easy to setup and modify your auto attendant anytime. This means you can always provide current information for patients calling in, and you don’t have to wait for a technician to update it.**Related**:[How to Create an Auto Attendant in 5 Steps](https://telzio.com/blog/how-to-create-an-auto-attendant)
Use a Call Queue to Manage Hold Times
The truth is that any amount of time on hold can frustrate callers. Having busy phone lines is expected for a thriving practice, and there are ways you can manage the caller experience to keep patients happy.
With Telzio, you can route calls from your auto attendant to call queues, which keep callers on hold until the next agent is available to answer the call. Call queues enable you to manage your own contact center in-house. You can customize queues so that callers will hold for a maximum period of time, before moving onto an announcement, voicemail, or answering service.
In addition, you can get detailed information on hold times, missed calls, and other call analytics on your phone lines. You can use this call data to adjust your auto attendant and receptionist schedules as needed. Using the analytics and the flexibility to customize your call queue system with Telzio, you can optimize the caller experience on busy phone lines.
Upgrade to Internet Fax
It’s a common misconception that sending a fax over a landline is a safe method of transmitting sensitive data. Doctor’s offices should particularly avoid using analog fax machines due to the sensitive nature of the information. As a general rule, sending a digital fax over your internet connection is more secure than sending a fax over a landline. Here's why.
It’s easy to intercept the phone lines feeding the fax. First of all, traditional fax machines leave patient information open to anyone with access to the fax machine area. And even if a perpetrator doesn’t have access to the fax machine, all they have to do is tap into the telephone box at the street level to intercept all your faxes.
With an internet fax service, faxes are routed online where data servers are offsite and difficult to hack. Telzio provides a virtual fax system that is part of your HIPAA phone system. All your fax documents are managed online through an easy-to-use portal. You can manage your faxes online, receive them by email, and upload documents from your computer for sending. You can even forward faxes to other staff members through the portal, without having to print the document. Using fax also reinforces the need for your healthcare phone system to be HIPAA compliant.
Related: How to Send a Fax Online
Cloud Based Phone Systems for Healthcare Providers
Telzio provides HIPAA compliant phones for therapists up to large hospitals. We work with healthcare providers of all sizes to transition to VoIP services, and our specialists have the experience to deal with the unique set of needs organizations face when implementing a healthcare phone system.
Request more information about Healthcare Phone Systems from Telzio.