Phone Call & Conversation Metrics
At SETRICS, we are committed to protecting the confidentiality of our clients’ information, especially sensitive information such as names, addresses and medical histories. We comply with all business associate obligations under the HIPAA regulations, giving our covered entity clients peace of mind and convenience with patient phone communications.
SETRICS HIPAA Compliant Call Recording
SETRICS call tracking and recording platform allows healthcare providers to comply with HIPAA regulations by keeping precise and secure records of patient phone communications. HIPAA was created to protect the privacy and security of patient medical records, while maximizing the efficiency of patient medical record sharing with authorized parties. HIPAA phone communication standards are met by SETRICS’ compliant software by:
- Secure file data storage and transport with encryption and backup
- Privacy assured with administrative controls over user permissions
- Sensitive information monitored with detailed reports, alerts, and activity logs
HIPAA Security Regulations
Passed in 1996, the Health Insurance Portability and Accountability Act (HIPAA) deeply impacted how healthcare providers in the United States manage their client records. Title II creates and defines new processes and standards for maintaining and communicating patient information, and prescribes penalties for companies not in compliance with privacy and security requirements.
The security rule applies explicitly to Electronic Medical Records (EMRs). An EMR is any medical record stored in a digital format. HIPAA requires companies to have storage and security procedures for EMRs. Recording phone communications and safeguarding the data with the appropriate processes puts companies in compliance.
How can call recording be compliant to HIPAA standards?
First, achieving proof of compliance by keeping precise records of patient phone communications. SETRICS’ call tracking and recording platform features guarantee the security and privacy of medical records while enabling efficient and compliant records transmission and sharing.
SETRICS’ call tracking and recording platform will protect and secure sensitive information:
User Activity Logging:
Monitor and track information privacy by knowing exactly who logged in and what they did in SETRICS’ platform.
User-Level Security:
Administrators can set user access for who can listen to calls, email calls, and download calls to protect patient confidentiality.
Application Security:
The call tracking and recording platform and its application, including its data storage, operates within an ISO 27001, PCI DSS Level 1, FISMA Moderate hosting facility.
Client Browser Security:
Internet access to the SETRICS application uses industry standard Secure Socket Layer (SSL) technology. Information is protected using both server authentication and data encryption, ensuring that data is safe, secure, and available only to registered Users in the client organization.
File Encryption:
Call recordings are captured within our telecom infrastructure and uploaded via SSL encrypted transport to our cloud storage where the files are encrypted with a multi-factor AES-256 encryption.
Data Redundancy, Disaster Prevention and Backup:
Data redundancy and multiple server caches are employed for backup and data recovery. Servers that house call recording data are backed up nightly.
User Access:
SETRICS employs system-user identifiers and each user is granted a unique username and password that must be entered each time a user logs on. Passwords are auto generated and are accessible and retrievable only by the individual user.
Data Integrity:
Call recording sound files cannot be deleted or edited by users. Users can highlight portions of calls with tagging and add clarification with comments.
Client Responsibility with SETRICS and HIPPA
SETRICS’ call tracking and recording platform is HIPAA compliant in its technology capacities and enables covered entities to prove HIPAA compliance by creating Electronic Medical Records of patient phone communications and securing the privacy of these EMRs.
However, the use alone of SETRICS’ call tracking and recording platform does not in itself make a company HIPAA compliant: covered entities must set up HIPAA compliant internal policies and procedures and can use SETRICS as a tool to carry out these operations. HIPAA compliance is the sole responsibility of the covered entity. SETRICS bridges potential gaps in recordkeeping and can be used by any healthcare organization in conjunction with text and image-based Electronic Medical Record solutions.
In Partnership with SETRICS
SETRICS uses technology partners to supply some features and elements of its platform. The call tracking, recording and conversation metrics are a feature set that is provided by SETRICS and its technology infrastructure partners.
