Why An HIPAA Compliant Answering Service is Important?

hipaa compliant answering service

When hiring an answering service, medical practices need a HIPAA compliant answering service.

By 2025 the Association of American Medical Colleges (AACA) is predicting a shortage of 46,000 to 90,000 physicians [1].

This shortage makes it critical for medical practices to find a solution that gives physicians and staff the time to care for patients. Physicians and staff are tasked with keeping patients healthy and their information secure. In their attempt to deliver a better patient experience, most doctors, clinics, and hospitals are deploying answering services for their patients.

These medical answering services relieve the internal staff at the doctor’s office from the burden of handling inquiring patients and allow them to focus more on the issues of the patients who are present at the facility.

Apart from this, there are many other benefits of a medical answering service, which are making them increasingly popular among the medical industry. However, it is very important that the company you choose to do business with is HIPAA compliant. If it’s not it could have a massive impact on those who use its services.

What is HIPAA?

The 1996 HIPAA or Health Insurance Portability and Accountability Act is aimed at protecting the privacy of the health information of patients shared with medical entities or institutions. Specifically, HIPAA Title II established national standards for processing electronic healthcare transactions. It also requires healthcare organizations to implement secure electronic access to health data and to remain in compliance with privacy regulations set by HHS. For this reason, any service that is utilizing or interacting with health data is required to be HIPAA compliant.

Learn more about the Health Insurance Portability and Accountability Act (HIPAA)

Importance of HIPAA compliance

The law treats every incidence of non-compliance to HIPAA in a very stern manner. If medical answering services are found non-compliant regarding HIPAA rules and regulations, heavy fines can be imposed on both the medical institution and the medical answering service providers. Depending on levels of negligence and severity of the impact, the financial penalty can range from $100 to $50,000 per instance of violation or per record that was subjected to breach of data security. The maximum penalty could lead up to $1.5 Million on an annual basis. In worst cases it could lead to imprisonment.

Learn more about HIPAA Violations Enforcement

Overlooked Business Practice that Violate HIPAA

Most cases of non-compliance occur unknowingly. People don’t realize storing data on devices such as laptops, flash drives, and phones that are not password protected opens them and or their organization up to HIPAA violations. There are many cases where data breaches have occurred due to a negligent or willful error of employees. This can certainly be halted with proper training, and enhancing physical and technical security measures.

To be regarded as HIPAA compliant, a medical answering service must adhere to specific requirements. These checkpoints are as follows:

  • Providers of medical answering services must employ a compliance officer who has the necessary training and credentials for the role.
  • Every customer service representative (CSR) is required to undergo the training required to be compliant with the rules and regulations of HIPAA. In addition to the initial training, the CSRs are required to attend regular workshops to keep updated with changes in the HIPAA regulations if any.
  • Employees and business associates should not store patient data on external storage devices such as CDs, laptops, phones, and USB flash drives.
  • Patient information must be stores in an encrypted format.
  • Transmitting text messages containing a patient’s personal health information not password protected or encrypted is prohibited.
  • Every vendor or subcontractor deployed by the medical answering service, who has access to the patient information, must sign a business associate agreement, which is basically a confidentiality agreement.
  • Automated notification systems are put in place to notify clients in the event of a data breach immediately.

Check with your current answering service to verify that they are HIPAA compliant. If you are looking for a medical answering service, ask them to share their HIPAA documentation. You need to ensure that you are dealing with a HIPAA compliant answering service provider. This will protect the practice from any case of non-compliance.


[1] AACM, 2015 – New Physician Workforce Projections Show the Doctor Shortage Remains Significant

About Unicom Teleservices

We are a professional answering service company located in Chicago, Illinois, with live agents 24 / 7 / 365. We never close.

For 25 years, Unicom has worked with companies large and small to discuss their needs. To understand their processes allows us to determine how we can deliver value.

Learn how Unicom is the top after hours answering services for medical offices.With Unicom, simply <a href=”https://www.unicomcorp.com/request-quote/”>request an answering service quote</a>. Together we can determine if there is a good fit to manage patient phone calls.