October 2016

FCC CONFIRMS RULES REGARDING HIPAA AND PATIENT TELEPHONE CALLS

The Federal Communication Commission issued a Declaratory Ruling and Order to clarify the rules regarding HIPAA and Patient Telephone Calls.

Are you among the many health care providers that have had trouble understanding these rules and how they comply with the Telephone Consumer Protection Act?   It has been more than 19 and 25 years since these acts were introduced; the FCC did issue a Declaratory Ruling and Order to help clear this up.

This ruling states that, if a patient provides a phone number to a health care provider, the provision of that phone number constitutes express consent to calls being made to that number, subject to certain HIPAA restrictions.  This consent applies to calls related to:  The provision of medical treatment, health care checkups, appointment and reminders. Lab test results, pre-operative instructions, post discharge follow up calls, prescription notifications and hospital pre-registration instructions.  You must also always provide your name and contact details as the health care provider.  It is also recommended to keep calls concise and limited to more than 60 seconds.  There is also a limit to the frequency of calls made to a patient with a maximum of 3 calls per week.  The content is still subject to HIPAA restrictions and can only be made for those purposed described above.  There can be no telemarketing, advertising or solicitation.

For more details on this ruling you can visit the FCC’s website: https://www.fcc.gov/document/tcpa-omnibus-declaratory-ruling-and-order

RingRx can also help.  We have designed a business phone system to help you stay HIPAA compliant by using professional grade encryption to keep your patient’s ePHI safe.

Is Your Healthcare Data Protected from Employee Hacks?

When we think of healthcare data security, we usually think of intrusions coming from outside our network. And that is a real and serious issue. But what if the intrusion comes from within your own organization? Is that a real concern?

IBM Cyber Security Intelligence Index

According to IBM’s 2016 Cyber Security Intelligence Index, it should be more than a nominal concern. It should be your number one concern, especially if you are in the healthcare industry. And don’t just think computer network. Phone systems for doctors are part of the data network that can be especially vulnerable.

IBM’s data showed that 60% of the attacks targeting secure data come from inside the organization or through the use insider information. Two thirds of those insider attacks are attempted with malicious intent. They weren’t accidents or errors; they were intentional attempts to hack into secure data.

Healthcare Tops the List

Of all the industries covered in the IBM report, the healthcare industry topped the list for cyberattack. Many of the attacks came through misuse of employee security credentials. Sometimes this was direct malicious intent of the employee, but often times it was the result of cyber criminals gaining access to security credentials via email phishing or malware. Stolen devices carried offsite was another source of internal security hacks.

Among IBM clients, there were an average of 3.4 of these types of events recorded each week in 2015. This was a significant increase over the number recorded in 2014. HIPAA regulations address this security issue. Unfortunately, most phone systems are designed for general business use and do not take HIPAA regulations into account.

How RingRx Can Help

RingRx was developed as a phone system for doctors. It is fully HIPAA compliant and secured with professional grade encryption. It is a Cloud PBX system, which means no expensive and disruptive onsite equipment installation. We provide simple, yet effective, data security to keep your data safe.

Download our whitepaper on
What a Phone Upgrade Should Look Like
Find out the shortcomings of "typical" solutions