All right guys, you know we’re always as good as our word.
As promised, here is the final Imagicle post on the innovations made on the compliance side, with focus on data protection regulations and the adjustment of the Call Recording solution to HIPAA(Health Insurance Portability and Accountability Act).
As we explained in the previous post, the HIPAA Privacy regulations require health care providers and organizations, as well as their business associates, to develop and follow procedures that ensure the confidentiality and security of protected health information(PHI)when it is transferred, received, handled, or shared.
Which, in short, involves paying close attention to many daily operations.
It is quite clear: this kind of legislation invests a wide range of subjects, and, consequently, the wide range of tools that these subjects use every day.
One of the most involved solutions – because of its application in many health-related activities and the amount of data it can convey – is call recording.
So, without further ado, let’s take a closer look at what Imagicle did to make your job compliant and worry-free, starting with exploring the potentials of the newly improved Imagicle solution for Call Recording.
As shown in the video above, Call Recording is the Imagicle’s solution for centralized call recording for Cisco UC platforms.
Easy to use, reliable and flexible, it’s dedicated to any company that needs to record calls either for critical services with legal requirements, for operator training or to keep track of important calls.
With two recording modes – Always On, where every single call is automatically recorded with no user intervention, and On Demand – Call Recording, other than on Cisco Phones, Cisco Jabber Desktop, and Cisco Finesse, is now available directly on Imagicle Attendant Console.
Simply, you can start and stop your recordings by pressing a button on your device for On-Demand mode (compliant with GDPR regulation), or pause and resume the recording to skip sensitive information, as credit card data (compliant with PCI-DSS regulation).
Nice, right? But we didn’t stop there.
The latest Release updates have made this solution even more useful and sophisticated. As well as Built-in Bridge Recording, Dial-In Recording and Network-Based Recording, today SIPREC (SIP Recording) is available. That’s ideal when analog phones or third-party IP Phones recording is required, allowing to centralize all recording data into a single data center, even with multiple branches.
Call Recording: ready for every technology
SIPREC feature supports media recording for Real-time Transport Protocol (RTP) streams, with CUBE acting as the Session Recording Client.
Supporting recording of any kind of device behind the CUBE, SIPREC enables centralized recording in a multi-site scenario without any additional bandwidth consumption in the remote sites. It works for external (offnet) calls, both incoming and outgoing.
Wait, no CUBE? In case there is no CUBE for PSTN access, you can include one in your UCM configuration to anchor the calls for the devices you need to record.
Best practices to ensure HIPAA compliance.
HIPAA sets the standards for the storage and privacy of personal medical data, specifying how they must be shared across the U.S. health system in order to prevent fraud and abuse.
HIPAA’s Privacy Rule protects all individual health information, which is defined as “any health information that is individually identifiable”, held or transmitted by a covered entity or its business associate, whether electronic, paper or oral. This includes name, date of birth, social security number, address, health status, and payment information.
It’s clear, therefore, why Call recording falls under HIPAA, which – hear ye! – can also be an advantage. Not complying with these standards, in fact, could result in possible civil or criminal penalties, but being able to demonstrate compliance during conversations, together with the ability to quickly access critical call records, sometimes can get you out of trouble.
Here are some best practices to ensure full compliance with the HIPAA:
Secure communications with the proper encryption.
Implement controls over customer databases to make sure that unauthorized employees don’t have access to them.
Get clear policies on the capturing, storing and accessing of patient health information
Monitor sensitive Information with Audit Log Reporting
The Imagicle solution to record calls allows you to meet each of these requirements.
Thanks to SIPS and SRTP protocols support, content and recording details are encrypted, and only authorized persons can playback the recording using a specific password, through a Web interface and from Jabber.
All the recordings are locally saved and indexed on the Imagicle server, using the MS SQL Server database in the Suite or an external server, keeping all the security settings and conversation policy.
Besides recordings watermarking and audit of user access, compliance is further ensured by a variety of options to inform callers that their call is about to be recorded, depending on the recording method chosen.
Finally, thanks to the support of CURRI protocol, Imagicle Call Recording is now able to playback audio messages that are easily configurable from your Cisco UC system.
In the end, thanks to the appropriate tool, what seemed to be an obstacle to compliance with the regulation could turn out to be the solution.
Quite Imagicle, isn’t it? 🙂
HIPAA White Paper
Learn more about HIPAA compliance and Call Recording.
Download the White Paper and discover the potential of Call Recording, the perfect solution to record your calls in full compliance with the regulations.