Blog

Latest updates from Telmediq

Home / Blog / Why Voicemails that Contain PHI are a Huge HIPAA Risk in Healthcare

Why Voicemails that Contain PHI are a Huge HIPAA Risk in Healthcare

Just about every IT worker, clinician, and administrative staff member associated with a healthcare organization is aware of the HIPAA Omnibus rule that came into effect in 2013.

Updates to the HIPAA Privacy and Security Rules have caused a scramble to secure communications such as email and text messaging. A number of products have since been introduced to the market, which provide a secure, HIPAA compliant way in which providers can quickly exchange text messages with the convenience of a modern texting app like iMessage or Whatsapp. Secure texting platforms are a great first step towards achieving HIPAA compliant communications, but are they enough?

What many administrators at hospitals and healthcare systems overlook is the fact that there are tens of millions of phone calls that occur every day between providers including doctors, nurses, and other clinicians throughout practices, hospitals, and healthcare systems. There are also huge volumes of patient calls to doctors and practices.
When a phone call goes missed, which is a common occurrence in healthcare, they often result in a voicemail, and with daily call volumes in the millions, one can only imagine how many voicemails a healthcare organization's phone systems receives. More often than not, voicemails contain Protected Health Information (PHI), which fall under the same privacy, security, and breach notification rules of HIPAA as other forms of communication. However, voicemails unlike other forms of communication, are not secured.

As the founder and CEO of a company developing solutions for secure communications in healthcare, we believe this is a critical issue that exposes healthcare organizations to potential breaches of PHI.

You don't have to search that far back to find examples of voicemail systems that have been compromised with far-reaching consequence. Case in point, in 2011 UK-based publication News of the World’s reporters were mired in a public scandal and accused of hiring a private investigator to hack into the voicemail of Milly Dowler to access private voicemails while she was still missing.

While online data and privacy breaches make headlines, it seems only a matter of time until a substantial breach of voicemails containing PHI becomes the next big privacy issue in healthcare.

Want to learn more about how to keep your phone calls and voicemails secure and HIPAA compliant? Contact us directly to learn more.

 

blog, HIPAA, Security