According to research conducted by the Health Research Institute, more than 80% of healthcare professionals now communicate and access protected health information (PHI) via their mobile devices. However, that 80% is not always in compliance with existing HIPAA and HITECH regulations.
Medical centers, hospitals, healthcare providers, pharmacies, HMOs, and medical telephone answering services depend on Startel’s Solutions for Healthcare to communicate PHI and ePHI (electronic protected health information) securely, and protect their patients’ health information.
Why Startel’s HIPAA-Compliant Solution is the Right Choice
Our On-Premise and Cloud solutions provide the necessary administrative, physical, and technical safeguards to help healthcare organizations meet HIPAA requirements. These features, including role-based access controls, password authentication, encryption of data transmissions, audit trails of communications and more, are included in Startel’s solutions and developed to safeguard patient health information.
Startel completed its first, third-party HIPAA assessment in 2013, performed by Coalfire Systems, a leading independent IT security audit firm. In 2014, we performed our second annual security assessment with Coalfire and are happy to report that we were found once again to be HIPAA-compliant. In December 2015, we completed our third annual data security assessment and are happy to report we received a compliance posture of 91%. Coalfire’s findings and compliance reports distinguish Startel’s applications, including its On-Premise and Hosted solutions, as being in alignment with key regulatory standards and government requirements, including:
- The Health Insurance Portability and Accountability Act of 1996
- The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009
- The Final Omnibus Rule of January 2013
Startel’s Cloud Contact Center Solution is hosted in a state-of-the-art Tier III datacenter that has completed SOC 2 Type II and SOC 3 Audit Reports. Each client environment is configured in a “private pod” meaning that your agents log into your private application instance – where your messages are secured and encrypted. The encryption technology used to secure confidential information is the latest 256 bit AES encryption and is accessible only to authorized end-users.
Startel’s Solutions for Healthcare protect ePHI by:
- Controlling user access rights
- Requiring unique user ID’s and password authentication
- Logging all communications to create an audit trail
- Encrypting messages at 256-bit SSL
Startel has also taken the following measures to ensure compliance with the latest HIPAA & HITECH regulations:
- Conducted a thorough assessment of the potential risks and vulnerabilities related to the confidentiality, integrity and availability of ePHI touched by Startel and its solutions and implemented appropriate security measures.
- Implemented procedures to regularly review records of information system activity, such as audit logs, access reports and security incident.
- Identified a Security Official who is responsible for the development and implementation of the company’s security policies and procedures.
- Developed a business continuity disaster recovery plan, with documented data backup procedures, in the event of an emergency.
To learn more about Startel’s HIPAA assessment and compliance, contact us at firstname.lastname@example.org.