Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that seeks to improve the efficiency and effectiveness of the healthcare care system, while also establishing national standards for privacy and security protections for health information. The following information regarding HIPAA is not legal advice and is provided for information purposes only. Axion Communications encourages you to seek legal advice from an attorney to obtain specific guidance-related compliance with HIPAA and the requirements applicable to your business.

HIPAA includes three primary rules:

The Privacy Rule

Establishes standards for the protection of certain protected health information (PHI).

The Security Rule

Establishes security standards for protecting the confidentiality, integrity, and availability of PHI held or transmitted in electronic form, otherwise known as electronic protected health information (ePHI).

The Breach Notification Rule

Establishes standards for notification following a breach of unsecured PHI.

HIPAA generally applies to health plans, health care clearinghouses, and to most healthcare providers. These are referred to as “covered entities.” Additionally, persons or entities (like Axion Communications) who perform functions or activities on behalf of a covered entity that involve access to PHI may also be considered “business associates” subject to certain HIPAA standards.

You can learn more about HIPAA requirements from the Department of Health and Human Services (HHS).

It’s important to know that HHS does not endorse or recognize private organizations’ HIPAA “certifications”. Some service providers may claim that they or their systems are “HIPAA compliant” or “HIPAA certified”. These claims are misleading, as compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context.

Axion Communications is committed to protecting your data, including the PHI of your patients. Axion Communication’s UCaaS solutions have been designed with features to support you in complying with HIPAA, while also enabling you to make the most of your communications with patients. However, primary responsibility for compliance with HIPAA rests with you. You are responsible for your use of the Axion Communications service and for ensuring that your use of the Axion Communications service complies with HIPAA and other applicable laws. 

Our legal, compliance, and security teams work across the company and alongside our customers to understand and meet customer needs. Axion Communications has implemented the following safeguards to meet HIPAA requirements:

Below is additional information of which you should be aware and that will help you comply with HIPAA when communicating through the Axion Communications service:

Team Chat

Team Chat is designed to support secure communication between team members, with all messages encrypted in transmission and at rest.

Messages

Axion Communications Messages can be used to communicate in a manner that is compliant with HIPAA. However, it is your responsibility to discuss with your patients what information may be communicated via text, especially sensitive information and PHI. Text messages sent through Axion Communications are transmitted via traditional SMS text message methods. Traditional SMS text messages are generally considered an insecure mode of communication, as texts are not encrypted in transit and there are limited controls over the message after it is sent. Compliance with HIPAA when sending texts will depend on the content of the text and other factors.

Fax

Faxes sent through Axion Communications are encrypted at rest with a unique encryption key for each customer. Additionally, Axion Communications encrypts faxes sent through Axion Communications. However, you should apply reasonable safeguards when sending PHI through fax to protect the information from inappropriate use or disclosure. More guidance is available by visiting the HHS website.

Call Recordings

Call recordings are encrypted at rest with a unique encryption key for each customer.

Keep in mind, Axion Communications cannot give you legal advice. Compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context. This information should not be relied upon as legal advice or to determine how legal requirements apply to your use of the Axion Communications service. Axion Communications encourages you to seek guidance from your legal counsel regarding the requirements of HIPAA and other relevant laws and regulations to ensure compliance.

Grow Your Business And Save On Cloud Communications

Find The Plan That Works For You.
Questions? Email us at customercare@axionco.com