Current as of 20 Jan 2023

Calilio’s HIPAA-Compliance

Kindly go through this HIPAA-compliance and consult us in case of doubt or confusion.

Download PDF

Introduction

Calilio adheres to the Health Insurance Portability and Accountability Act (HIPAA) principles and its implementing regulations. The company is committed to protecting the sensitive private health information of the users and maintaining an appropriate data protection strategy. HIPAA-compliance policy requires designated companies to maintain the most remarkable approach to facilitating data visibility and control. According to HIPAA specifications, the designated entities have a responsibility to:

  • Assure that all electronic personal health information (ePHI) produced, gathered, maintained, and internally circulated are strictly private, genuine, and readily accessible anytime.

  • Implement a dependable safeguard against any anticipated or unanticipated risk to confidentiality and provide legitimacy to such information.

  • Keep stringent vigil over the use cases of the ePHI linked to billings, vendor mobilization, medical consultation, record management, and copying services.

  • Defend yourself from potentially using or exposing unauthorized data that existing privacy regulations do not require.

Calilio is a fully HIPAA-compliant company and abides by all the practices required to fulfill HIPAA compliance, including :

Authorization

Calilio assigns every agent to a specific role, requiring them to log in and out of the Calilio service with a specific individual account.

Encryption methods

All the sensitive data and information are secured using advanced encryption protocols and technologies such as Transport Layer Security (TLS), virtual private networks (VPN), Multi-Factor Authentication (MFA) or 2FA, Virtual Local Area Network (VLAN) protection, Internet Protocol Security (IPSec), Password manager, etc.

Call logs Records

Calilio keeps the data records and metadata of all conversations across different channels, such as calls, chats, conferencing, texting, etc. In addition to meeting HIPAA compliance, these records help in essential purposes like call management, workforce and workflow calibration, troubleshooting, and issue management with efficiency.

Business Associates Agreement

Here, Business Associates refers to a VoIP service provider who stores ePHI. To guarantee compliance with the HIPAA rule, they must sign a Business agreement with the authorized organizations. Such agreements are often referred to as Business Associate Agreement (BAA).

Note: Customers who conform to the criteria and require a legal agreement establishing PHI safeguards can join the Business Associate Agreements (BAA) program.

In addition to the HIPAA-mandated security procedures, Calilio offers its users the option to enable the safeguarding of Protected Health Information (PHI) in faxes, voicemail messages, and recorded calls. With this option enabled, all voicemails, faxes, and call recordings are destroyed shortly after thirty days.