HIPAA Compliance

By Cora Olson | November 17, 2020

HIPAA Compliance

At AVOXI we understand how important it is to provide customers with peace of mind knowing their information is secure. Our cloud communications platform maintains the most up to date and reliable technology available to ensure your organization's data is protected.

What is HIPAA?

The Health Insurance Portability and Accountability Act, also known as HIPAA, is a US federal law that protects sensitive patient health information (“PHI”) from being disclosed without the patient's consent or knowledge. Companies that handle any form of PHI must ensure the necessary security protocols are in place and being followed.

Who does HIPAA apply to?

HIPAA applies to Covered Entities and their business associates who provide services to them and who process or handle e-PHI / PHI. Any business associate of a HIPAA-covered entity is required to sign a HIPAA-compliant business associate agreement (“BAA”) – a contract that details the elements of HIPAA Rules that the business associate must comply with.

Does AVOXI offer a business associate agreement?

If you are a Covered Entity and if AVOXI will handle or process e-PHI, then AVOXI will provide a BAA at the start of service.

New! External Storage Solutions to Better Support Your Business

For those customers utilizing our unlimited call recording, AVOXI now provides a HIPAA compliant way to store and access these recordings. External storage solutions help support compliance and provide peace of mind to those responsible for handling personally identifiable health information.

Call recordings containing PHI can be externally stored and managed directly on your own secure server. This flexible solution is currently available for those customers using Amazon Web Services (AWS) and will soon be available via SFTP.  

Learn more about how easy it is to externally store call recordings using our call recording storage solution.

Frequently Asked Questions

How does AVOXI access my external server?

After enabling external storage in the AVOXI platform, you will need to connect by entering your region, bucket name, Access Key ID, and Security Access Key provided by Amazon Web Services (AWS).

Are recordings transferred automatically to my server?

Yes, once you enable external storage and successfully connect, recordings will automatically transfer to your secure server.

What happens when a user attempts to playback a recording?

Access permissions for recordings saved on your external server are managed through your server console.

If I enable external storage, will recordings still be saved in the AVOXI platform?

Yes, customers have the option to retain recordings both externally and within the AVOXI contact center platform. Admins have the ability to turn on or off local storage in AVOXI and determine how long these recordings should be retained.

How long are these recordings retained?

Retention of external recordings is managed from within your server console. Customers have the ability to define their local data retention policies when call recording is enabled. AVOXI provides the option for 30, 60, or 90 days, 1 year or unlimited.

Is the transfer of recordings secure?

AWS uses HTTPS to secure the communication path and controls the exact level of encryption. SFTP uses TLS to secure the communication path making it a secure method of transferring and storing files remotely.