Save Up To 40% By Comparing Prices

We Can help you find the right business telephone system. Simply fill out the form to the left with your requirements and we will match it to the three most suited suppliers for your needs. We take the stress out of finding the right solution.

HIPAA Compliance in VoIP Systems

HIPAA stands for Health Insurance Portability and Accountability Act. It sets the privacy standards and expectations that industries (particularly healthcare) must meet in order to protect sensitive data. You may not be in healthcare but did you know that their rules also apply to many business phone systems? Balancing a business phone system with HIPAA standards can be a challenge but it is possible with VoIP.


Of course, being HIPAA compliant means that you are obeying the law. But, there are also other benefits to compliancy.


If you take the resources to ensure that your phone system is HIPAA compliant, you are showing your customers that you are a professional and that you are dedicated to protecting their privacy. Automated voicemail features also add a level of professionalism and courtesy to anyone calling you.


Being HIPAA compliant is basically protecting sensitive data from being stolen by criminals. If you are not HIPAA compliant, you may be facing a lot of legal fines and expensive fees. By obeying the law, you not only protect your customers but you also protect yourself from paying expensive dues. Invest in a new system or upgrade your existing one to be compliant.


Efficiency is always an important factor in any business system. You must also be able to access your voicemail with ease. The latest systems in the market are not only HIPAA compliant but also have advanced forwarding options. This allows you to access your voicemail anywhere.

Remember that even though your VoIP was HIPAA compliant when you purchased it, that does not mean that it is still compliant today. Technology evolves quickly and that only means that HIPAA laws should be able to adapt quickly too. Older phone systems that cannot be updated with new software versions are no longer compliant. You can either invest in a new system or ask your vendor if you can upgrade your existing software.

How to become compliant

Being compliant is all about providing security as already mentioned above. We cannot stress how important it is to protect sensitive customer data.

There are 2 main types of requirements for compliance:

  1. Physical
  2. Network security measures

The standards outlined in HIPAA were created in part to avoid the dangers of a typical medical office scenario. For example, a patient calls the clinic and the secretary answers the call. The secretary will then take the patient’s information over the line and write it down on a piece of paper. This piece of paper can easily be misplaced. It can also be lost or stolen. The security risks are great in this type of scenario.

A telephone system that is compliant and protects your business and your customers requires the following:

Access control

We all know that an updated VoIP system allows users to access their voicemails from anywhere. On the other hand, it should also make access by unauthorized personnel more difficult. You need passwords, data encryption and a secure network to ensure that only the intended recipients hear the voicemail.

Transmission security

Getting a third party over the line during a call was a big issue back in the ‘80s and ‘90s. Now, phone lines are more secure but they can still be tapped. Confidential conversations can still be heard by unauthorized persons who have malicious intent. You need to ensure that the messages being transferred over your phone lines are safe. To do this, you need person or office authentication. You also need device and media controls in place. There are several methods that allow you to do this. Use data encryption if necessary.

Disable services

As a general rule, if you don’t need or use a service, cut it off or turn it off. Your whole system must be robust. You can also do logical separation of your voice and data networks. This ups the level of your security and privacy.

Manage security

VoIP line encryption is not necessarily needed because some transmission don’t exist in electronic form before sending them but you still need to ensure that your network supplier is ready to provide you with technical and administrative controls.  Even the most compliant VoIP systems may falter if the network itself is vulnerable to attacks and has insufficient physical access. Use complex passwords and implement password policies that will strengthen your security management. You should also make sure that you have firewalls installed.

Stay up-to-date

A simple way to stay HIPAA compliant is to install the latest software version of your VoIP system. Compliance standards constantly change because technology constantly changes as well. Include VoIP compliance in your company’s periodic risk assessment to ensure that your systems are as secure as possible.

What are the dangers of not being compliant?

There are so many things that can go wrong if you are not compliant. There’s financial and identity fraud, product safety, environmental health disasters, etc. There are just too many situations that have and can happen if you are not HIPAA compliant.

While there’s hardly any issues with VoIP, the rules still apply and it’s imperative that you abide by them. Some standards are clear. If you are not sure about something, ask your provider or do some research of your own on the Internet.

Stay on top of the latest HIPAA standards to avoid headaches and hassles. You may also even avoid lawsuits that are expensive and time consuming. You will also avoid the four violation categories and increasing levels of liability. Remain HIPAA compliant to avoid the consequences.

Finding a VoIP provider

If you need to install a VoIP system in your office, we would be glad to help you find the best supplier in your city or town. At the top of this page, you will see a form which you need to fill up with your requirements. We will review it and then locate the best suppliers. You can expect to receive quotations in your email. After reviewing, you can call up the suppliers that have impressed you. You can set up an appointment with them. These are no-obligations quotations so you can always move on with your own research. Try this free service now!


Author: Yazz

Yazz is a trained telecommunications engineer with a diploma in telecommunications. He has spent the last 15 years working for Telefonica, one of the largest telephone operators and mobile network providers in the world.