8x8, Inc. (NASDAQ:EGHT), a provider of cloud communications and collaboration
to more than 35,000 businesses, is seeing growing demand for its Health Insurance Portability and Accountability Act (
) and Health Information Technology for Economic and Clinical Health (
) compliant business communications services since new regulations governing the protection of patient health information went into effect on September 23, 2013.
According to a Department of Health and Human Services January 17, 2013 press release which announced the new regulations, “The HIPAA Privacy and Security Rules have focused on health care providers, health plans and other entities that process health insurance claims. The changes announced today expand many of the requirements to business associates of these entities that receive protected health information, such as contractors and subcontractors.”
8x8 Senior Director of Security Mike McAlpen indicated, “Thousands of additional U.S. companies are now directly affected by these new expanded HIPAA regulations and many may not even be aware of it yet. Any company that processes, stores, or transmits personal health information directly or indirectly on behalf of a HIPAA-covered entity will now fall under these newly expanded and significantly more rigorous regulations.”
McAlpen continued, “These companies may now need to provide evidentiary assurance to auditors that they have effectively implemented internal compliance governance and controls needed to protect the confidentiality, integrity and availability of personal health information. 8x8 is the first cloud communications provider to assist companies in achieving these requirements in their core communications and other highly visible areas. Compliant communications, specifically fax and voicemail, are core to achieving this compliance.”
8x8 has taken significant steps to ensure that its cloud communications services help customers meet the expanded requirements for HIPAA/HITECH compliance. These include the establishment of comprehensive security and privacy controls, validated by a thorough independent security assessment, data-in-motion encryption with HTTPS for accessing faxes, call recordings and voicemails, the ability for services to be set up with administrative controls and restrictions to protect stored faxes, recordings and voicemails and the delivery of a written business associate agreement to customers ensuring the compliance of their communications service provider.