High Availability For Asterisk

Protected Health Information




PHI Designated Material and PBX High Availability

Healthcare IT professionals have long recognized that information stored on their telephone systems (PBX’s) may be designated as Protected Health Information (PHI). A message left for a physician or their staff may include the identity of a patient, details of their illness or treatment, etc. In most countries federal and state/provincial laws exist which specify the level of protection which must be afforded this type of information (including HIPAA in the USA, PHIPA in Canada, PDPA in Singapore, etc.), and attention is now focusing on PHI contained in the PBX.

At the same time, many healthcare facilities are adopting Asterisk-based open source VoIP PBX’s, and creating cost-effective and feature-rich telephony environments. As PBX operations can affect the very survival of patients, these same facilities are also implementing high availability (clustering) to ensure maximum PBX uptime. However, clustering implies that data must move between two PBX “nodes”, including voicemails, caller name and phone number data, call logs, etc. (i.e. ePHI in transit). This in turn exposes the PBX to PHI regulatory compliance.

Telium’s High Availability for Asterisk (HAast) product creates a PBX cluster which allows your telephony environment to become compliant with local PHI regulations.  From 256 bit encryption of inter-node traffic, to protection of credentials in memory, and more.  See why HAAst is the high availability product of choice for healthcare environments.