[VoiceOps] Unsecured conference lines

[Carlos Alvarez]

Believe me, I've covered that and several other regulatory matters, they
maintain they don't care.  The directive I got was from the second from the
top, and he claims the CEO is behind him.  Right now the stale-mate is at
"we can have a conference call to discuss it with the CEO, but I won't do
it without that."  If they call me on it, well then...I'm just not sure.

As to what type of "medical" company, I would like to keep the customer
info very anonymous, but I'll say that it's way more than uniforms but not
quite discussing a specific patient's ED prescription.  There's probably
not any specific patient data on a call, or maybe just very rarely.

On Thu, Jun 2, 2016 at 12:27 PM, Anthony Orlando <avorlando at yahoo.com>
wrote:

> Carlos
>     Just mention HIPAA.  You might also have some HIPAA compliance issues
> as well.
>
>
>
> > On Jun 2, 2016, at 1:54 PM, Carlos Alvarez <caalvarez at gmail.com> wrote:
> >
> > We have a customer who has been nagging us to remove the PIN from their
> conference lines.  They are getting more insistent.  We've said no, for the
> obvious security reasons, and explained them all clearly.  On top of it,
> this is a medical-related company having sensitive conversations on
> conferences.  They keep pushing us.  What would you do?  On the one hand I
> think we have no liability in the matter, but on the other, we're more of a
> consulting ITSP than just a generic service provider.  We specialize in
> helping people not do stupid things with their phone system.  There's also
> the matter of just eating up a bunch of channels by people using it as
> their own conference.
> >
> > _______________________________________________
> > VoiceOps mailing list
> > VoiceOps at voiceops.org
> > https://puck.nether.net/mailman/listinfo/voiceops
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160602/b43ba276/attachment-0001.html>