[VoiceOps] Unsecured conference lines

Paul Timmins paul at timmins.net
Thu Jun 2 18:25:17 EDT 2016 

Does it expose you to anything? If not shrug and shut it off. If so, 
offer it with something that passes the exposure on instead, explaining 
your costs change. No need to lecture them on their own laws or protect 
them from themselves. They need a service provider, not a parent. :)

On 06/02/2016 03:33 PM, Carlos Alvarez wrote:
> Believe me, I've covered that and several other regulatory matters, 
> they maintain they don't care.  The directive I got was from the 
> second from the top, and he claims the CEO is behind him.  Right now 
> the stale-mate is at "we can have a conference call to discuss it with 
> the CEO, but I won't do it without that."  If they call me on it, well 
> then...I'm just not sure.
>
> As to what type of "medical" company, I would like to keep the 
> customer info very anonymous, but I'll say that it's way more than 
> uniforms but not quite discussing a specific patient's ED 
> prescription.  There's probably not any specific patient data on a 
> call, or maybe just very rarely.
>
> On Thu, Jun 2, 2016 at 12:27 PM, Anthony Orlando <avorlando at yahoo.com 
> <mailto:avorlando at yahoo.com>> wrote:
>
>     Carlos
>         Just mention HIPAA.  You might also have some HIPAA compliance
>     issues as well.
>
>
>
>     > On Jun 2, 2016, at 1:54 PM, Carlos Alvarez <caalvarez at gmail.com
>     <mailto:caalvarez at gmail.com>> wrote:
>     >
>     > We have a customer who has been nagging us to remove the PIN
>     from their conference lines.  They are getting more insistent. 
>     We've said no, for the obvious security reasons, and explained
>     them all clearly.  On top of it, this is a medical-related company
>     having sensitive conversations on conferences.  They keep pushing
>     us.  What would you do?  On the one hand I think we have no
>     liability in the matter, but on the other, we're more of a
>     consulting ITSP than just a generic service provider.  We
>     specialize in helping people not do stupid things with their phone
>     system.  There's also the matter of just eating up a bunch of
>     channels by people using it as their own conference.
>     >
>     > _______________________________________________
>     > VoiceOps mailing list
>     > VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
>     > https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160602/29f2c168/attachment.html>

More information about the VoiceOps mailing list