Stay compliant with CallRail
At CallRail, we take your privacy and data security very seriously. Our Privacy and Information Security Management Program is designed to reduce business and operational risk by preserving the privacy, confidentiality, integrity, and availability of customer information. These controls are designed and implemented to meet the requirements of HIPAA, SOC 2, GDPR, and CCPA.
Protect patient information with HIPAA
We take HIPAA compliance seriously; that’s why we’ve not only created an end-to-end solution for health care providers. We also sign a business associate agreement (BAA) with each of our HIPAA clients.
Our Call Tracking plans help covered entities (and the marketing agencies serving them) to maintain compliance with regulations set forth by HIPAA and HITECH.
Keep payment information secure with PCI
When you’re transcribing phone conversations, it’s important to provide as much protection as possible for Personal Credit Information (PCI).
Our PII Redaction feature removes customer billing information and financial information from your call transcriptions and call recordings like:
- Credit card numbers
- CVV digits
- Billing zip codes
The result? Enhanced security for your CallRail account and peace of mind for your customers.
Your data is in your hands with GDPR
To our friends across the pond, you rule your data with the right to be informed about our practices regarding the collection, use, disclosure, and sale of personal information.
You have the right and ability to access your data, port your data out, and request that your data be erased.
Reserve your rights, California, with CCPA
We got you, Cali. California residents have a right to be informed about our practices regarding the collection, use, disclosure, and sale of personal information.
Just like our friends across the pond, you too have the right and ability to access your data, port your data out, and request that your data be erased.
How we keep your information safe
We ensure privacy and security by design. Through our software development life cycle, we prioritize and enforce security through our development and support process by protecting our application on public networks, keeping our engineering in-house, and rigorously testing our product for continuous improvement. We do this not just because we have, but because it’s the right thing to do.
Encryption Security
We’re committed to preserving the confidentiality, privacy, and integrity of our customer data from unauthorized use and disclosure. To ensure confidentiality and privacy, CallRail uses encryption to help protect sensitive data, either stored or transmitted.
Multi-Factor Authentication
It can be annoying at times, but doubling up on your login security should help you sleep easy. CallRail’s 2FA or two-step verification is an extra layer of security that adds an additional step to your basic CallRail login process. It significantly decreases the risk of a hacker accessing your CallRail account by combining your password with a second factor: your mobile phone.
Spam detection
We can all agree that spam calls and robo-dialers are the worst. They waste your time and hog your business lines. They also interfere with your call data and they try to scam your grandmother. CallRail’s spam-prevention technology ensures clean data in your call tracking reports and keeps your phone lines open to your real customers.
PII/PCI Redaction
Designed to look for and redact personal identifiable information, CallRail’s PII redaction feature removes sensitive items from your call recordings and transcripts. It’s designed to look for and redact personal identifiable information, such as your customers' billing and protected health information. Keep your SSN, credit card information, CVV, age, DOB, religious and political affiliation private.
Logging & Backups
All interactions and communications logged on behalf of our customers through the use of the platform are retained for 25 months, after which they are automatically deleted. This includes phone calls, call recordings, text messages, chat logs, form submissions, web visitor sessions, and other types of data you gather within the CallRail platform. Want to hold onto your data longer? By exporting your data at the account-level, you stay in control and retain the data you need.
Secure Access
We protect your data and how it flows through CallRail’s internal network and how it is accessed on public networks. Through network security and monitoring, firewalls, VPN, and multi-factor authentication, we keep our software and your data protected from accidents and attacks.
Internal Security Measures
Keeping you and your business’ data safe and secure takes more than an excellent product. It’s up to every employee at every level of the organization. We update and train our employees on security best practices so that we’re better equipped to serve you while providing a secure experience.
We've also implemented controls to ensure privacy and security at all levels of the organization. CallRail engaged an independent CPA to examine and report on its control that the AICPA has established, System and Organization Control (SOC) Type II. The independent CPA examined and reported on controls at CallRail relevant to Security, Availability, and Confidentiality. A copy of CallRail’s SOC II Type II report can be requested by contacting the legal team.
Transparency in Coverage Rule
This link leads to the machine readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators, and application developers to more easily access and analyze data.