The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 to grant patients privacy rights over their medical records and other personally identifiable health information. By law, covered entities and their business associates must implement security safeguards for protected health information (PHI). While Talkdesk is not a covered entity and does not consider itself a business associate, we want to ensure that our customers can use Talkdesk in a HIPAA-compliant way. Talkdesk follows industry best practices for security, availability, processing integrity, and confidentiality.
Amazon-based custom storage solution
To better support our HIPAA-compliant customers, Talkdesk has developed a new solution that addresses the area of Talkdesk application that’s most likely to contain PHI: call recordings. This solution allows customers to store and manage call recordings directly in their own server.
How does it work?
Recordings are transferred directly to custom server for storage. This process happens asynchronously for each recording file. When a user tries to access a recording through Talkdesk application or 3rd party CRM, Talkdesk will create a signed URL to the recording file.
Users must be authenticated in order to play the recording.
Customers can directly manage access control.
This solution has been designed to maximize data security when working with Talkdesk:
- Server Access: Following best practices for granting access to 3rd parties via IAM role, Talkdesk only accesses the customer’s Amazon Web Services (AWS) resources using temporary security credentials instead of long-term credentials. Talkdesk can provide an AWS policy template which contains the proper permissions to work correctly with our recording service.
- Transfer and Storage: Recording files are transferred directly to the customer’s server from Twilio. Talkdesk receives AWS acknowledgment to confirm that the file arrived at its intended destination, but does not access or store the data within its infrastructure at any point in the process. This happens asynchronously for each recording file, meaning that files are processed individually instead of in batch.
- Access Control: By default, Talkdesk authenticates users before they can play recordings. Once authenticated, Talkdesk redirects the user via a time-bounded signed URL to play the recording from a temporary file location. Optionally, customers can revoke READ access and manage user access control internally. In this scenario, Talkdesk redirects the user to the customer’s server for authentication and authorization.
- Data Disposal: When a recording file has exceeded the defined data retention policy it becomes inaccessible. Talkdesk uses the WRITE permission to overwrite it with a recording stating that the file has been deleted.
Note: Revoking the delete permissions in the AWS custom storage bucket does not stop Talkdesk from overwriting recordings. We advise customers to not remove these delete permissions, as they may be required in the future, if the overwrite implementation is changed to a delete.
The intended deletion policy must be set in the customer's Talkdesk account Recording Retention Policy settings.
Talkdesk partners with Twilio to power real-time communications with end customers according to Twilio’s standard Terms of Service. Since the recording files are created by Twilio, they are necessarily stored within Twilio’s infrastructure (albeit temporarily). Talkdesk initiates the transfer immediately after being notified by Twilio that a recording file is available. Once confirmed that the recording has been successfully transferred to the customer’s server, Talkdesk requests deletion of that file from Twilio.
For more details about Twilio’s security practices, please review Twilio’s Security Whitepaper.
Existing recordings will not be copied to the new AWS custom storage bucket but will remain accessible in the Talkdesk bucket.
All workflows and logic tied to Talkdesk bucket recordings (access permissions, deletion policy) remain the same in the custom bucket, as stated in the customer's Talkdesk account Recording Retention Policy settings.