Greetings! I have been developing healthcare contact center solutions for three years and I am currently facing a significant HIPAA compliance challenge. We require a secure callback system where the patient’s phone number remains completely hidden from the agent’s view until the moment the agent accepts the interaction and the call is actively connected. Currently, when a callback is delivered to a queue, the ANI is visible in the agent’s waiting interaction list. Is there an enterprise-grade methodology within Architect or the Platform API to mask the callback number until the media state is ‘Connected’, or must we utilize a custom integration to manage the dialer manually?
I am a supervisor of thirty agents and I am not very technical, but I can tell you that this is a huge pain point for us as well! My agents are constantly seeing patient numbers on their screens before they answer, and it makes my compliance officer very nervous! I have looked everywhere in the admin settings for a ‘Mask Number’ toggle for callbacks, but I cannot find it. If you have to build something technical to fix this, please make sure it does not break our real-time status dashboards, because we rely on those to manage the floor!
Hello. To achieve this level of HIPAA compliance for our 5000-agent BPO, we had to implement a custom ‘Participant Data’ masking strategy. You must utilize an Architect flow to intercept the inbound call, hash the ANI using a Data Action, and store the original number in a ‘Secure’ variable. When you create the callback, you do not provide the raw phone number in the standard callback field. Instead, you provide a dummy value like ‘PRIVATE’. When the callback is delivered to the agent, they only see ‘PRIVATE’. You then use a ‘Script’ that automatically fires a Data Action to retrieve the real number from your secure storage and dials the patient as soon as the agent clicks ‘Connect’. It is a complex workflow, but it ensures the PII is never visible in the standard UI.