Healthcare Spotlight: Data Archiving for Compliance with Retention Periods

February 22nd, 2022

Written by Emily Miller, Director of Marketing

Blog, Enterprise Information Archiving

Retaining records are no stranger to healthcare payers and providers, who are subject to stringent regulations surrounding their patient data. 

Whether it be policy information or any communications with their policy holders like call recordings, emails, and webchats, all this information must be retained based on the retention periods set by the healthcare payers’ internal and external regulatory bodies. It’s similar for healthcare providers, who must record all patient interactions, maintain all patient records, and remain in compliance with HIPAA. 

When we talk about healthcare payers, we’re referring to healthcare insurance providers, like Blue Cross Blue Shield entities across the country. 

For healthcare providers, we’re referring to the organizations performing healthcare duties, like hospitals and medical centers. An example in our headquarter city of Rochester, New York would be the University of Rochester Medical Center or Strong Memorial Hospital. 

In our line of business, we deal strictly with compliance surrounding healthcare organizations’ communications data – the call recordings, emails, webchats, and other interactions the organization is having with their patients and customers. This data must be retained and securely archived for years.  

Enterprise Information Archiving solutions allow healthcare organizations to securely access, manage, and archive their patient communications data, which Wilmac provides for many regulated industries, including banking, financial services, and insurance. 

By adopting an enterprise information archiving solution, the risk and cost associated with your recording infrastructure is minimized, your legacy architecture can be decommissioned, and you can maximize the potential of your captured communications. 

In this blog, we will review how healthcare payers and providers can achieve these outcomes. 

Common Data Archiving Struggles of Healthcare Payers and Providers 

Healthcare payers and providers face compliance and regulatory mandates surrounding the retention of patient records, policies, and all communications with the patients. These communications can include phone calls, webchats, emails, telehealth video conferences, and more. 

Faced with multi-year (and sometimes indefinite) retention periods, these organizations are faced with securely archiving tons of data, no matter how complex or simple their recording infrastructure is. We will review some of the common situations we see in this section. 

Facing End of Support with Your Current Recording Platform 

As technology evolves, certain platforms become End of Life (EOL) by the vendor. This means that the vendor no longer supports the platform, so the user is faced with an inherent risk if they decide to maintain that system with recordings on it. 

You risk that system breaking down without an option to replace parts or support it, since the vendor no longer offers those options. 

You must have a resource in charge of maintaining that system, which takes that resource away from more high-value activities. 

Most importantly, you risk non-compliance by being unable to access those recordings and/or losing those recordings because of a system failure. Beyond that, the associated fines and brand damage that can result from non-compliance will not put your brand in a positive light. 

Abiding by Data Privacy, Access, & Deletion Rules 

Healthcare payers and providers must comply with one of the most well-known data privacy laws, the Health Insurance Portability and Accountability Act, or HIPAA. HIPAA is a national standard designed to protect the confidentiality and security of healthcare information. Other regulations include the Personal Health Information Protection Act (PIHIPA) in Canada. 

HIPAA requires healthcare payers and providers to implement robust data management and security measures, including ensuring data is collected, stored, and used in compliance. This can be both technically and financially demanding. 

Finding a solution that can demonstrate all necessary data management and security policies are in place will reduce the burden placed on the healthcare organization and the people responsible. 

Maintaining Legacy Systems to Remain Compliant 


Many organizations are faced with maintaining their legacy systems because it seems like the only option. Many also believe that migrating data to another system can bring about greater risk as well. When working with Wilmac, this is not the case. 

If you are transitioning to a new telephony or contact center platform that includes your call recording, but you still have recordings stored on your legacy platform that have not fulfilled their retention period, you have the option of maintaining that legacy system or moving your data off it. Many organizations who come to us have decided to maintain that legacy system to keep their recordings securely stored, but it brings about significant risk, cost, and resources to maintain that system. 

Mergers & acquisitions commonly bring about this situation, too. The parent company requires the acquired company to merge with their primary recording platform and figure out how to access and store their legacy system’s recordings to maintain compliance. The acquired company is faced with either maintaining their legacy system (which causes an increase in risk and cost) or figuring out a way to access and archive these recordings for their designated retention period. 

Moving to the Cloud & Managing Siloed Data Systems 

Many organizations, not just healthcare, are moving their telephony and contact centers to the cloud. The platform they’re moving away from then retains months and/or years of recorded interactions, which must be securely stored beyond the migration to the new system. 

Similar to what we discussed in the previous situation, these companies are faced with either maintaining their legacy system or determining another method of securely archiving their communications data. 

Using a cloud-based telephony or contact center platform also brings about the question of storing those regulated communications. Storage costs within those cloud platforms can increase significantly over time and limit your accessibility. We advise that organizations in this situation consider archiving your communications data outside of the platform and store it in a single pane of glass with your legacy data for easier access and lower cost. 

Continuity Replay Case Studies for Healthcare Payers & Providers 

The following are real case studies in which Wilmac was engaged to assist two healthcare organizations achieve successful healthcare data management and compliance. Due to the heavily regulated and private nature of these organizations, we will not list their names.

Improving Ease of Access by Consolidating Multiple Call Recording Systems 

A large healthcare payer, or health insurance organization, is required to keep voice calls for 20+ years.  

Through acquisitions and natural replacements of technology, this data spanned across 5+ different systems. Each of these systems (predominantly Verint, Virtual Observer, and Five9) had separate user interfaces and architecture to manage. All data was stored in different locations and resided in a data center being replaced. With this change, they also had a time concern for moving the data away from this center. 

The healthcare payer was moving to a new solution to cover all their contact center agents for their direct business and subsidiaries. 

Wilmac Technologies was engaged to help consolidate all this data into one location, allowing the organization to meet their data center exit timelines.  

By installing Continuity Replay, all call recording data could be accessed moving forward by one system hosted within the customer’s architecture for long-term retention.  

All existing Verint and Virtual Observer architecture was decommissioned, saving considerable cost in the future. Also, the large health organization no longer needed to pay for Five9 storage costs in retaining this data. 

Accessing Legacy & Production Data Through a Single Pane of Glass 

A healthcare provider was transitioning to a new cloud contact center solution and purchased NICE CXone through Wilmac. Their former CCaaS solution, Five9, had hundreds of thousands of recordings on it that had to be maintained for the years to come. 

Wilmac was engaged to extract these call recordings from the Five9 system and securely archive them in an accessible file format in Continuity Replay. 

Now with their legacy recordings in Continuity Replay, the healthcare provider inquired if they could house their production recordings from the new CXone platform in the same location.  

Using automated extraction, Continuity Replay extracts production recordings from the NICE CXone system on a regular basis. This allows the healthcare provider to save money on data storage costs within their NICE CXone platform and store all their regulated communications data in a single, accessible pane of glass for their designated retention period. 

Benefits of Adopting Continuity Replay 

We have covered several different scenarios where healthcare payers and providers are put in challenging and complex positions to retain and manage their patient communications, making your job more difficult. 

By adopting an enterprise information archiving tool like Continuity Replay, you can reap the following rewards:  

Control how your data is stored – Have full control of where your call recording data is stored, how long it is stored, and how you can access it.  

Reduce infrastructure spend – Decommission legacy systems and reduce associated costs now that you have access to your call recordings in a cloud-based platform. 

Minimize risk attached to legacy voice files – Easily manage and automate the retention periods associated with your call recording data.  

Streamline compliance with retention periods – No more dealing with multiple retention periods and disjointed systems. Store and manage all your recordings in one place.  

Simplify search and replay – The Continuity Replay UI (user interface) is designed with simplicity in mind for anyone to navigate and locate recordings. 

In Closing 

Compliance with retention periods and regulations like HIPAA can be streamlined and simplified with an effective data management and archiving solution. 

By utilizing a centralized portal to manage and store your voice, webchat, email, and video data (and all associated metadata), your technology leaders can sleep peacefully at night knowing their data is protected, accessible, compliant, and all in one place. 

Continuity Replay is designed to put healthcare payers and providers back in control of your data and simplify your playback infrastructure, so you can focus on effectively serving your patients and customers. 

If you are a healthcare payer or provider looking for a simple, effective, and centralized way to manage your communications data, check out our 3-minute demo of Continuity Replay. 

Want to learn more? Contact Us! >>

Share This