Vernon Keenan

That's good enough for us elves....thanks! 

Does anyone know if we can adjust parameters associated with Call Park? Like the duration in the lot, etc?

We have hit this particular nail with a sledghammer, and we go with Cisco-Meraki security gateways. It clears up most voice quality issues caused by LAN-side congestion, and the cloud controller lets us see what's going on with just a couple of mouse clicks from anywhere. Meraki can cause sales issues to ask customers to buy such expensive gear, but we feel so strongly about it that we'd rather not have that customer if they won't spend $1100 on a gateway to support five or more phones. Also, with the MX64 and higher you get Dual-WAN, and we often recommend dedicated WISP or DSL lines just for the Voice to go with their Comcast cable Internet. For smaller sites, we've used the Z1 effectively, for about $600 cost. It is my understanding that the QoS queueing algorithms in the Meraki are superior for VoIP, especially when compared to the algorithms in SonicWALL or PFsense. Finally, it doesn't hurt that Meraki gives a 40% margin on most sales. Vern

Count Telnexus in...

TLDR -- "HIPAA Compliance" is a marketing term. HIPAA does not specify or require encryption. You can be HIPAA compliant by enforcing some security standards and signing a HIPAA Business Associate Agreement between you and your health care provider customer. -- Vern Joy -- I've been wondering about this for years, and I just did some research that might clear things up. HIPAA is actually a rather skeletal set of guidelines and advice. The main problem occurs for covered organizations when there is a breach of some sort, and that causes an incident that will generate an investigation by HHS and Office of Civil Rights (OCR) or by a state attorney general.  See this link for the official HIPAA site:  http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html It seems like the legal standard for HIPAA is "no harm no foul." Nobody is going to do a HIPAA inspection without there also being a civil or criminal investigation of an actual breach. The actual rules for HIPAA (or lack thereof) DO NOT SPECIFY ENCRYPTION for data "in motion" or "at rest". In fact, typical of most HIPAA stuff, they don't give specific guidelines on what you should do. For example, I found a VoIP-related NIST document referenced in some HIPAA documentation, but once again, these are the technical recommendations for making a secure VoIP system: http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf But, there are competitors out there, such as a 8x8, who say they are "HIPAA Compliant." What does that mean? Actually, "HIPAA Compliant" NOT a term defined by HHS/OCR. Nobody officially determines if you are HIPAA compliant. It's just a marketing term. What is 8x8 doing then to sell HIPAA Compliant service? I think I found out by parsing the verbiage on the 8x8 web site. In 8x8's world, they are "HIPAA Compliant" because 8x8, as a "Business Associate" of a "Covered Organization," has a "HIPAA Business Associate Agreement" signed between 8x8 and the health care provider.  The HHS website gives a template for writing your own HIPAA Business Associate Agreement: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html So, based on this research any Kazoo reseller could be a HIPAA compliant if you: Assure that the Covered Entity's LANs are built according to the NIST SP800-58 guidelines (mainly separate VLANS for voice and data)Offer the Covered Entity a HIPAA Business Associate Agreement to assure them that you will notify them of any known breachTo make this complete, we should probably get some sort of statement from 2600hz that gives a short description of how information in the Kazoo cluster is kept private, and any specified on Intrusion Detection, because we will need to represent that in our HIPAA Business Associate Agreement.