Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

VoIP Compliance

From your office phone system to your headset, work securely.

Featured research

It may be time to refresh your IP phones

Wainhouse reviews compelling reasons – like being up to date with security and compliance regulations – why you should update your Cisco IP phone.

VoIP Compliance Standards

Awareness of privacy and data protection issues among customers, employees, partners, policy makers and the media has significantly increased over the last few years. The general catalysts have been data breaches, mishandling of data, and regulatory reform. Using “state-of-the-art” technology to lower your potential risk of processing personal data may allow you to stay up to date with recommendations, like TLS 1.2.

PCI DSS Compliance Overview

How does PCI apply to VoIP?

Payment Card Industry Data Security Standards (PCI DSS) is a set of security standards devised to safeguard all companies that accept, obtain, process, save or transmit credit card information. It applies to organizations of all sizes with any number of online transactions that accept, pass on or store cardholder information – this could be via the phone, internet, or any other means.

What if a business is non-compliant?

Organizations could be at a serious risk for data breaches if they are non-compliant to this regulation.  Furthermore, if an organization is found to be non-compliant, it could be fined anywhere between $5,000 and $100,000 per month. These violations could also incur huge card replacement costs and in-depth investigations into the non-compliant business.

GDPR Readiness Overview

How does GDPR apply to VoIP?

The EU’s General Data Protection Regulation (GDPR) imposes financial penalties for data breaches and mishandling of personal data. Using “state-of-the-art" technology is suggested for those businesses that want to lower the risk associated with processing personal data. IP Telephony utilizes industry standard encryption mechanisms such as TLS 1.2 to encrypt traffic to and from VoIP handsets.

What if a business is not GDPR ready?

Violations on certain articles of GDPR carry fines of up to €20M or up to 4% of total global revenue of the preceding year, whichever is greater.

HIPAA Compliance Overview

How does HIPAA apply to VoIP?

As part of the Health Insurance Portability and Accountability Act (HIPAA), the Privacy Rule exists to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and wellbeing. The Privacy rule applies to any health care provider (the covered entity) or business associate who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA1.

What if a business is non-compliant?

Organizations that fail to comply with these regulations run the risk of fines or criminal charges.

Impact for Cisco Unified Communications

PCC DSS v3.2, HIPAA, and GDPR advise organizations to safeguard individual’s personal data. Customers using Cisco endpoints and Cisco Unified Communications are encouraged to develop action plans in order to comply with this guidance. This may include activities such as identifying devices and software that do not support TLS 1.2, and developing a plan to upgrade, reconfigure, or replace them.

Refresh your IP Phones

Many older IP phone models are not able to keep up with security and compliance standards. However, the latest Cisco IP phones reduce regulatory compliance risks and provide the latest technology with the option to be on-premises or cloud.

Cisco headsets

Experience vibrant sound and all-day comfort with Cisco headsets.

Get started

Ready to take the next step?