| System | HIPAA/PHI*** | PCI | FEDRAMP | CJIS | CUI |
|---|---|---|---|---|---|
| Zoom Phone* | See below | Compliant | Not compliant | Not compliant | Not compliant |
| Zoom for Government (including Zoom Phone) | See below | Not compliant | Compliant | Compliant | Not compliant |
| Analog Fax - SBC-connected | See below | Not compliant | Not compliant | Not compliant | Not compliant |
| Analog Fax - Zoom-connected | See below | Compliant | Not compliant | Not compliant | Not compliant |
| IP Fax/Hylafax | See below | Not compliant | Not compliant | Not compliant | Not compliant |
| Amazon Connect** | See below | Compliant | Not compliant | Not compliant | Not compliant |
| Analog Phones - SBC | See below | Not compliant | Not compliant | Not compliant | Not compliant |
| Analog Phones - Zoom | See below | Not compliant | Not compliant | Not compliant | Not compliant |
*Zoom Phone Common Area lines are PCI compliant with the proper restrictions. See additional info: https://documentation.its.umich.edu/node/4643
**For PCI and MFA, one of these solutions must be present: DTMF masking, managed desk phones, restricted workstations, or transfer calls to basic cell phones.
***HIPAA/PHI compliance is governed by the Michigan Medicine Corporate Compliance Office, 734-615-4400- [email protected]. Please contact this office for any compliance questions.