It is against HIPAA regulations for a voicemail message to include any patient-identifiable information (PHI). The Department of Health and Human Services (HHS) suggests that covered organisations restrict the information that may be found in their voicemail to their company name, a point of contact, their telephone number, and a callback request.