For those who manage phone systems, a key responsibility is ensuring that calls to 911 are sent to the proper answering point, and accurate caller location information is available to emergency call center operators.
That task has been complicated by three fundamental paradigm shifts in the communications and calling space:
Employees are increasingly untethered to specific locations. They might work from home, a public space or from multiple hot desking workspaces within company offices.
More employees are relying on mobile devices -- personal or company-provided -- as their primary means of communication.
Cloud-based calling services are replacing on-premises private branch exchanges (PBXs), with varying capabilities to track user location. The near ubiquity of mobile phones adds another challenge: Organizations might not be notified when a 911 call is placed from a personal smartphone within an office location.
The days of simply managing desktop telephones at fixed locations are over.
An effective Enhanced 911 (E911) compliance strategy has two important functions:
To maintain accurate phone location information, regardless of the type of endpoint and whether it is on the enterprise network or remotely connected to company-provided phone services.
To ensure 911 calls are transmitted to the proper emergency call center (ECC) or public safety answering point (PSAP) based on the caller's current location. For example, if a person with a company office in Chicago is working from home in Milwaukee, the 911 call must reach the 911 operator in Milwaukee so emergency personnel are dispatched to the right location.
Meeting these goals in an ever-changing environment requires a proactive approach. Improper location management and call routing make an organization vulnerable to regulatory liability, civil risk and, more importantly, employee health and safety.
Meeting these goals in an ever-changing environment requires a proactive approach. Improper location management and call routing make an organization vulnerable to regulatory liability, civil risk and, more importantly, employee health and safety.
Steps to ensure compliance and minimize risk
Editor's note: This tip provides no legal guidance. We recommend those responsible for 911 location and call routing management consult with appropriate legal counsel to determine their organization's risk and potential liability.
1. Assess regulatory compliance
In the United States, two primary laws govern 911 compliance: Kari's Law and RAY BAUM's Act.
Kari's Law requires new multiline phone systems sold, leased or installed after Feb. 16, 2020, to directly dial 911 without needing to use a prefix, such as an 8 or 9, to reach an outside line. It also requires appropriate personnel, such as on-site security individuals, to be notified whenever a 911 call is made, and mandates that 911 calls sent to an ECC/PSAP have a valid callback number.
RAY BAUM's Act, Section 506, requires calls sent to 911 operators provide a "dispatchable location," which the Federal Communications Commission defines as "a location delivered to the PSAP with a 911 call that consists of the validated street address of the calling party, plus additional information such as suite, apartment, or similar information necessary to adequately identify the location of the calling party." In most cases, first responders arrive and require security personnel to escort them to the caller, so it's critical for those individuals to know the specific location where the 911 call originated.
Nearly 64% of organizations are compliant with both Kari's Law and RAY BAUM's Act, according to Metrigy's "Employee Engagement Optimization: 2025" study of 400 companies. This is only a slight increase from 2023 when 63% of companies reported compliance with both laws. In addition to these federal regulations, several states and cities have their own regulations covering the segmentation of large facilities and how 911 calls are sent to local PSAPs. Addressing risk means ensuring E911 compliance for all employees, in all locations, on all endpoints.
911 compliance checklist for enterprise phone systems
Use these checks to review whether your 911 compliance strategy covers the main risk areas:
✓ Users can dial 911 directly without first dialing a prefix for an outside line.
✓ Designated internal personnel, such as security or front desk staff, are notified when a 911 call is placed.
✓ Calls include a dispatchable location, such as building, floor, suite or room information.
✓ Location information accounts for remote and hybrid workers.
✓ Personal and company-provided mobile phones are addressed in the emergency response plan.
✓ UCaaS, SIP trunking and calling providers support 911 location management, call routing and testing.
✓ Providers have a plan to support NG911 requirements as they continue to evolve.
✓ The organization regularly tests 911 routing and location information across major endpoint types.
2. Mitigate risk
IT leaders should assess what tools are available to them from their phone system providers to help them meet regulatory requirements, and then determine what changes or additional deployments might be needed to ensure compliance. Network-level protocols can help track the location of desktop phones, but pinpointing softphones and mobile phones requires additional investment in dedicated 911 location management tools -- especially in mixed PBX or cloud calling platform environments.
Organizations should also evaluate 911 management and call routing capabilities from their Session Initiation Protocol trunking providers if they have their own public switched telephone network connectivity. Metrigy research finds that approximately half of companies rely on third-party or managed services to handle 911 location and call routing management. Such platforms might offer additional benefits, such as misdial prevention and 911 call recording.
3. Go beyond phones
Once a call is placed to 911 and the appropriate security personnel have been notified, consider how the 911 call is integrated into an emergency response plan. Vendors like Intrado, 911inform and RedSky Technologies offer the ability to integrate 911 calls into incident management platforms, enabling security personnel to not only identify a caller's location, but potentially tie that call into other available data from IoT devices, including cameras, sensors and door locks.
In some cases, it might be possible to share this information with first responders so they can assess the situation. In addition, consider mobile phone-specific location management capabilities from vendors like 911inform.
4. Plan for Next Generation 911 (NG911)
NG911 revamps location management by enabling phones to determine their location via a variety of information sources, including GPS, and to transmit real-time location data to the PSAP at the time of a 911 call. Advanced capabilities support new communication modalities, such as text to 911, and let devices share video with first responders.
The FCC has also adopted NG911 transition rules for originating service providers. While most enterprises will not manage that transition directly, IT teams should understand how their providers plan to support NG911 requirements, including IP-based 911 traffic delivery, location information and connectivity testing.
5. Include mobile phones
Today, almost everyone carries a mobile device, and statistics show that approximately 80% of 911 calls are placed via these devices. Even if a company has a rock-solid plan for an enterprise phone system, it's very likely employees will use their personal or company-provided mobile phones to call 911 -- especially if their only option is a company-provided mobile device.
These calls are handled by wireless carriers that likely won't be able to notify on-site personnel that a call was made or the caller's exact location Products from vendors, including 911inform, address this issue by enabling mobile operators to map enterprise offices and provide on-site notification when a 911 call is made from a mobile phone.
6. Test, test, test
Configuring 911 location and call routing management isn't something that's done once and then forgotten. Ensure your organization has a regular schedule of tests across all potential calling endpoints. If it's available, use 933 testing to minimize calls into actual PSAPs. And, as part of your training program, ensure employees are aware of any potential limitations in 911 call routing.
Addressing each of these 911 compliance issues creates a high likelihood that, when an employee places a 911 call, it goes to the correct ECC/PSAP and with the caller's accurate location. It also means a more effective response to any incidents that might have triggered the initial call.
Editor's note:This article was updated to improve clarity and reflect current 911 compliance considerations.
Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration.
