How to port your hard line fax number to digital cloud fax

You keep meaning to do it, but it seems like a hassle. Yes, getting rid of the old fax machine.

You are paying for a dedicated phone line, fax machine upkeep and the paper and ink supplies. Plus dealing with having to resend when the receiving machine is busy or missing faxes because your machine is busy.

There is no better time to go to Digital Cloud Fax.

But you want to keep your fax number, and the process (you think) is a pain. Just know that it isn’t hard at all and here is how to do it quickly and easily.

Pre-requisites:

  1. You must be current with your phone / fax line provider.
  2. You must have a copy of the latest bill handy.

The first thing you want to do is sign up for online fax. WestFax offers a basic fax plan for $8.99 a month with a 10-day free trial. So, go ahead and sign up.

You will pick a new fax number but let’s not get hung up on that. We will port your number next so that new number you pick will just be a placeholder.

Now, let’s test if your number is portable. Some providers make it difficult to port out your number. Using our quick check tool allows you to get an instant answer. Click here to check your fax number’s portability.

Ok, Let’s assume it’s portable. Now all you need to do is fill out the  porting form.

Once we get your form, we’ll begin porting your number. You can still use the new number you just signed up with to test it but once the port is complete, you will get all your hard faxes in digital PDF format delivered to your inbox. No more paper jams, paper expense or missed faxes. No more busy signals.

Porting is not as hard are you might think. You just need to have your billing information handy and fill out a basic form. It’s easy and it will save you hundreds of dollars in telephone line costs a year.

So cut the cord and sign up with digital fax today!

API Parameters and Return values [decoded]

Unless you are deep diving into the SDK you may miss some of the enum values that are useful for implementing the API. What are Enums? Basically they are a list of values that can be used as an input value for a web service or they are presented as output values. If you need to trap a particular output or status these values are key for proper error trapping and flow in your application.

We’ll look at the most frequently used API calls and break down the values allowed and returned. Is there another API call you want documentation for or need to know more? Let us know.

Note: We aren’t showing all the input and output parameters. Just the ones that have set values that must be set or can be counted on as a set return value.

 

Webservice Call

Input Parameters

Output Values

Fax_SendFax

FaxQuality:
Fine or Normal
Success: true or false
Result: 0000000-0000-0000-0000 {JobId} or
if failed it will return an ErrorString and InfoString which will have detailed failure information.

Fax_GetFaxDescriptionsUsingIds

FaxIds1..3

Use a json object for this:
{
"Id": "28887ac4-424d-4164-9def-ca5e926342d8",
"Direction": "Outbound"
}


Include the jobId and the Direction which can be Inbound or Outbound
Success: true or false
Result: Returns a json object:

{
"Success": true,
"Result": [
{
"FaxCallInfoList": [
{
"CallId": "00000-00000-000000-0000",
"CompletedUTC": "2019-12-05T15:11:06Z",
"TermNumber": "000000000",
"OrigNumber": "2225551212",
"OrigCSID": "(222) 555-1212",
"Result": "NoAnswer"
}
],
"Id": "00000-00000-000000-0000",
"Date": "2019-12-05T15:11:33Z",
"Direction": "Outbound",
"Tag": "Retrieved",
"PageCount": 1,
"FaxQuality": "Normal",
"Status": "Complete"
}
]
}

Result can be:

{
Success,
Dialing,
Removed,
BadNumber,
Busy,
NoAnswer,
NoFaxDevice,
Cancelled,
Failed,
InvalidNumber,
Unknown
}

Fax_GetFaxIdentifiers

FaxDirection:
Inbound or Outbound
"Success": true,
"Result": [
{
"Id": "000000-00000-00000-000000",
"Direction": "Inbound",
"Date": "2020-01-23T21:24:50Z",
"Tag": "None"
},{
"Id": "000000-00000-00000-000000",
"Direction": "Inbound",
"Date": "2020-01-23T21:24:50Z",
"Tag": "None"
}
]

Fax_GetFaxDocuments

FaxIds1..3

Use a json object for this:
{
"Id": "28887ac4-424d-4164-9def-ca5e926342d8",
"Direction": "Outbound"
}


Include the jobId and the Direction which can be Inbound or Outbound

{"Success":true,"Result":
[
{
"FaxFiles":[
{"ContentType":"application/pdf",
"ContentLength":35586,
"FileContents":"JVBERi0xLjINCgolJUVPRg0K..."}],
"Id":"0000000-0000-0000-0000000000",
"Direction":"Inbound",
"Date":"2020-01-23T21:24:50Z",
"Status":"Ok",
"Format":"pdf",
"PageCount":1
}
]
}
}
]
}

FaxDirection:
Inbound or Outbound

Fax_ChangeFaxFilterValue

FaxIds1..3

Must be in json:
{
"Id": "0000000-00000-000000-000000000"
}


Filter is what we are changing the specified fax status to:
None (reset - marked as unread),
Retrieved (Marked as Read),
Removed (Deleted)
{
"Success": true,
"Result": true
}

Fax_GetProductsWithInboundFaxes

Filter:
None,
Retrieved,
Removed.

 

 

:

 

WestFax API HowTo: Checking for new inbound faxes with new function.

,

Here is what we are going to do:

  1. Check for new faxes using a new api call: Fax_GetProductsWithInboundFaxes
  2. Get a collection of inbound faxes for us to process.

Here is what you need:

  1. We will assume you are using a relatively modern development framework. PHP, React, .Net, etc…
  2. We recommend you use a tool like Postman (Free and available on all platforms) to test your API’s and generate the code or you can run in a sandbox at SwaggerHub.
  3. Developer API account. Easy to sign up and get started immediately.
  4. If you haven’t implemented the API before you may want to check out our quickstart how-to articles here and here.

What is this useful for:

This is useful if you have multiple inbound fax lines and you need to check them for new inbound faxes. Just calling this one procedure will alert you to new inbound faxes and you can then go and retrieve the metadata about the new faxes. If nothing is new you don’t have to make a call for each productID which saves server time and resources.

 

Phase 1: Let’s check our Fax number for new faxes.

In this case I have sent myself a test fax before I run this proc.

I am going to fire up SwaggerHub and use the Tryout function to call the procedure and get data back.

The procedure is called Fax_GetProductsWithInboundFaxes. You can see it’s spec here.
Description of the Postman call.
We are going to call the proc using the Try Out feature.

 

  1. We’ll be asked to enter the Username and Password for our WestFax API Call. Notice we are not specifying a prodid as this procedure works across all fax lines and will return a collection of fax lines if the filter field matches.
  2. Let’s talk about the filter field. If you leave it blank it will assume Unread flag. You can set it to None, Recieved & Removed. None or <blank> will show you Fax numbers that have unread faxes. Recieved will show you fax lines that have read faxes and removed will show you faxes that have deleted faxes. These are unlikely use-cases but here nevertheless.
  3. So here is the call:
    Description of the Postman call.
  4. When I execute it I get back:
    Response of a postman call
  5. You can see that it returns a ID record as well as the InboundNumber so you can now go call the Fax_GetFaxDescriptions or  Fax_GetInboundFaxDescriptions. Set your FaxDirection as Inbound and you can now update your app with the new incoming faxes.

Success! As you can see it’s not hard at all to add Faxing to your Enterprise application. If you have questions or need more help please reach out to us at 800-473-6208 or contact us via email.

 

WestFax API HowTo: How to handle inbound faxes and callbacks.

,

In this how-to we are going to talk about different implementations of callbacks and different ways to handle inbound faxes and notifications. This article assumes you hare familiar with the basics of the WestFax API. Here is a refresher article.

What are callbacks? They are asynchronous, out-of-band requests that your service will send to some other service in response to certain events. This helps you improve the workflow your app.

In layman’s term a callback is just that. Something happens (You send a fax) and we “call” you back and tell you that it sent. A callback for an incoming fax works the same way. We get a fax for you and we let you know it. The mechanism is for our server to “call” or load a URL that is specified by you. When we call your script or webpage you can configure your app to do whatever it needs to do.

You set the callback url which is a page on your website that can process data about an event. Your page is configured to receive parameters using POST or GET Method. WestFax supports both. When an event occurs (Successful fax delivery, etc…) it will call that url with the proper parameters so your application can handle the event and process your workflow without having to intermittently ping our service.

 

Here is what we are going to do:

  1. Send a fax using the API to ourselves or a test fax number.
  2. Get the callback response and call a web service that gives us the status of the fax

Here is what you need:

  1. We will assume you are using a relatively modern development framework. PHP, React, .Net, etc…
  2. We recommend you use a tool like Postman (Free and available on all platforms) to test your API’s and generate the code.
  3. Developer API account. Easy to sign up and get started immediately.

The WestFax API is comprised of a large set of methods that are exposed using a RESTful interface. Data can be interchanged in a number of formats including JSON and XML. Additionally, WestFax offers SOAP and RPC bindings that are described elsewhere. For the purposes of this demo the REST interface with JSON encoding is used.

  1. Get the sample code for Postman. Link here.
  2. Click Download or Fork it to your local repo.
    Postman illustration
  3. Once you have the local files you should see two Json Files: WestFaxApi_Postman_collection.json and WestFaxApiEnvironment.postman_environment.json
  4. Open Postman and create a new Request. You can call it whatever you want to call it but we will use WestFax.
    Postman illustration
  5. Now go click the File -> Import command.
    Postman illustration
  6. Drag or select  the two Json Files from the code you downloaded earlier and click import. You should have requests in your new WestFax Collection.
  7. Now look at the top right corner of postman. You should see a drop down and an “eye” icon and a gear icon.
    Select the Dropdown to select “WestFaxApiEnvironment” and then click the Eye icon.
    Postman illustration
  8. You will now see a bunch of pre-defined variables. You will want to change these by clicking Edit.
    Postman illustration
  9. Change the default values to the ones you received when you signed up for API access.
  10. Now let’s try to send a fax. If you have an incoming number attached to your account you can use that or any other fax number. You can also use the well known HP Faxback test number at 1-888-473-2963. They will fax you back that they received your fax usually within 5 minutes.
  11. So click the Fax_SendFax method on the left and you will see this for your Body setup.
    Postman illustration
  12. The {{Orange}} values are filled in from the config you already set so you can ignore those. The values you need to set are the Numbers1, Files0 fields. The rest are optional and you can unclick them if you want. Although adding a FeedbackEmail value is useful to get confirmation of the fax sending. Once you set all these variables go ahead and click send.
  13. Set your CallbackUrl with templated values for replacement. In this case we are using: [get]http://webhook.site/bf01f09f-3255-4b46-9a9d-10a9c21fbeed/?jobid={@jobid}?prod={@prodid}&dir={@dir}. WestFax will replace the @jobid, @prodid and @dir with real values so one can process accordingly. GET is implied so you can exclude [get] from the beginning or use [post] to use that method. You can go to webhook.site and get your own callback url for free.
  14. You should see a result code of True and a hash string with the confirmation code. This Result code is the @jobid you will use in the next phase of handling the callback so copy this value somewhere.
    Postman illustration
  15. Ok, so here is a neat trick that Postman give us. You can get all your code done for you. Just click the button “Code”. It’s kind of buried near the Send button next to cookies.
    Postman illustration
  16. Now when you click code you will get formatted code for almost any programming language you may need:
    Postman illustration

 

Phase 2: Let’s check the Status of the Fax now that the pingback call has come back.

So the fax process worked and we are waiting for a callback response. Basically WestFax will ping a url that you provide.

In our case we used a website called Webhook.site. Here is the result of the Callback call:

Postman illustration

So when the callback fires your webpage should handle those input values.

Once you have the values you can call the next webservice and get the data back. Let’s get started.

  1. Let’s go back to Postman and find the webservice called Fax_GetFaxDescriptionsUsingIds. Go ahead and click it. You’ll see something like this:
    Postman illustration
  2. Ok, so let’s look at the Body of this request so we know what we need to fill out to get the fax status.
    Postman illustration
    We see that it has the username, password, cookies (we can ignore that), productID and two new fields FaxIds1 and FaxIds2. You’ll notice that these fields have template string placeholders of {{FaxIds1}} and {{FaxIds2}}. This is because these values are serialized and we’ll look at this next. The FaxIds fields are the Faxes we want to get the status of. We have the result code from the previous call so let’s go explore that.
  3. We are going to click on the Pre-request Script header and we’ll see the format of the template placeholder we talked about previously.
    Postman illustration
    So we already put this code in there for you. All you need to do is replace the Id field. The Direction, Date and Tag are optional as the ID is the key field here. So we’ll put our Id in here and you can see on Line 8 that we bind the JSON string to the Variable. You could also copy all the JSON from the variable id1 into the FaxIds1 field directly but this template allows you to append more Id’s and get the status of several faxes.
  4. Once you have the ID in there you will hit Send and get the following output.
    Postman illustration
    You can see here that we have a complete record of the fax transmission. You can parse the JSON result in whatever method you choose and you can see that we have the Date, Direction, PageCount, Quality and Status which is Complete. So the fax is completed.

 

Success! As you can see it’s not hard at all to add Faxing to your Enterprise application. If you have questions or need more help please reach out to us at 800-473-6208 or contact us via email.

 

Digital Cloud Fax Technology and Interoperability in Healthcare

From its analog origins in the sixties to the infinitely scalable Digital Cloud Fax platforms today that can send/receive/process and manage millions of faxes; Fax has never been as robust and powerful. The future of Fax and its role in healthcare has been a topic of much discussion but with the vision of an all-digital healthcare system still evolving, fax is seeing its architecture evolve to meet the challenges of complete interoperability.

It’s not about paper waste anymore.

The fax industry wants you to throw away recycle your fax machines and go digital. The fax industry gains nothing from you using paper; however, paper fax, as well as paper medical records, will always be around. The advantages of fax (contractually binding, receipt of transmission, HIPAA compliance, etc.) are the same if the fax is paper or digital.

Fax offers 100% Interoperability today.

Digital faxing can be integrated from start to finish in the healthcare document lifecycle. From medical records in an EMR system being digitally faxed to another office (that utilize cloud fax), where those records are put through powerful OCR engines, routed and converted to Structured Data which can then be consumed with the new medical interoperability standards such as FHIR, HL7 and Direct. What is structured data? Basically, it’s data that has an identifiable and repetitive format.  HL7 uses a delimited data structure, and FHIR messages can use JSON or XML. It’s basically text formatted to be easily readable and processable by machines efficiently.

Digital Cloud Fax Provides 100% interoperability

 

Interoperability is a big buzzword in healthcare and it may seem straightforward. The path to it is less clear. Going all digital will require a massive effort by all parties involved, including fax. We have seen the evolutions of email and how data is managed in the cloud. There is no reason to believe that fax will not evolve as well.  Everything in the cloud is a great idea but it’s just an idea. The reality is somewhere in the middle. We are getting there but a vast majority of medical records are paper, and document conversion is a slow ongoing process. Fax will assist in this effort with digital cloud faxing.

 

Working toward the same goals.

In conclusion, the future is bright regarding digitizing healthcare records. There will come a day when all health records are digital but that future will not materialize if we don’t take a measured and thoughtful approach to the process. Going from paper to digital is just the first step, not the finale goal. Fax has never been more capable and powerful than it is today. Healthcare and organizations working to modernize healthcare will be well served to harness that power and avoid the knee-jerk “Axe the Fax” memes which malign a technology that has been a stalwart partner for decades.

What is a HIPAA Compliant Fax?

I recently had a routine medical checkup and as I was signing in I always look over to see if they have an old fax machine sitting somewhere. It’s rare that you see a stand-alone fax machine as most offices have online faxing and multi-function printer integration. At some point a medical assistant asked one of the ladies at the desk if the fax needed a cover sheet. The woman at the desk quickly assured her that all faxes get coversheets no matter what. “All Faxes get cover sheets! No exceptions…ever!”.

It’s good to see that my doctors office takes HIPAA seriously as ignorance of the laws are not an excuse any longer. HIPAA has been around since 1996 so we have had over 20 years to get it right however we are still talking about it and struggling with compliance.

It’s not just doctors offices that have to deal with these directives either. Pharmacies, therapists, hospitals and even insurance companies have HIPAA Fax requirements.

Some of these rules are obvious like all fax machines are to be placed in a secure area and not publicly accessible. Many faxes are digital and just saving them to the local hard drive or “G Drive” is not enough either. A lack of technical knowledge or inadequate IT budgets can lead to massive HIPAA fines.

A recent HIPAA violation that made headlines was Affinity Health Plan and their used copier. They returned a copier after a lease was complete and failed to wipe the hard drives. Over 350,000 patient records were exposed. HHS fined them $1.2 million. It could have been worse. All because an IT admin didn’t know or didn’t have a solid HIPAA compliant IT plan for disposing of devices that contain ePHI. It was only found because the copier leasing office checked the hard drives. How many times has this happened and not been reported?

Faxing doesn’t have to be complicated. Now with integrated Multi-function printers and Print to Fax drivers your organization’s fax platform can be seamlessly integrated into your EMR.

IT budgets are tight and enterprise fax is a critical element in every medical environment. Don’t cut corners or ignore the common sense HIPAA Fax guidelines.

Btw, here are the penalties for a HIPAA Violations:

  • Tier 1: A violation that the covered entity was unaware of and could not have realistically avoided, had a reasonable amount of care had been taken to abide by HIPAA Rules
    • Minimum fine of $100 per violation up to $50,000
  • Tier 2: A violation that the covered entity should have been aware of but could not have avoided even with a reasonable amount of care. (but falling short of willful neglect of HIPAA Rules)
    • Minimum fine of $1,000 per violation up to $50,000
  • Tier 3: A violation suffered as a direct result of “willful neglect” of HIPAA Rules, in cases where an attempt has been made to correct the violation
    • Minimum fine of $10,000 per violation up to $50,000
  • Tier 4: A violation of HIPAA Rules constituting willful neglect, where no attempt has been made to correct the violation
    • Minimum fine of $50,000 per violation

WestFax can service all your Secure HIPAA Compliant Fax needs from a simple email / fax portal to full API Integration with your EMR / EHR / Salesforce and more. Learn more.

Barry Clark

Barry Clark

How to use Advanced flags with Fax to Email

,

If you are a user of Fax to Email you already know how easy it is to send faxes. Once you setup your FaxForward account you just just send an email with an attachment to FAXNUMBER@westfax.com where you replace FAXNUMBER with the ten digit number. i.e. 13035551212@westfax.com.

The Subject of the email becomes the Fax Header and the fax is sent as soon as it’s received.

There are a few more advanced “commands” you can use to alter the workings of the FaxForward.

These commands are placed in the Email subject field.

Here’s a list of the switches and a quick description of their function:

/d YYYY-MM-DD HH:mm — Date switch, which will change the schedule to the date and time given.

/hn — Header negate – this suppresses the header on the fax entirely.

/h [Header Value] — Use [Header Value] as the header on the fax.

/rs or /rf – Controls resolution. Resolution is Standard (/rs) or fine (/rf)

/at [1 – 10]– Controls transmission attempts (default is 3). Range is 1 – 10. If excluded, the product configuration will be used.

/rti [1 – 30] – Controls retry interval. Value is number of minutes between retries. Range is 1 – 30 minutes. If excluded the product configuration will be used. Default is 5 minutes.

/faxbody – Fax on the body of the email. The email must be HTML encoded.

/faxattachmentsonly – Ignore the content in the body of the email. Convert and fax only the attachments.

/faxbodyandattachments – Fax both the body and attachment.

Here’s an example subject line:

/h Therapy Fax /rs /faxattachmentsonly

This would yield a fax that has “Therapy Fax” as the job name and header. Only the attachments will be sent, and the attachments will be rendered in standard fax resolution.

Most common HIPAA violations and how to avoid them.

HIPAA ViolationHIPAA violations occur everyday. The best way to avoid HIPAA violations is for them not to occur in the first place. HIPAA laws are complex and they are subject to continuous change.  The best defense is a good offense and in today’s medical environment there are no excuses for untrained personnel and careless mistakes.

Some of the more common HIPAA Violations are:

  1. Maintaining Unsecured Records.
    All patient and PHI (Person Health Information) related records must be in a protected environment. A locked Desk, Filing Cabinet or office. Digital records must be protected by password controls and optimally have strong encryption. Patient data should never be left on desks overnight or in unsecured locations. Most HIPAA violations fall into this category.
  2. Lack of Employee Training.
    All staff that handle ePHI or HIPAA materials should be properly trained on the requirements and regulations that govern one’s particular practice. Even IT personnel should have training as they are usually able to access PHI in their daily IT duties. Training is not optional. It is a part of the HIPAA laws. One cannot plead ignorance of the law in the event of a violation.
  3. Gossiping and/or sharing information.
    Talk around the watercooler is natural in most offices but the topics cannot stray into PHI about patients no matter how tantalizing it is. Medical information should only be discussed in a professional setting related to treatment or official matters regarding the patient. Gossiping about a patient’s condition is one of the primary reasons that HIPAA laws exist. Many celebrities and public figures had their private medical data leaked and in the days before HIPAA there was no penalties in place beyond direct civil legal action.
  4. Hacking
    Just Google “Medical Records Hacked” and you’ll find thousands of stories of hackers stealing medical records and selling them on the dark web. That post-it-note with your login to the EMR is enough to effectively bankrupt the entire practice. Practicing strong IT discipline and enforcing complex passwords will ensure that the front door to your records remains unbreached. There are still ways to get at medical information through bugs and attacks but the first line of defense is at the individual employees desk. See the HHS Cyber Policy guidance for more information.
  5. Improper disposal of health records. 
    One of the more important guidelines of HIPAA are the proper disposal and removal of PHI. Anything containing Social security numbers, medical diagnosis or treatments must be shredded, destroyed and wiped from hard drives and removable media. Even the Ipads that are used for patient sign in contain PHI and must be properly disposed of. Old computer equipment should not be sold or upgraded without properly wiping all hard drives and removable media. Even if a computer is broken the hard drive may contain PHI and if that falls into the wrong hands can cost millions in fines.
  6. 3rd party disclosure
    Again, discussion of a patients treatment should only be between the doctor, staff and billing departments and the patient. Accidental disclosure; an employee faxing the records to the wrong office are not treated as accidents in the eyes of the law and are as damaging as purposeful release. Ensuring that the recipient has a need to know and double checking fax numbers and email addresses ensures that a patients PHI does not end up in the wrong hands.

In summary, PHI and HIPAA regulations are clear in all guidance. There is no grey area when it comes to HIPAA. Make sure your staff is trained (including IT staff) and enforcing strong oversight of your practice’s compliance is critical to ensuring you stay on the right side of the law.

 

How To: Getting started with the Print To Fax Driver

,

Let’s break it down and get you faxing!

What you need:

Let’s get started:

  • First let’s get the driver downloaded. Click here to download it: Fax to Printer Driver.
  • Once it downloads double click it to extract the files. There are two installer files. Choose the x64 one. If you get an error use the x86 version.
  • Click Next to select the location of the install. You can leave this default unless you want to install elsewhere.
  • Click Install
  • When you see the next screen just click Finish and launch the Printer Tool.
  • Ok, here is the default screen. We’re going to connect to your Fax2Email account. Need an account? Stop here and go sign up. Then come back to this step.
  • Ok, Click the Settings button and you’ll get this dialog box. Click Login to set your login credentials.
  • Now, enter your login and password for your Fax To Email account. Can’t remember it? Click here.
  • Now, Let’s make sure everything is set. You should see your Fax number in the “Currently Selected Product (Fax number)” box. If you have more than one number choose the one you want to fax from.
  • Now that you have your account authenticated you are all set!
  • Now, let’s open any document to print. Got one loaded? Ok… Let’s print:
  • Go to File->Print. Now in the printer selection choose “WestFax Printer”. Then hit Print.
  • Now, You will see a “Processing” Bar on the bottom right as we queue up the document. Then you will see the WestFax Printer dialog come up.
  • Now you go to the WestFax Printer tool and you will see your document name, # of pages and the status. If the document is a few pages it will take a few seconds to change the status to ready. If it is a larger document with images or a large number of pages it will take a little longer. Once it says Ready we want to click “Start Fax”. Note: You can add additional documents on this screen here if you want. Just click “Add Doc” and select any document you want to include.
  • Now just click “Start Fax”. You will be able to confirm the fax number you are using (if you have more than one number) and you just need to add some recipients. Type in the number and add a name to it if you want.  Click Add. You can also add a Header and Job Name as well but it’s not required. You will see thumbnails of your document on the right. You can double click it to view it zoomed up.
  • Once you have at least one fax recipient you can click Send Fax. You’ll see a dialog popup that says “Fax Sent”
  • Done! Ok, so if you followed along your fax is on the way. You can fax yourself if you want to test it. Also, if you want to see the fax status you can log into your Fax to Email account and see the new outgoing fax there.

 

Any issues or questions? Please feel free to reach out to our team and talk to a real person. Click here to contact us or use the contact form below. We’ll do our best to get you all sorted out.

  • This field is for validation purposes and should be left unchanged.

HIPAA violations and Fax.
How to ensure you are compliant.

,

It doesn’t need to be said, but HIPAA compliance is serious business. Entire industries have been built around making sure medical facilities, doctors offices and insurers are complying with all the privacy and data protection laws and guidelines. Here are some straightforward tips for keeping your faxing on the right side of the law. HIPAA Violations are no joke.

1. Don’t allow incoming faxes sit on publicly available fax machines or within visual range of unallowed 3rd parties.
If one is receiving faxed protected documents ensure that your machine is in a private non-public location. When sending a protected fax, call the receiver to ensure that their fax machine is in a private or protected location. If the fax machine is physically located on a desk ensure that patients and clients walking by cannot see the contents of faxes being received.

2. While you’re at it, dump your manual fax machine and use a HIPAA compliant cloud fax service.
Immediately this will save you money, make it easier to manage sending and receiving faxes, and offers the added security of encryption technology when sending and storing faxes. Make sure your cloud fax service encrypts all your documents and is setup for HIPAA fax. WestFax offers HIPAA compliant cloud fax.

3. Always use cover pages.
HIPAA requirements dictate that one uses a cover sheet with the approved HIPAA statement when transmitting PHI. Be sure to use a Confidentiality Statement on your fax cover sheets when sending patient information. This is an example of a Confidentiality Statement:

The documents accompanying this facsimile transmittal are intended only for the use of the individual or entity to which it is addressed. It may contain information that is privileged, confidential and exempt from disclosure under law. If the reader of this message is not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you are not the intended recipient, you are hereby notified that law strictly prohibits any disclosure, copying, distribution or action taken in reliance on the contents of these documents. If you have received this fax in error, please notify the sender immediately to arrange for return of these documents.

In order to be HIPAA compliant, your fax cover sheet should also include the following items:

  • Date and time sent
  • Recipient’s name
  • Recipient’s fax number
  • Sender’s name and organization
  • Sender’s phone number
  • HIPAA fax disclaimer

4. Maintain an audit trail.
If you don’t have an accurate audit trail of every activity that occurred with each patient document, then you are susceptible to fines associated with non-compliance.

HIPAA is not optional and until all IT assets and architectures are re-engineered to be intrinsically HIPAA compliant everyone must be vigilant and attentive to PHI handing requirements and best practices.