Is your fax provider HIPAA Compliant?


The Health Insurance Portability and Accountability Act of 1996 (HIPAA) instituted a set of rules intended to maintain the security of patient information, formally known as “protected health information” (PHI). Healthcare providers, insurance companies, and other “covered entities” have often turned to fax to transmit PHI because it’s so much more secure than e-mail and many other forms of electronic communication.

Modern fax technology has come a long way since the days of dedicated fax machines and copper phone lines. Today’s web-connected electronic fax has far greater capabilities. Even with all of the different options that are available, though, fax is highly secure and extremely dependable.

Sending protected health information in electronic format (ePHI) by fax is permitted within HIPAA, provided that appropriate measures be taken to guard against unauthorized access to that information. So what exactly are appropriate measures? It starts with selecting the right vendor. Look for a company that understands healthcare and HIPAA in particular.

Many providers of electronic fax will tell you that they are HIPAA compliant; but not all fax vendors are created equal. Here’s what you should look for:

This last point is especially important. Under HIPAA, any company who comes into contact with PHI while performing work on your behalf is defined as a Business Associate, and you must therefore have a BAA in place with them. WestFax can provide an industry-standard BAA agreement, or if you prefer, we will enter into a custom BAA agreement tailored to meet your requirements.

Your fax platform provides a critical communication link between your organization, the outside organizations with which you must share PHI, and the patients whom you serve together. In addition to selecting a vendor that thoroughly understands HIPAA compliance, personnel within your own organization must clearly understand good security practices, receive regular training, and follow policies and procedures designed to protect PHI from unauthorized access.

At WestFax, we take pride in exceeding expectations when it comes to the security of private patient information. Privacy and security are at the forefront of everything that we do, including our business practices, policies, procedures and personnel training. With multiple options to integrate fax into your processes and applications, we offer maximum interoperability for organizations that manage patient information on a day-to-day basis.

Sign up today for a free trial of WestFax’s HIPAA Basic plan; or if you’d like to sign up for one of our plans, visit our Healthcare Fax page to learn more.

Need more information? Contact us at 800-473-6208 and we can help you better understand which plan will work best for you.