Businesses face hefty penalties for non-compliance with HIPAA regulations. The monetary benefits range from $100 to $1.5 million per violation. Some violations of the regulations lead to criminal charges and penalties. The penalties are based on a reasonable cause or willful neglect. Non-compliance relates to unencrypted data, employee error, or a breach of data storage devices. All businesses must remain HIPAA compliant to avoid these penalties.
Table of Contents
HIPAA Approved Cover Sheet
Businesses cannot use standard cover sheets created from a word processing program like MS Word or Google Docs. The cover sheet must contain a HIPAA disclaimer warning the recipient that the information includes confidential medical information or data. To find an appropriate disclaimer review a guide for HIPAA faxing now. The cover letter must include the following:
- Time and Date the Fax Sent
- Recipient’s name and fax number
- The sender’s name, organization, and phone number
- The patient’s name and reference number
How to Send the HIPAA Fax
The business or organization must set up services with a HIPAA-compliant online fax service. The service provider sets up user accounts for the business and its workers. Once connected, businesses and workers send faxes via their email addresses. To send a fax via email do the following steps:
- Open your email app or service on your device
- Select “New Message” or “Compose.”
- Click on the address field and type in the 10-digit fax number for the recipient.
- Click the attachment icon at the bottom of the email.
- Select the documents from your list of documents.
- Type the HIPAA Disclaimer into the body of the message.
- Click the Send Button.
Create a Separate Fax Number for PHI
Businesses that manage medical data but also send or receive non-medical data need more precautions. It is recommended that the company sets up two separate fax numbers for personal health information and non-related business faxes. The measure could prevent unauthorized workers from seeing PHI or other data beyond their security clearance. The company can limit access to the online fax services for the PHI.
What is HIPPA Compliance?
The Health Insurance Portability and Accountability Act defined standards and regulations pertaining to sensitive patient data and how to secure it. All PHI must be encrypted and transmitted through services that have a secured socket layer to prevent outsider access to the information. Businesses and organizations must also implement these policies and safeguards into their network and organization.
- Limit and control access to PHI and set up an authorized place to view or access the data
- Set up policies for using and access the PHI-based workstations and electronic media
- Implement and enforce restrictions on transfer, removal, disposing, and the reuse of all ePHI and electronic media
- Use unique user credentials and IDs, emergency access protocols, auto log-off for the devices, and robust encryption and decryption.
Businesses and organizations must follow all HIPAA regulations to protect all personal health information transmitted via online fax or other electronic services. Online faxing services must remain compliant with the standards and all state or government regulations pertaining to confidential or sensitive patient data.
Companies must enforce protocols that prevent unauthorized access to PHI by workers without proper security clearances. PHI authorized workers must follow all company policies for protecting and limiting access to PHI. Companies that aren’t HIPAA compliant could face hefty administrative or criminal penalties for each violation of the laws.
