HIPAA’s Standards for the Protection of Protected Health Information (PHI) dictates that, among the many technical safeguards that should be in place, organizations need to “include technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights as specified in §164.308(a)(4).”
One of the most simple ways to maintain HIPAA compliance in this regard, at least when it comes to faxing with RightFax, is to use cover sheets.
Understanding Protected Health Information
HIPAA identifies PHI as “individually identifiable health information” that organizations are in charge of storing and transmitting. This information can also be in the form of electronic documents, known as ePHI (electronic protected health information), that are stored as media on workplace devices.
What identifies documents with PHI? These documents (medical records, laboratory reports and billing information, etc.) will include any of the following information about a patient:
- Date of birth
- Phone number
- Address/email address
- Social Security number
Documents that contain lab results and other treatment information but do not have any identifiable patient information are generally not protected by HIPAA regulations.
Properly Using Cover Sheets While Faxing
When it comes to sending PHI or ePHI via fax, we always recommend that organizations use a cover sheet. These can help prevent those who are not authorized to have a patient’s PHI from being able to see it (whether intentional or not) when faxes are sent. Whether you are faxing traditional documents or sending a fax via email, a cover sheet will help maintain HIPAA compliance.
Here are the things you should include on your HIPAA-compliant cover sheet:
- The recipient’s name
- The recipient’s fax number
- The date and time sent
- The sender’s name
- The sending organization
- The sender organization’s phone number
- A HIPAA fax disclaimer
Stay Compliant. Use Cover Sheets
Best practices dictate that cover sheets should be used when sending faxes that contain PHI. If you aren’t sure if a fax contains sensitive patient information or identifiers, it’s best to use a cover sheet anyway. To learn how to create a customized coversheet in RightFax, watch this video. If you have any questions about how RightFax can help your organization maintain HIPAA compliance, contact The Fax Guys today.