Fax / Voicemail|
HIPAA & Safe Harbor compliant
See also: Mobile Devices SMS (texting)
Send ZSentry fax to cell phones, with HIPPA and Safe Harbor compliance, and enable free secure reply by texting or email (even if the phone cannot send email).Regular faxes and e-faxes fail in terms of HIPAA Protected Health Information (PHI) safeguarding requirements (HIPAA, 45 CFR § 160.103). Information sent by fax is not de-identified, and is not encrypted at the source. And yet, it goes through public networks and the Internet. Therefore, there is no such thing as HIPAA-compliant fax or e-fax.
However, one may ask, don't people say that HIPAA rules allow a health care provider to fax patient medical information to another health care provider, for treatment purposes?
Yes, in the same way that HIPAA rules allow two health care providers to openly talk about a patient in a busy corridor. However, because voice communication itself is not HIPAA compliant, there is liability under the HIPAA Privacy Rule if someone eavesdrops on the conversation (accidentally or not).
Likewise with fax and e-fax, since the technology cannot provide HIPAA-compliance, the burden falls on the health care providers to prevent the privacy risks and respond for breaches.
For example, the sender is required under HIPAA to make sure that the fax number to be used is in fact the correct one for the recipient. Further, the fax machines at both ends should be placed in a secure location to prevent unauthorized access to the information.
Therefore, when using fax or e-fax, the health care providers (sending or receiving) should be concerned about potential liability under the HIPAA Privacy Rule, including their determination whether the other health care provider is correctly reducing the risks of using unencrypted communication.
Organizations also need to consider that every fax page sent or received is readable by anyone, without technical controls such as user authentication, access logging, and auditing, to prevent leaks or at least detect misuse. Thus, using fax ends up putting the burden of security on costly and hard-to-enforce administrative controls at both sides.
Faxes and voicemail also do not comply with HITECH Safe Harbor, exposing the parties to large fines and expensive breach notification duties. Using faxes and phone calls can also lead to FTC and HIPAA privacy violation claims, as faxes/calls may be sent or received in non-secured office space, or their copies (e.g., voicemail, paper) may be handled and stored in non-secured fashion.
Absence of HITECH Safe Harbor protection further imposes state-level requirements on health care providers related to notification duties and penalties for security breaches involving personal information. As of 2011, forty-six U.S. states, the District of Columbia, Puerto Rico, and the Virgin Islands have enacted such legislation.
Sending/receiving a fax and handling voicemail are also personnel-intensive. Of course, neither party (sender or recipient) is required to use fax and voicemail, and bear their higher security risks and costs.
All with less work for IT and users, with NO CHANGES» to services, devices, software, carrier, MX or other DNS records.
How ZSentry Fax / Voicemail works
Most likely, you will use what you already have. You can set your computer to read the fax as an image, directly from the fax machine, and then send as a ZSentry mail. The same applies to voicemail. Current fax machines can also automatically send the received fax image through ZSentry mail to your Inbox and/or to a central archive that staff can access with full authentication control, with no paper copy to be concerned about. Similar considerations apply to voicemail. In short, ZSentry allows you to cut & avoid calling/faxing on private or confidential matters, save cost and time, and obtain a secure and paperless record of the images, conversation, participants, time, places, and receipt, ready for processing.
Click for pricing»
SMS / texting
Send ZSentry SMS to cell phones, with HIPPA and Safe Harbor compliance, and enable free secure reply by texting or email (even if the phone cannot send email). Click ZSentry SMS»
Read more »
See also: Frequent Questions »
|Main Technical Notes|