Author:
mFax by Documo

Are You on the Brink of a HIPAA Disaster? How Physical Fax Machines Put You at Risk

The Hidden Risk of Faxing

Imagine if incorrectly faxed information led to revealing a critical patient condition to the wrong party?

That’s exactly what happened at this New York Hospital: https://www.hipaajournal.com/new-york-hospital-sued-for-disclosing-patients-hiv-status-to-employer-8964/

Fax is a useful and necessary tool for today’s healthcare offices, but faxing can be a ticking time bomb of HIPAA risk.

All it takes is for one employee to enter one wrong digit and send a fax to the wrong person or for you to accidentally leave a document on the fax tray and…

Without even realizing it, your office is now in violation of HIPAA.

HIPAA breaches are taken very seriously, and the results are disastrous. Fines are extremely costly and you and your team can lose your licensing.

Do Any of the Items Below Apply to You?

  • You or your team has sent a fax to the wrong number.
  • You have left faxes on the machine after they have been sent or received, thus exposing the information to anyone who reads it.
  • You have no audit trail of faxes being sent and the users that have sent them.
  • You and your team routinely send faxes without a confidentiality notice.
  • You haven’t validated the security of the phone line you are using to send faxes--leaving each transmission open to being stolen.

Sending information via fax might seem like a simple thing to do, but how do you know that you are not breaking the law?

What are HIPAA breaches?

The Enforcement Rule of 2006 outlines the cost for each violation. Suffice to say you are looking at a minimum of $25,000 per violation with most fines topping $200,000.

So what are HIPAA violations and how do they occur?:

  • A HIPAA violation is when an entity (like you or your clearinghouse, your team members, or anyone else who is authorized to handle PHI) fails to uphold any of the rules outlined in the HIPAA Rules.
  • It does not matter if it was accidental or intentional; you are on the hook either way. Accidental breaches might happen if too much personal information is disclosed when only a little bit would do. Intentional violations are when you or your team knowingly discloses and provides information to anyone except for the intended recipient.

That means that you are responsible for everything that your team says does, and any omissions, like guarding information.

The threat of local device breaches

Year after year, the number one cause of HIPAA data breaches stem from a lack of security.

Most healthcare companies do not realize that physical fax machines store unencrypted fax data--retrievable by anyone with physical access.

A golden rule applies:

Above all, remember that it is absolutely a terrible idea to store information locally on any device within your office.  

Instead, you should rely on storing health data in secure, off-site HIPAA compliant data centers.

Because these centers should have limited access as to who can retrieve the health information you store there.

An 80% Solution for Physical Fax Machine Users

If you are set on sticking with physical fax machines then there are some practical things you can implement to dramatically improve your HIPAA compliance.

Note that these are not exhaustive and there is never a 100% way to automatically comply--you must be always be careful when relying on physical machines

Steps to ensure compliance:

  1. Never let the fax machine in your office hold even one fax - There should be zero chances for someone to walk by and see what is in the tray unless they are the stated and recorded recipient of the information.
  2. Make sure to place your machine in a place that is secure and closely monitored - It is too easy for someone to snag a piece of paper and run off with it without anyone knowing. It’s best if you keep a log of people entering and exiting the fax machine room.
  3. Always use cover pages that block and obscure the PHI on the enclosed pages - This is a HIPAA requirement, and if you do not do it, you are in severe violation and can be subject to fines.
  4. There needs to be an approved confidentiality statement included in your cover letter too - This is a HIPAA requirement, and you have to have it clearly marked and visible on each and every fax you send.

A 100% Solution Using the Cloud

Cloud-based faxing applications like mFax offer an attractive alternative to physical fax machines.

Not only does mFax (or other cloud-based faxing applications) provide quicker workflow and more reliability than physical fax but they also fill many of the HIPAA holes created by physical fax:

  1. Cloud fax provides complete audit trails of faxes being sent and received - Eliminating the need for physical storage of fax logs
  2. Cloud fax provides individual user accounts and access to prevent unauthorized users from viewing faxes
  3. Cloud fax stores fax data in secure servers in the cloud and relies on Tier-1 telecom to transmit the faxes instead of your local phone line
  4. Cloud fax has workflow features that allow you to automatically add cover pages and HIPAA statements to each document being faxed
  5. Cloud fax contains contact records and is easy to error-check prior to sending faxes--reducing the odds of sending to an incorrect number

It’s your choice but realize the stakes

The last thing you want or need to violate is something that is corrected easily and quickly.

Faxing documents to the wrong number and having a fax machine in a place where anyone can look at the information coming through is easy to prevent.

We know that old habits die-hard. It might seem like an impossible goal to redesign your information workflow and eliminate your reliance on fax machines.

Instead of trying to recreate the wheel, finding ways to make your faxes safer will help prevent violations from happening in the first place.

To get started email one our experts at mFax or call us about switching to the security of a cloud-based faxing solution.

Table of Contents
Schedule your mFax Demo
User-Friendly Interface
Full-Featured Cloud Fax API
Reliable White-Label Fax Solution
Secure and Encrypted
Schedule Your mFax Demo

Recent posts

Phil Charron
Phil Charron

Administrative Burdens are the Real Reason US Healthcare is Broken

4 Mins
June 11, 2024
Tony Cox
Tony Cox

Unlock New Revenue Streams: Cloud Fax for Agents and Resellers with Documo

3 Mins
June 7, 2024
Steve Chong
Steve Chong

The Promise of Artificial Intelligence in Managing Healthcare Information

5 Mins
May 24, 2024
Denis Whelan
Denis Whelan

Healthcare Interoperability, more than EHR to EHR

3 mins
May 8, 2024
Shane Fitch
Shane Fitch

Product Managers' Guide to Integrating Cloud Fax in Healthcare Applications

6 mins
April 2, 2024
Steve Chong
Steve Chong

What To Look For in a Cloud Fax Solution as a Reseller

9 mins
March 26, 2024
Denis Whelan
Denis Whelan

Ultimate Cloud Fax Buyers Guide: 7 Key Considerations When Choosing an Online Fax Service

10 mins
April 9, 2024
Sam Dorshorst
Sam Dorshorst

Enterprise Cloud Fax Implementation Pitfalls

9 mins
March 19, 2024
Matt Overlund
Matt Overlund

How OCR Fax Software Saves Healthcare Organizations Critical Time

7 min
March 12, 2024
Jack Hoover
Jack Hoover

Effortless Fax Online Solutions: Your Guide to Modern, Reliable Faxing

8 min read
December 19, 2023
Jack Hoover
Jack Hoover

Effortless Guide to Fax with iPhone: Send & Receive Faxes on the Go

11 min read
November 29, 2023
Jack Hoover
Jack Hoover

How to Fax an Email: Simple Steps to Send and Receive Faxes via Email

5 min read
November 17, 2023
mFax by Documo
mFax by Documo

Fax Plus vs. mFax - A Comprehensive Comparison

5 min read
November 2, 2023
mFax by Documo
mFax by Documo

WestFax vs. mFax - A Comprehensive Comparison

November 2, 2023
mFax by Documo
mFax by Documo

OpenText vs. mFax - A Comprehensive Comparison

November 2, 2023
mFax by Documo
mFax by Documo

Concord vs. mFax - A Comprehensive Comparison

November 2, 2023
mFax by Documo
mFax by Documo

mFax vs. Retarus - A Detailed Comparison

5 min read
November 2, 2023
mFax by Documo
mFax by Documo

mFax vs. RingCentral - A Detailed Comparison

5 min read
November 2, 2023
mFax by Documo
mFax by Documo

mFax vs. Biscom - A Detailed Comparison

5 min read
November 2, 2023
mFax by Documo
mFax by Documo

mFax Versus iFax - A Detailed Comparison

November 2, 2023
mFax by Documo
mFax by Documo

mFax vs. eFax - A Detailed Comparison

5 min read
November 2, 2023
mFax by Documo
mFax by Documo

Securely Fax HIPAA Compliant in 2023 - Your Guide to Online Fax Services

6
October 18, 2023
mFax by Documo
mFax by Documo

Free Fax Cover Sheet Templates

5
October 30, 2023
mFax by Documo
mFax by Documo

Top 10 eFax Best Alternatives | 2023

3 minutes
October 25, 2023
Brynna Carman
Brynna Carman

Part 2: ViVE 2023 Innovators

March 8, 2023
Brittany Woo
Brittany Woo

50 Must See HealthTech Innovators @ ViVE

March 8, 2023
mFax by Documo
mFax by Documo

Health Tech Innovator Profile: Phreesia

February 6, 2023
mFax by Documo
mFax by Documo

Comparably’s Top Companies for Women - Documo Selected for Inclusive Culture

January 17, 2023
mFax by Documo
mFax by Documo

SOC 2 Compliance is Just Table Stakes for Vendor Evaluations

January 12, 2023
mFax by Documo
mFax by Documo

Documo Selected as 2022 Comparably Award Winner

November 30, 2022
mFax by Documo
mFax by Documo

What is Faxploit and How Can We Avoid It?

6 min read
July 11, 2022
mFax by Documo
mFax by Documo

Why Does Faxing Still Exist Despite Advancing Technology?

11 min read
August 15, 2022
mFax by Documo
mFax by Documo

How to Send a Fax in 2023: A Comprehensive Guide

7 min read
September 10, 2022
mFax by Documo
mFax by Documo

Why Is Fax Still Important in Financial Industries?

11 min read
September 15, 2022
mFax by Documo
mFax by Documo

Ultimate FAQ For Online Faxing

6 min read
September 15, 2022
mFax by Documo
mFax by Documo

The Regulated Company's Guide To Online HIPAA Fax Compliance in 2021

June 30, 2022
mFax by Documo
mFax by Documo

Why Your Business Needs A Programmable Fax API

June 30, 2022
mFax by Documo
mFax by Documo

Why These 4 Industries Still Fax In 2020

July 5, 2022
mFax by Documo
mFax by Documo

VoIP vs FoIP - How to Choose the Best Service for Your Business

June 30, 2022
mFax by Documo
mFax by Documo

Why is HIPAA-Compliant Fax Crucial for the Healthcare Industry?

June 29, 2022
mFax by Documo
mFax by Documo

Why Fax is Better Than Email

July 6, 2022
mFax by Documo
mFax by Documo
Tech talk

What Personal Information is Protected Under HIPAA?

12
June 29, 2022
mFax by Documo
mFax by Documo

Vanilla Go Paperless Cupcakes

June 30, 2022
mFax by Documo
mFax by Documo

Ultimate Guide to HIPAA Fax

July 7, 2022
mFax by Documo
mFax by Documo

T.38 and the VoIP Fax Stigma

July 5, 2022
mFax by Documo
mFax by Documo

The Matter of Fax: A look at faxing in healthcare

July 7, 2022
mFax by Documo
mFax by Documo

The Limitations (and Even Dangers) of Free Fax Services

June 29, 2022
mFax by Documo
mFax by Documo

The Future of the Cloud Fax Market

June 29, 2022
mFax by Documo
mFax by Documo

The Evolution of Fax Technology

June 29, 2022
mFax by Documo
mFax by Documo

Partner Spotlight - Skyetel

July 7, 2022
mFax by Documo
mFax by Documo

Is Cloud Faxing Secure & Safe?

June 30, 2022
mFax by Documo
mFax by Documo

Interesting Fax Facts for People to Ponder

June 29, 2022
mFax by Documo
mFax by Documo

Online Signature Analysis: What Your Signature Says About You

June 29, 2022
mFax by Documo
mFax by Documo

Is it Safe to Fax Personal Information?

June 29, 2022
mFax by Documo
mFax by Documo

How to Protect Your MFPs from Security Breaches

June 30, 2022
mFax by Documo
mFax by Documo

How to Send an International Fax the Old-Fashioned Way

June 29, 2022
mFax by Documo
mFax by Documo

Innovaccer and Documo Bring HIPAA-Compliant Digital Fax to the Innovaccer Health Cloud

June 29, 2022
mFax by Documo
mFax by Documo

Industries That Are Benefiting the Most from Online Faxing

June 29, 2022
mFax by Documo
mFax by Documo

How to Get a Fax Number Without a Phone Line

June 29, 2022
mFax by Documo
mFax by Documo

How the Elections Benefit from Online Faxing

June 29, 2022
mFax by Documo
mFax by Documo

How Emailing Private Docs Can Leave You Vulnerable

June 30, 2022
mFax by Documo
mFax by Documo

How mFax is Helping These 6 Healthcare Organizations Live in the Future

June 29, 2022
mFax by Documo
mFax by Documo

How Cloud Fax Enables Healthcare Interoperability During Coronavirus

July 5, 2022
mFax by Documo
mFax by Documo

How Healthcare IT Teams Can Deliver Interoperability In 2020

July 5, 2022
mFax by Documo
mFax by Documo

How Do Cloud Faxes Work?

June 30, 2022
mFax by Documo
mFax by Documo

Beginners' Guide to Business Automation

July 5, 2022
mFax by Documo
mFax by Documo

HIPAA Fax Cover Sheet: A Secure Guide and Free Templates

June 29, 2022
mFax by Documo
mFax by Documo

Cloud Faxing: Top 5 Questions That You’re Guaranteed to Ask

June 30, 2022
mFax by Documo
mFax by Documo

HIPAA and The Cloud

July 7, 2022
mFax by Documo
mFax by Documo

Are You on the Brink of a HIPAA Disaster? How Physical Fax Machines Put You at Risk

July 7, 2022
mFax by Documo
mFax by Documo

Healthcare Technology Trends to Watch Out for

July 7, 2022
mFax by Documo
mFax by Documo

Cloud Fax or Fax Server - How to Compare Solutions

June 30, 2022
mFax by Documo
mFax by Documo

5 Reasons Why Online Faxing is Important

June 29, 2022
mFax by Documo
mFax by Documo

Are You Losing 15% of Your Faxes?

June 30, 2022
mFax by Documo
mFax by Documo

5 Winning Reasons mFax is the All-Star Player in Today’s Financial Industry

July 6, 2022
mFax by Documo
mFax by Documo

5 Best Concord Cloud Fax Alternatives

June 29, 2022
mFax by Documo
mFax by Documo

4 Simple Ways You Can Quickly Improve Patient Retention

July 5, 2022
mFax by Documo
mFax by Documo
mSign me up

Advantages and Disadvantages of Online Faxing

June 29, 2022

Get in touch with our US based team of fax experts

We'll help you assess your fax needs and determine the best solution for your business.

+1 (888) 966-4922
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.