Imagine if incorrectly faxed information led to revealing a critical patient condition to the wrong party?
That’s exactly what happened at this New York Hospital: https://www.hipaajournal.com/new-york-hospital-sued-for-disclosing-patients-hiv-status-to-employer-8964/
Fax is a useful and necessary tool for today’s healthcare offices, but faxing can be a ticking time bomb of HIPAA risk.
All it takes is for one employee to enter one wrong digit and send a fax to the wrong person or for you to accidentally leave a document on the fax tray and…
Without even realizing it, your office is now in violation of HIPAA.
HIPAA breaches are taken very seriously, and the results are disastrous. Fines are extremely costly and you and your team can lose your licensing.
Sending information via fax might seem like a simple thing to do, but how do you know that you are not breaking the law?
The Enforcement Rule of 2006 outlines the cost for each violation. Suffice to say you are looking at a minimum of $25,000 per violation with most fines topping $200,000.
So what are HIPAA violations and how do they occur?:
That means that you are responsible for everything that your team says does, and any omissions, like guarding information.
Year after year, the number one cause of HIPAA data breaches stem from a lack of security.
Most healthcare companies do not realize that physical fax machines store unencrypted fax data--retrievable by anyone with physical access.
A golden rule applies:
Above all, remember that it is absolutely a terrible idea to store information locally on any device within your office.
Instead, you should rely on storing health data in secure, off-site HIPAA compliant data centers.
Because these centers should have limited access as to who can retrieve the health information you store there.
If you are set on sticking with physical fax machines then there are some practical things you can implement to dramatically improve your HIPAA compliance.
Note that these are not exhaustive and there is never a 100% way to automatically comply--you must be always be careful when relying on physical machines
Steps to ensure compliance:
Cloud-based faxing applications like mFax offer an attractive alternative to physical fax machines.
Not only does mFax (or other cloud-based faxing applications) provide quicker workflow and more reliability than physical fax but they also fill many of the HIPAA holes created by physical fax:
The last thing you want or need to violate is something that is corrected easily and quickly.
Faxing documents to the wrong number and having a fax machine in a place where anyone can look at the information coming through is easy to prevent.
We know that old habits die-hard. It might seem like an impossible goal to redesign your information workflow and eliminate your reliance on fax machines.
Instead of trying to recreate the wheel, finding ways to make your faxes safer will help prevent violations from happening in the first place.