We need a faxing policy
Release of Information Policy and Procedure for Faxing Protected Health Information
The hospital is committed to keeping patients’ protected health information (PHI) confidential through secure fax transmission. The faxing of PHI requires special attention when handling, using, and disposing of the documents received or sent. In order to protect clients’ rights and meet all HIPAA compliance requirements, our facility has created this policy to be used by all employees when sending or receiving PHI via a facsimile machine.
1. When possible use encryption software on devices that are used to send PHI via facsimile machines; uncrypted forms must not contain any personal information.
2. Verify the recipient name prior to sending the document through a verification call with another individual or digitally approved clearance signal set up with the business associate
3. Provide notices/disclaimers on each form sent which retain confidentiality rights as dictated by HIPAA guidelines.
4. Use industry standards such as TLS 1.2 when encrypting electronic communications over an open network
5 If an employee is unable verify delivery confirmation they are required contact their supervisor in case further action needs taken
6 Once fransmission has occurred, delete log files immediately or store them securely in accordance HIPPA regulations
7 Document all compliance efforts according ith internal policies and procedures
8 Follow chain-of-custody protocols for paper records if needed assessing any privileged information is properly handled
I am writing this memo requesting your approval for my proposed Release of Information Policy & Procedure for Faxing Protected Health Information that adheres with hipaa regulations (as summarised above). This policy would ensure that our hospital meets its obligation towards protecting patient’s private data while also enabling us efficiently transmit healthcare related information between our organisation and other practices/healthcare services providers without compromising security or privacy parameters specified under Hipaa.”