Does the HIPAA Security Rule allow for sending electronic PHI (e-PHI) in an email or over the Internet? If so, what protections must be applied?
The HIPAA Security Rule does not expressly prohibit the use of email for sending e-PHI.
However, the standards for access control (45 CFR § 164.312(a)), integrity (45 CFR § 164.312(c)(1)), and transmission security (45 CFR § 164.312(e)(1)) require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.
The standard for transmission security (§ 164.312(e)) also includes addressable specifications for integrity controls and encryption. This means that the covered entity must assess its use of open networks, identify the available and appropriate means to protect e-PHI as it is transmitted, select a solution, and document the decision.
Does your solution provide send and receive encryption? If yes, please describe the encryption process.
Yes, eFax Corporate’s cloud fax solutions can enable the highest levels of encryption for both your inbound and outbound faxes. For sending and receiving secure faxes over eFax Corporate’s secure network, our solution can enable on the most sophisticated encryption standard, TLS 1.2 (Transport Layer Security).
eFax Secure™ is available to customers who want secure storage of all inbound faxes on the cloud – accessible 24/7/365 via a secure portal.
Do you have an API solution that can enable a secure fax from our EHR System?
Yes, eFax Corporate’s offers custom fax API integration through our eFax Developer API. This allows businesses to connect cloud faxing directly to their existing workflow platforms and productivity tools — including CRM or ERP systems such as Salesforce, Sage, Netsuite; or in the case of healthcare firms, Electronic Healthcare Records systems such as NextGen, MediTouch, or Cerner via a simple to plug-in XML API. TLS can be enabled for the highest levels of encryption.
All of these API options let businesses more easily and efficiently manage their electronic faxing, by allowing them to generate and send their faxes directly from the productivity platforms and applications they use every day.
Does eFax Corporate have in-bound/out-bound fax capabilities?
Yes, the eFax Corporate online fax service allows businesses to both send and receive faxes digitally, either by email or through a simple, secure web interface.
Enterprises can also easily and securely send and receive faxes directly from mobile devices, including smart phones and tablets.