HIPAA and PCI DSS compliance for healthcare and financial industries
Softlinx Cloud Services ensure security of electronic Protected Health Information (ePHI) and confidential financial information. All fax and data files “at rest” are encrypted with AES 256-bit encryption to protect private information security, and communication is carried out over secure link using HTTPS and TLS.
Softlinx Cloud Fax Service offers HIPAA compliance and safeguards electronic protected health information (ePHI) for healthcare service providers through multiple measures.
What is HIPAA compliance?
The Health Insurance Portability and Accountability (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) acts, enforced by the U.S. Department of Health and Human Services, provide federal protections for personal health information held by Covered Entities and give patients an array of rights with respect to that information. They further specify a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information (ePHI).
More information about HIPAA is available from the U.S. Department of Health and Human Services.
How does ReplixFax support HIPAA Compliance?
ReplixFax assures HIPAA compliance owing to appropriate safeguards of electronic protected health information (ePHI) through multiple measures that include secure network connection, password security, AES 256-bit encryption of fax information and files while “at rest” in the cloud, storage in a centralized secure location, notification of fax delivery and password protected downloads.
All electronic fax sessions via Web Service API directly from an EHR application are secure and protected. The system also maintains detailed system logs for all inquiries, fax requests, retrievals and deletions of all faxes for audit trail.
User activities are logged along with detailed information for each sent or received fax, and can be retrieved via Web Services API or through administrative tools. Upon successful delivery of a fax document, the system can also remove the fax document completely from the system for further security.
PCI DSS Certification
ReplixFax Service is conducted over secure network protocols and strong encryption of data protecting your confidential financial information. As a fax service provider we meet all PCI requirements.
Softlinx Data Center
Our data center, Expedient which hosts Softlinx’ Replix cloud services is an SSAE-16 audited hosting facility and meets the standards set forth by the American Institute of Certified Public Accountants (AICPA) for security and reliability. Expedient is fully compliant with HIPAA and PCI DSS requirements by maintaining a secure network to protect electronic protected health information (e-PHI) and cardholder data, policies on maintaining strong Access Control Measures and a Vulnerability Management Program. Expedient has SOC 2 Reports (Type II) that complement compliance with the HIPAA and PCI DSS, and SOC 3 Report that describes Trusted Service as a general overview of controls related to certain processes and procedures.