HIPAA and PCI DSS compliance for healthcare and financial industries
Softlinx Cloud Services ensure security of electronic Protected Health Information (ePHI) and confidential financial information. All fax and data files “at rest” are encrypted with AES 256-bit encryption to protect private information security, and communication is carried out over secure link using HTTPS and TLS.
Softlinx’ ReplixFax Cloud Services ensure the security of electronic Protected Health Information (ePHI) and other confidential patient information, including personal and financial information. All fax and data files “at rest” are encrypted with AES 256-bit encryption to protect private information security, and communication is carried out over a secure link using HTTPS or TLS/SSL.
What is HIPAA Compliance?
The Health Insurance Portability and Accountability (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) acts are both enforced by the U.S. Department of Health and Human Services. Each of these acts provides federal protections for personal health information held by Covered Entities and give patients an array of rights on that information.
They further specify a series of administrative, physical and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information (ePHI).
More information about HIPAA is available from the U.S. Department of Health and Human Services.
Is Faxing HIPAA Compliant?
Faxing is fairly common within the healthcare system and is still a common method by which doctors communicate with peers, patients, pharmacists and insurance providers. However, faxing can pose several security risks that hurt a healthcare provider’s HIPAA compliance.
For example, protected health information could be sent to a wrong number, be sent from a fax machine in a non-secure area or be stolen from a fax machine hard drive. Fax machines also tend to have efficiency issues that harm a healthcare practice’s functionality.
While a HIPAA-compliant fax isn’t impossible, faxing a HIPAA document requires that several rules are followed. Many are impractical with traditional faxing but less so with internet faxing services.
Is E-Fax HIPAA Compliant?
Online fax services can be HIPAA-compliant and protect your healthcare related information in transmission and while “at rest” in storage. This improves efficiency and makes it possible to follow HIPAA privacy rules. The fax service provider must follow security measures like encryption during transmission as well as while “at rest” in the cloud. The data center hosting the service in the cloud must also be HIPAA compliant.
In combination, these factors can help make faxes HIPAA-compliant.
How Does ReplixFax Support HIPAA Compliance?
Softlinx Cloud Fax Service through ReplixFax offers HIPAA-compliant fax solutions, safeguarding electronic protected health information for healthcare service providers through multiple measures.
ReplixFax ensures a HIPAA-compliant e-fax every time, mostly because it provides appropriate safeguards for electronic protected health information. These guarantees are various safety and security measures that include secure network connections, password security measures and AES 256-bit encryption of fax information.
All electronic fax sessions via Web Service API directly from an Electronic Health Record (EHR) application are secure and protected. The system also maintains detailed system logs for all inquiries, fax requests, retrievals and deletions of all faxes for an audit trail.
This HIPAA-compliant internet fax service logs all user activities, along with detailed information for each sent or received fax and can be retrieved via Web Services API or through administrative tools. Upon successful delivery of a fax document, the system can also remove the fax document completely from the system for further security.
Softlinx’ ReplixFax Cloud Services are conducted over secure network protocols with data encryption, protecting information far beyond your health information. The encryption also protects your confidential financial information such as faxing your credit card information or financial statements. As a HIPAA-compliant online fax service provider we meet all PCI compliance requirements.
Softlinx Data Center
Softlinx’ data center, where we host our ReplixFax Cloud Service, is an SSAE-16 audited hosting facility that meets the standards set forth by the American Institute of Certified Public Accountants (AICPA) for security and reliability. Our data center is fully compliant with HIPAA and PCI DSS requirements by maintaining a secure network to protect electronic protected health information (e-PHI) and cardholder data, policies on the maintenance of Access Control Measures and a Vulnerability Management Program.