All fax transmittals containing any type of medical information about a person must comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines. This means that companies and individuals handling protected health information (PHI) should have strict protocols in place to ensure security and confidentiality. One such protocol is the fax cover sheet.
This article discusses what a HIPAA fax cover sheet is, why it’s important, and what it should contain.
What is a HIPAA Fax Cover Sheet?
HIPAA guidelines do not identify an official HIPAA cover sheet, but it is considered a best practice to have one with every PHI transmittal. However, HIPAA is very specific about this rule: all entities that handle patient data should set up communications safeguards, whether the information is shared orally, by email, phone, fax, or any other method.
A HIPAA-compliant fax cover sheet provides an extra layer of security to prevent accidental or unauthorized PHI disclosure.
What HIPAA Says About Faxing Patient Information
Does HIPAA consider faxing a safe method of sending and receiving PHI? Yes, it does. The Privacy Rule allows covered healthcare providers to share PHI — even without the patient’s consent — under two conditions:
- It is for healthcare purposes (including treatment, billing, insurance, and police reports).
- Those sending and receiving the PHI have reasonable protocols in place to protect the shared information.
Note: If the PHI will be sent for employment purposes, the patient’s consent is required.
When it comes to faxing PHI, examples of privacy safeguards include calling the recipient first to confirm the fax number and inform them that a document will be sent shortly and printing out a delivery confirmation report that proves the transmittal was successful. More importantly, a transmittal shouldn’t be without a fax cover sheet that declares the document as “confidential” or “for authorized eyes only.”
What Should a HIPAA Fax Cover Sheet Contain?
To be HIPAA compliant, a fax cover sheet should have the following:
- The date and time the fax cover sheet is sent
- The name and fax number of the receiving person or entity
- The name of the person and covered entity sending the fax
- The sender’s fax number
- A HIPAA fax cover sheet disclaimer
For easy reference, a fax cover sheet can also contain the patient’s case number but not their name.
HIPAA Fax Disclaimer Example
A HIPAA fax disclaimer contains three elements:
- a reminder about confidentiality
- a warning against unauthorized viewing and use
- instructions on what to do to prevent PHI compromise in case of an erroneous send-out
Here is an example of a HIPAA fax cover sheet disclaimer:
IMPORTANT: This facsimile transmission contains confidential information, some or all of which may be protected health information as defined by the federal Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule. This transmission is intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged, confidential, and/or exempt from disclosure under applicable law.
If you are not the intended recipient (or an employee or agent responsible for delivering this facsimile transmission to the intended recipient), you are hereby notified that any disclosure, dissemination, distribution, or copying of this information is strictly prohibited and may be subject to legal restriction or sanction. Please notify the sender by telephone (number listed above) to arrange the return or destruction of the information and all copies.
The fax cover sheet disclaimer template is standard across different industries, and you can revise the text to apply to health industry use and for conciseness. Check out these other samples of HIPAA-compliant disclaimers.
HIPAA-compliant faxing is a combination of different factors, but it starts with a proper fax cover sheet. As mentioned, though HIPAA does not require that transmittals have a cover sheet, it is an ethical measure that preserves the patient’s rights and a preventive tool that protects parties involved from potential liability.
Guarantee the Security of PHI with the iFax App
A HIPAA-compliant fax cover sheet serves as a shield against the accidental disclosure of privileged information. It also helps assure that the sender and receiver do not violate any security laws. To ensure that your transmittals are safe — especially when processing them electronically — use a reliable HIPAA-compliant fax service with a proven track record in safeguarding confidential data.
iFax is a trusted provider of online fax services for all types of industries, allowing you to send and receive confidential documents even while on the go. You also have access to a secure cloud-based library, where you can store and access medical files from any device.
With iFax’s military-grade, 256-bit encryption standards, sharing and storing privileged information is made easier and more secure than ever. In addition to being HIPAA compliant, iFax’s technology also adheres to GLBA and GDPR* guidelines.
Download the iFax App on your mobile device or sign up for the web app now.
*GLBA (Gramm-Leach-Bliley Act/Financial Services Modernization Act of 1999); GDPR (General Data Protection Regulation 2016/679)