All covered entities of the HIPAA (Health Insurance Portability and Accountability Act) like health care providers, health plans, health clearinghouses, and business associates must comply with the guidelines when transmitting sensitive data, especially the patient’s information or protected health information (PHI).

HIPAA is a federal law created to protect individuals’ sensitive information from being disclosed without their consent. One way to do this is to use a HIPAA fax cover sheet when sending a fax. Although HIPAA doesn’t have standard guidelines on its use, it’s one of the best practices of healthcare professionals and business associates in the medical industry.

What is a HIPAA Fax Cover Sheet?

A HIPAA fax cover sheet is a cover page or the first page when sending a fax to protect the information being transmitted. The goal is to ensure the authorized person receives the documents.

There’s no rigid structure of a HIPAA fax cover sheet, as long as the important elements are included. More on this later. Furthermore, the sender can also include the patient’s case number but shouldn’t indicate the complete name.

That said, all entities mentioned in HIPAA should practice sending a fax cover sheet to secure the communications when handling patients’ data, whether via email, phone, mail, fax, or any other means. In short, it serves as an additional layer of security and confidentiality.

To simplify it, if a sender can orally communicate the process with a HIPAA fax cover sheet, it goes something like this: “Hey, this is Dr. John Doe. I’m sending you the patient’s case number #00001. If you are Dr. Jane, please check the documents and reply ASAP. If you are not Dr. Jane, kindly give the fax to her because this is confidential and for her eyes only.”

Why is it Important to Use a HIPAA Fax Cover Sheet?


Attaching a HIPAA fax cover sheet safeguards the PHI from the unauthorized person and public view when the sender is transmitting fax. There may be instances that the recipient works in a large office or hospital with several employees, and they share a fax machine.

In this way, the sender includes instructions using the cover sheet or page if another employee, whether unintentionally or not, receives the fax. The latter can forward the documents to the authorized person.

According to the Privacy Rule, entities can send and disclose protected health information under the conditions that the documents will be used for accounting, payment, insurance, treatment, and healthcare operations. That’s why entities must handle this information with caution when transmitting data.

What’s Included in the HIPAA Fax Cover Sheet?

A HIPAA fax cover sheet is simple and doesn’t need to look fancy. If you’re sending transmitting fax using a fax machine, you can save a template in a PDF format using Microsoft Word, print it, and fill it out as your cover page.

On the other hand, if you transmit fax using an online fax service like iFax, this could even be more efficient. iFax has a default fax cover sheet template that you can fill in before attaching documents.

A HIPAA-compliant fax cover sheet includes:

  • Date and time the fax was sent
  • Name of the sender and the entity or organization
  • Name of the authorized recipient and entity or organization
  • Fax number of both sender and recipient
  • Patient’s case number (if applicable)
  • HIPAA fax cover disclaimer

For more information on how to create a HIPAA-compliant fax cover sheet, we made a complete checklist.

What are the Safety Measures When Sending PHI with HIPAA Fax Cover Sheet?


When sending HIPAA-protected documents, remember to apply these best practices and safety measures to ensure that the authorized recipient will receive them.

  • Check if the recipient’s fax number is correct. Please write it down on a piece of paper and dial it manually on the fax machine. Don’t rely on auto-dialing alone, especially if you share the hardware with other employees because you might be dialing another number.
  • For entities that regularly transmit faxes, the location of the fax machine itself must be away from public view or unauthorized employees. A dedicated space for sending and receiving HIPAA documents is a security measure.
  • Always notify the recipient that you will send a fax that contains sensitive information. That way, they will expect the incoming fax and get the documents from the paper tray right away.
  • Provide a confirmation or a transmission receipt to the recipient that verifies the fax you send was successful.

Send HIPAA-Compliant Fax with iFax

Sending sensitive information online requires robust security measures. When you send a fax using online fax services, you want to ensure that beyond the HIPAA-compliant fax cover sheets the provider gives you, it must have high-grade security when accessing your account. Fortunately, iFax knows how to safeguard confidential information.

iFax is a reliable online fax service that lets you send and receive faxes straight from your mobile device like a tablet, smartphone, or computer. It uses a cloud-based platform that allows you to manage and keep medical records in place and access them anytime from any of your linked devices.

But wait, you might be wondering – everything else is transmitted online, so it’s still prone to hacking and cyber attacks, right? iFax knows better. Since the app is built for personal and business use, the company uses military-grade 256-bit end-to-end encryption. Sharing information is secured, yet easy – you can do this anytime and anywhere.

Download iFax now and join over 5 million people who are enjoying its features.