Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

Faxes and the security rule

March 4, 2005

Article

Are faxes containing protected health information regulated by the HIPAA security rule?

Q: Are faxes containing protected health information regulated by the HIPAA security rule?

A: No. Regular paper faxes aren't considered protected health information under the rule, which only covers information in electronic form. But when someone requests information from a computer, through either a voice or telephone keypad command, and that request is returned as a fax, the communication is covered under the security rule. This isn't because "faxbacks," as they are known, have computers in them but because they are used as an input and output device for computers.

According to the government, "employment of telephone voice response and/or faxback systems will generally require security protection by only one of the parties involved, but not the other." The party that must protect the information is the one responding to the request, since the information she is returning is "already in electronic form and stored in a computer."