write one page research...
Policy and Procedure: HIPAA/Privacy, Faxing Protected Health Information
Example Document Header
(This document header table contains your company name and logo, plus has cells for function, number, prior issue, and effective date)
|
Your Company Logo/Name Here |
Policy & Procedure HIPAA/Privacy Faxing Protected Health Information |
Function |
|
|
|
Number |
|
|
|
Prior Issue |
|
|
|
Effective Date |
Purpose
To ensure that Protected Health Information ("PHI") is appropriately safeguarded when it is sent or received via facsimile (fax) machine or software.
Policy
It is the policy of this Facility to allow the use of facsimile machines to transmit and receive PHI. The information released will be limited to the minimum necessary to meet the requestor's needs.
Procedure
1. The fax machine should be located in an area that is not easily accessible to unauthorized persons. Examples include the business office, medical record office, or nurse's station. If possible, the fax machine should not be located in a public area where confidentiality of PHI might be compromised. If this is not possible, a sign should be posted regarding access to the documents.
2. Received documents will be removed promptly from the fax machine. To promote secure delivery, instructions on the cover page will be followed.
3. Unless otherwise prohibited by state law, information transmitted via facsimile is acceptable and may be included in the patient's Medical Record.
4. Steps should be taken to ensure that the fax transmission is sent to the appropriate destination. These include:
a. Pre-programming and testing destination numbers whenever possible to eliminate errors in transmission due to misdialing.
b. Asking frequent recipients to notify the Facility of a fax number change.
c. Confirming the accuracy of the recipient's fax number before pressing the send/start key.
d. If possible, printing a confirmation of each fax transmission.
5. A cover page should be attached to any facsimile document that includes PHI. The cover page should include:
a. Destination of the fax, including name, fax number, and phone number;
b. Name, fax number, and phone number of the sender;
c. Date;
d. Number of pages transmitted; and
e. Confidentiality Statement (See sample below).
6. If a fax transmission fails to reach a recipient, or if the sender becomes aware that a fax was misdirected, the internal logging system should be checked to obtain the incorrect recipient's fax number. Fax a letter to the receiver and ask that the material be returned or destroyed.
7. A written Authorization for any use or disclosure of PHI will be obtained when the use or disclosure is not for treatment, payment, or healthcare operations or required by federal or state law or regulation.
8. The PHI disclosed will be the minimum necessary to meet the requestor's needs.
9. Highly sensitive health information should not be sent by fax in certain states (e.g., information relating to AIDS/HIV, drug and alcohol abuse, and psychotherapy notes).
Sample Confidentiality Statement
|
The documents accompanying this transmission contain confidential protected health information that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party unless required to do so by law or regulation and is required to destroy the information after its stated need has been fulfilled. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of these documents is strictly prohibited. If you have received this information in error, please notify the sender immediately and arrange for the return or destruction of these documents. |