mpowermed has certified HIPAA Compliance specialists on our staff. Take this quiz and see if you know the answers to these questions. If not, maybe it is time for you to call mpowermed.

Yes. The Privacy Rules do not prohibit a "covered entity" from faxing protected health information.

A physician should be sure, however, to comply with the Privacy Rules' requirements for disclosures generally. For example, the physician should check whether the "minimum necessary" rule applies and, if it does, limit the information in the fax to the minimum necessary information.

Also, a physician should be sure to have appropriate security safeguards in place that are administrative, technical, and physical in nature. For example, the physician should use policies and procedures that require office staff to verify the recipient's fax number and use a cover sheet that does not include protected health information.