CocoFax’s HIPAA Compliant Faxing

HIPAA compliant fax service used by healthcare organizations worldwide

Health Insurance Portability and Accountability Act (HIPAA) is designed to keep the healthcare documents of the patients safe and secure. HIPAA makes sure that the private healthcare data of an individual truly remain private.

CocoFax knows that the private healthcare information of a person can be very sensitive data, so it takes extra measures for adhering to the HIPAA in the strictest way.

We at CocoFax have read and understood all the fine print that is present in HIPAA and all that it encompasses. This is why CocoFax has added extra security layers in its web app, phone app, and other interfaces.

Both- the Protected Health Information (PHI) and the electronic Protected Health Information (ePHI) are covered under the HIPAA compliance measures of CocoFax. For this reason, CocoFax’s clientele includes various hospitals, insurance companies , healthcare organizations, and various healthcare providers.

In order to make use of the HIPAA complaint features of CocoFax, you can enter a Business Associate Agreement (BAA) with us. There are Advanced Control features in the administrative account of CocoFax’s professional plan holders.

Users can find many options concerning how they want to protect and manage security settings. Here are a few of these options:

Access Control

CocoFax’s Access Control setting allows the system administrator to modify and control how much access they want to give to each team member. They can also remove the access to any particular member as well.

This also allows the administrator to control the settings of inbound email, making it available to the intended user(s) only.

Encrypted Data Transfer and Data at Rest

The rules of HIPAA make it important to secure data that is in motion as well as data at rest. Therefore, CocoFax encrypts all the faxes that are in your inbox and makes sure that the outbound and inbound faxes travel through secure data tunnels, encrypted with 128 bit Advanced Encryption Standard (AES).

Even the communication between various CocoFax platforms is protected, with protocols such as Secure Sockets Layer (SSL)/Transport Layer Security (TLS).

Audit Control

With CocoFax, there are multiple layers of audit control applied to the file system. All sent and received faxes are archived automatically and permanently as long as your organization has an account with CocoFax.

User Authentication

Since CocoFax is a web service, users can access it online or through email using secure SSL encryption only. Each user is identified with a unique encrypted session ID cookie. The communication will be encrypted for the entire time when a user is logged into the server.

Option for ‘No Storage’

There is an option through which all the sent and received faxes are stored in the user’s email only. There is no fax stored on CocoFax’s servers. A user can enable this option easily through their settings.

Data Disposal

Every CocoFax user has the right to have their account and/or their data deleted from CocoFax’s servers. In case the entity wishes to have their account and data deleted, CocoFax does not keep any paper trail or printed documents concerning the same.

In case the entity requires any printed reports, the reports are immediately shredded after they have served the purpose for which they were printed.

Data Center Security

CocoFax’s data centers follow complete restrictive security measures (ISO 27001) and the data cannot be accessed by anyone without authorization. Our data centers are also a part of the Cloud Security Alliance (CSA), which further bolsters their security. The security measures of our data centers adhere to the HIPAA requirement of keeping data private.

Information Security

CocoFax’s cyber security team constantly analyzes the networks and servers for any possible vulnerabilities or threats. Any threat will be eliminated immediately once it’s found. Our privacy and security policies are updated regularly to keep in touch with our application updates.

Our employees are also trained regularly in security measures, which eliminates any vulnerabilities on the employee level. Risk assessments are also conducted regularly. We make sure that we are compliant with the HIPAA policy and keep our compliance updated.

Some Other Privacy and Security Rules

Static Faxes are 256-bit Advanced Encryption Standard (AES) encrypted

Two-Factor Authentication for the account owner

All Data backups stored securely in the most advanced data centers

Notice of Data breach

If any non-compliance comes to our attention, it is reported immediately

No external access to workstations allowed in our facilities

Regular and automated checks for viruses

Regular and automated backup of data

HIPAA compliance training for employees

Business Associate Plan

CocoFax can sign a Business Associate Plan if it is requested by our business users