Curogram Blog

Is HelloFax HIPAA Compliant?

Written by Michael Hsu | 5/19/20 11:50 AM

Healthcare still relies on fax machines. It is a miracle that this obsolete piece of technology entered the twenty-first century at all. Medical professionals are some of the rare people who have to worry about jammed up paper, blurry text, and busy telephone lines.

If you’re considering getting rid of your machine and trying online faxing, HelloFax might be your best option. It’s one of the most popular internet faxing services out there.

Healthcare providers need to make sure that the solution they intend to use to transfer patient information adheres to the HIPAA rules, or they might face severe penalties. Is HelloFax HIPAA compliant, and how does it work?

How does HelloFax work?

HelloFax offers online, paperless faxing that allows you to send and receive faxes without the clunky machine. You may be wondering how it’s different from email. Online faxing still uses fax numbers to transfer documents, so the other side can receive them on their fax machine. With HelloFax, you can continue to use your old fax number.

There are two ways to send faxes via HelloFax:

  1. Via your HelloFax account
  2. Via email

Is HelloFax HIPAA compliant?

If you intend to send protected health information (PHI) using HelloFax, you need to ensure that this service can be configured to be HIPAA compliant. Communication channels such as HelloFax are considered your business associates (BAs) and need to have the same safeguards in place as you to keep PHI secure.

HelloFax seems to be using many of the HIPAA-prescribed security measures to protect your data, including:

  • Access control
  • Security in transit
  • Security at rest
  • Physical security

Access control

If you want to access your account, you need to enter your unique username and password. Only those authorized by you can access your data.

Security in transit

HelloFax utilizes SSL (Secure Socket Layer) encryption to make sure your documents are secure in transit.

Security at rest

All your documents are stored and protected by AES 256-bit encryption while at rest. This is considered a high level of security by HIPAA standards. Each document is further secured by regular master key rotation. This means that even if someone managed to access the hard drive, they would still be unable to decrypt your sensitive data.

Physical security

The HelloFax physical data center has strict controls in place that ensure the physical security of their hard drives.

Business associate agreement (BAA)

Even if HelloFax has all the HIPAA-prescribed safeguards in place, there is one crucial requirement that the provider needs to fulfill to be considered compliant—they need to enter a business associate agreement (BAA) with you.

There’s no reason to believe that HelloFax would sign a BAA with you. Their sister company HelloSign announced in 2017 that they would start offering this possibility to their customers. The relationship between these two services is not clear as HelloFax has a stand-alone site and is also listed among the products offered by HelloSign. Whether or not this means that you could get a business associate contract for HelloFax remains unclear.

Since we can’t know for sure if you could get a BAA for HelloFax, we can’t say for sure if this service is HIPAA compliant. Experience has taught us that, when a provider is willing to sign this agreement, they usually display that information on their site proudly. That’s why we recommend you avoid this faxing service.

Curogram can help you leave faxing behind you

Healthcare professionals don’t need to rely on faxing for inter-office communication anymore. Curogram is a much better solution suitable for the twenty-first century. Our platform is a telemedicine and texting app that can help you communicate internally, with patients, or with other providers in a completely HIPAA-secure way.

Curogram can be your state-of-the-art substitute for faxing. It comes with many more functionalities that your practice will benefit from, such as EHR integration, auto-reminders, patient surveys, etc.

You can use non-HIPAA compliant solutions during the COVID-19 national health emergency

According to the Notification of Enforcement Discretion issued by the HHS’ Office for Civil Rights (OCR), healthcare providers are allowed to use non-HIPAA compliant remote communication channels during the coronavirus nationwide emergency. The Notification has been put forward to make sure that everyone will have access to medical care.

This temporary regulation explicitly mentions “audio or video communication technology” in the context of treating patients, but it doesn’t say anything about other means of communication. It seems that the Notification only relates to telemedicine solutions for remote patient care, and it probably doesn’t include faxing.

If you are considering using HelloFax even if the company is unwilling to enter into a BAA with you during the COVID-19 pandemic, we advise against it. If you can’t justify the use of the faxing platform under this legislation, you could incur hefty fines.

If you’re still not convinced that you should leave faxing in the past, consider the following problems you’ll encounter using HelloFax that Curogram can solve:

  1. It can’t integrate with your EHR
  2. It allows for limited communication
  3. You can only reach people who already use faxing services
  4. It can be slow
  5. It doesn’t have a mobile app

HelloFax can’t integrate with your EHR

A healthcare solution that doesn’t integrate with your EHR is a waste of time. You’ll waste tons of time on duplicate data entry. You also won’t be able to send documents directly from your EMR.

Curogram integrates with any EMR to make your job easier. Thanks to our special technology, the integration process is done in less than 48 hours. Other solutions could take as much as six months. The EHR integration allows you to pull documents from your system with a couple of clicks.

Curogram EHR integrations

eClinicalWorks

Athena

Epic

Cerner

DrChrono

NextGen

Practice Fusion

CareCloud

Kareo

OfficeAlly

See More Integrations Here

HelloFax allows for limited communication

Faxing is a limited communication option in general. Taking it online only means you don’t have to deal with a machine and a bunch of paper folders—the rest stays the same. You can only send and receive documents and can’t even communicate what you need to be faxed.

If a physician needs some lab results, they would have to call in and ask for them or text the office. This means that HelloFax only adds to the number of apps and platforms you need to use to get a simple message across.

With Curogram, you get an all-in-one messaging platform that allows you to reach anyone easily and send documents containing PHI in a HIPAA secure way. You can connect with other providers using our platform and IMessage them whenever you need a file. The transfer is instant, and you won’t have to worry about your file being intercepted because everything is encrypted.

You can only reach people who already use faxing services through HelloFax

Online faxing is still faxing because it uses telephone networks to transmit data—otherwise, it would be called messaging. This means that you can send faxes only to the people who own a fax machine or utilize an online service like you. They don’t have to use the same provider, but they still need a fax number you can enter when sending a fax.

This is another limitation of faxing. If you need a solution that will allow you to send PHI to other doctors and patients alike, you shouldn’t go for HelloFax. Apart from medical practices, not many people still own a fax machine, and your patients are unlikely to be subscribed to an online service. HelloFax gives five free pages to those who want to try it for free, but that’s not worth creating an account.

Curogram’s messaging option makes it easy to contact anyone, be it other practices or patients. It is also convenient for staff-to-staff communication, which can come in handy if you have offices in multiple locations.

You can reach anyone directly from the dashboard. Your patients will receive your messages as SMS texts, so they won’t need to subscribe to anything.

HelloFax can be slow

As we have said, although it’s a bit more practical than traditional faxing, online faxing still goes through telephone lines. Phone lines can get busy, and when they do, a fax can’t go through. This means that your documents will fail to fax, and you’ll have to retry until you succeed. This can be daunting.

Since your HelloFax account connects to your mail, you’ll receive an email telling you if the fax has gone through or not. You may also check the status of your fax on your account. The best you can do is keep trying as fax lines in medical practices tend to get terribly busy.

Having to invest so much effort into sending a document shouldn’t be a twenty-first-century issue. With Curogram, you can IM anyone at any time and get a reply instantly. Attaching a document is only a couple of clicks of your time, and the transfer is immediate. There’s no need to waste your precious energy trying to fax a file.

HelloFax doesn’t have a mobile app

A lack of a mobile app is one of the greatest shortcomings of this service. If you want to snap a photo of something and fax it, it will be a lot more complicated than it has to be. HelloFax proposes using their email-to-fax feature to send faxes using your phone. This is better than nothing, but it’s far from ideal as you can’t access your account if you need it.

Curogram has both provider and patient mobile apps. You can open it on any device you choose—laptop, phone, or tablet—and send files from there. This is a great way for your staff to communicate in a secure way wherever they are.

Our patient mobile app is the first such app that is completely HIPAA-secure. Your patients can take a photo of their insurance card or another document and send it to you without worrying about security. You can also send files to them, and all these documents will be stored in-app.

 

HelloFax

Curogram

Diverse communication options

No

Yes

EHR integration

No

Yes

Can reach anyone

No

Yes

Fast data transfer

No

Yes

HIPAA compliant texting

No

Yes

More things you can do with Curogram

Curogram can take your practice to a new level by offering numerous features that can automate time-consuming tasks and increase your patient satisfaction. There’s so much more to it than safe document transfer. Here are some functions we haven’t talked about above:

  1. Smart appointment reminders
  2. Online reputation management tool
  3. Virtual clinic

Smart appointment reminders

As Curogram syncs with your schedule, it can send auto-generated appointment reminders to your patients. You can customize these to a tee by many different things, such as the visit type, office location, reminder frequency, etc.

Curogram is projected to send ten million auto-reminders in 2020, saving our customers thousands of dollars by eliminating no-shows. Curogram users reported experiencing a 75% drop in failures to show up.

Online reputation management tool

Online reviews and ratings are essential for the reputation of a medical practice. Before a patient decides to put their health in your hands, they will at least skim through your Google reviews. A single nasty comment can deter dozens of people from choosing you.

Our platform has a simple reputation management tool that can get you more than ten five-star Google or Yelp ratings per month. You can send your patients one-line auto-surveys in an SMS message to rate their experience with you. If they are happy, the algorithm will send them a follow-up text that will allow them to give you a five-star rating with a single tap. 

This feature can help you prevent bad reviews as well. It notifies you whenever there’s an unhappy patient so that you can appease them.

Virtual clinic

Curogram is also a telemedicine solution that lets you set up a virtual clinic. You can meet your patients online to provide them with remote care. As Curogram supports your practice’s natural workflows, you won’t have trouble going online. Your doctors and staff can keep doing their job the same way they do it in a physical setting.

Our platform lets you set a virtual waiting room, where your patients will be taken once they click the appointment link. The MAs or nurses can join them there to onboard them. Once they’re ready, doctors can take over. Our platform supports multi-user visits, which means another doctor, a nurse, or an assistant can join the primary doctor during the patient visit.

All these features and more band together to form a perfect, all-encompassing healthcare solution that already boasts 5,000+ satisfied customers.

Leave faxing in the past—Curogram truly connects healthcare providers

Faxing is an anomaly of our healthcare system that has persevered for far too long. Medical professionals worry that it still might be the only secure way to transfer documents to other practices. The truth is—it never was secure. Faxes would often end up reaching a wrong receiver. They are transferred in paper, making PHI an easy target for unauthorized persons.

Online faxing can eliminate the need for paper and machines, but it provides much less functionality than other Internet-based solutions.

Instead of going for HelloFax, you should choose Curogram and connect with other doctors in a secure and practical way. Here’s how our app can improve interoperability among healthcare providers:

  • It lets clinics connect and exchange documents in a HIPAA-secure way
  • It allows doctor groups to share a patient population to provide better patient care
  • It allows doctors to refer patients to each other within their system
  • It lets patients see the whole network of doctors they are involved with

Even though each clinic has a separate electronic system, Curogram can be a shared platform where you can collaborate and coordinate your activities to revolutionize the way patients are treated in the U.S.

Wondering if other solutions are HIPAA compliant?

Is Zoom HIPAA Compliant?

Is RingCentral HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Is Google Hangouts HIPAA Compliant?

Is FaceTime HIPAA Compliant?

Is GoToMeeting HIPAA Compliant?

Is Google Voice HIPAA Compliant?

Is Skype HIPAA Compliant?

Is eFax HIPAA Compliant?

Is Facebook Messenger HIPAA Compliant?

Is Email HIPAA Compliant?

Is Texting HIPAA Compliant?

Is Slack HIPAA Compliant?