• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage
  • Life Sciences
  • Research

Best Practices to Ensure Telehealth Security and Protect Patient Data

by Paul Banco, CEO and co-founder of etherFAX 02/18/2021 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print
How Fax Protects Patient Health Information
Paul Banco, CEO of etherFAX

To support the sudden increase in test results and medical records being transmitted during the pandemic, hospitals, laboratories, and pharmacies implemented additional devices and remote connections into their networks. After the Office for Civil Rights (OCR) lifted penalties around telehealth to expand care options amid the crisis, new platforms were adopted that were not previously allowed by the Health Insurance Portability and Accountability Act (HIPAA). 

This exercise of discretion applied to applications including FaceTime and Skype, regardless of whether the telehealth service administered while using the apps was directly related to the coronavirus. Unfortunately, this also increased security risks across thousands of healthcare organizations. Since many communications apps are not HIPAA compliant, the risk of a data breach occurring that compromises personally identifiable information (PII) is imminent. For example, though Apple is a HIPAA business associate, it is not willing to sign a BAA, and therefore, Apple services including FaceTime are not HIPAA compliant. 

In 2021, adopting new technology to ensure the health and safety of patients shouldn’t adversely affect security and privacy. Today, digital and direct fax solutions offer the flexibility to securely integrate with today’s popular mobile applications and third-party messaging platforms such as Slack, Teams, and Microsoft Fax while maintaining HIPAA, SOC 2, and PCI DSS compliance. 

To ensure that protected health information (PHI) remains secure at all times, organizations should utilize a hybrid-cloud fax network that leverages defense-in-depth strategies including end-to-end encryption and two-factor authentication. Unlike traditional PTSN-based networks, digital fax technology can also ensure that time-sensitive documents are delivered fast with high-resolution, near-diagnostic image quality. 

Here are the most important features your organization should look for to ensure telehealth security and protect patient data:

Direct Digital Fax

Many patients and organizations are unaware that a data exchange via email or text message will typically pass through multiple servers before it reaches the final point of delivery. This indirect transmission method can leave PHI and other unstructured data vulnerable to imminent threats of cyberattacks. 

Utilizing a hybrid-cloud network with direct digital faxing is the key to ensuring communications never traverse an external telephone network and that data is protected against unauthorized access. Black and White lists can also be leveraged to place further restrictions on the exchange of sensitive information. This allows patients to receive high-quality care at home or in person without compromising their personal information.

HITRUST CSF Certification 

The HITRUST CSF certification has become the gold standard for compliance framework in the healthcare industry as it addresses the requirements of existing standards and regulations including HIPAA, PCI, COBIT, NIST, ISO, FTC, and state laws. While the HITRUST CSF can be used by all organizations that create, access, store, or exchange sensitive and/or regulated data, it is ideal for healthcare organizations because of its prescriptive framework for managing the security requirements inherent in the Health Insurance Portability and Accountability Act. 

HITRUST offers providers a trusted benchmark from which they can measure and manage their own compliance while offering proven protection to their patients and partners. For guaranteed security, healthcare organizations should look for a fax provider that is HITRUST CSF certified in addition to SOC 2 and PCI DSS compliant. 

End-to-End Encryption 

Implementing a secure exchange network that leverages well-defined end-to-end encryption methods, such as those defined in the Elliptic Curve Integrated Encryption Scheme (ECIES), is crucial to fully protect the transfer of information between two endpoints. This hybrid encryption scheme uses Elliptic Curve Cryptography to generate a shared secret between peers to seed the encryption process with unique keying material while signing and authentication mechanisms assure the validity of the data in transit. Even if a third-party attempted to eavesdrop on the network communication, the information itself would be indecipherable thanks to end-to-end encryption. 

Two-factor authentication (2FA) should also be utilized on every device that sends and receives PHI. Two-factor authentication can prevent data breaches on applications and platforms by requesting a combination of credentials at access points that only the actual patient, doctor, billing operator, or pharmacist would know.

Overall, network security can have an adverse effect on patient care. To secure healthcare technology during the pandemic and beyond, organizations must extend legacy devices, remote connections, and telehealth services to a secure exchange network via the cloud. Hybrid-cloud fax technology can provide end-to-end encryption, two-factor authentication, and direct transmissions to protect the integrity of PHI while ensuring that business-critical communications are sent with ultra-fast transmission speeds. 

About Paul Banco

As CEO and co-founder of etherFAX, Paul Banco is responsible for the strategic direction of the company and leads technology development, including the patented etherFAX and etherFAX SEN intellectual property. In 2009, he identified the need to leverage the cloud for secure document delivery and co-founded etherFAX with fellow telecom industry veterans. As a cloud-based and virtual solution, etherFAX enables healthcare organizations to securely send and receive information from a broad range of applications and endpoint devices. 


  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: apple, cloud, health insurance, healthcare technology, HIPAA, HITRUST, integrity, medical records, Microsoft, Partners, Patient Care, PHI, risk, Telehealth Services, unstructured data

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Insights

2025 EMR Software Pricing Guide

2025 EMR Software Pricing Guide

Featured Interview

Paradigm Shift in Diabetes Care with Studio Clinics: Q&A with Reach7 Founder Chun Yong

Most-Read

Medtronic to Separate Diabetes Business into New Standalone Company

Medtronic to Separate Diabetes Business into New Standalone Company

White House, IBM Partner to Fight COVID-19 Using Supercomputers

HHS Sets Pricing Targets for Trump’s EO on Most-Favored-Nation Drug Pricing

23andMe to Mine Genetic Data for Drug Discovery

Regeneron to Acquire Key 23andMe Assets for $256M, Pledges Continuity of Consumer Genome Services

CureIS Healthcare Sues Epic: Alleges Anti-Competitive Practices & Trade Secret Theft

The Evolving Role of Physician Advisors: Bridging the Gap Between Clinicians and Administrators

The Evolving Physician Advisor: From UM to Value-Based Care & AI

UnitedHealth Group Names Stephen Hemsley CEO as Andrew Witty Steps Down

UnitedHealth CEO Andrew Witty Steps Down, Stephen Hemsley Returns as CEO

Omada Health Files for IPO

Omada Health Files for IPO

Blue Cross Blue Shield of Massachusetts Launches "CloseKnit" Virtual-First Primary Care Option

Blue Cross Blue Shield of Massachusetts Launches “CloseKnit” Virtual-First Primary Care Option

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

2019 MedTech Breakthrough Award Category Winners Announced

MedTech Breakthrough Announces 2025 MedTech Breakthrough Award Winners

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |