Question about HIPPA and faxes...

Nurses General Nursing

Published

I am sure there will be someone out there who can help me find the answer to this question...

We were told today at work that EVERYTHING we fax must have a cover sheet on it. This is suppose to include information faxed internally too. Our physician order sheets are carbon-less copies that we pull the copy off and fax the med orders to our pharmacy. Now we are told that even those papers will have to have a cover sheet. We fax AT least 100 times to pharmacy in 12 hour shift....sure seems like an awful lot of paper waste. I totally understand the need to have cover sheets when we are faxing something outside of our facility, but internally? :rolleyes: Please, someone tell me that our administration is going overboard with this. They have a tendency to do that....Thanks...

Up Vote Up Vote ×
Specializes in ORTHOPAEDICS-CERTIFIED SINCE 89.

Going to a paperless system seems to be using more paper than before. I don't recall internal faxes needing cover sheets....is this an internal rule? I do know the fax machines have to be in a secure place, not visible to passers by

Up Vote Up Vote ×

Can you have one generic cover sheet that you use? I think what they are trying to avoid is someone walking by the fax machine and seeing a patient's name.

Up Vote Up Vote ×

I'm not a lawyer, but am familiar with HIPAA privacy rules. It would seem to me that internal faxes needing cover sheets would be a little overboard. HIPAA allows for what is called "incidental disclosure", so even if someone other than the intended recipient were to pick up a fax not intended for them, it could be considered "incidental disclosure." It sounds like they are simply trying to cover their rears without fully understanding the intent of the new rules. As someone echoed earlier, an external fax I could understand, but one to the pharmacy? Sounds excessive to me.

Up Vote Up Vote ×
Specializes in ER CCU MICU SICU LTC/SNF.

I'm am not making a comment to dispute nor debate your administration's decision. Unless you sit with them in a policy decion-making capacity, I'd rather find a way to abide by it.

Anyhow here's a fact about HIPAA and FAX...

http://www.hipaadvisory.com/action/faxfacts.htm

... as you can see, it's not only about a "privacy disclosure cover sheet"

If you use ONE cover sheet preprinted with the addressee name (maybe printed in a bright colored paper) and enclose the same one with every Fax transmission, you won't be using too many paper. As for the recepient receiving an extra page, recycle them. Eventually it'll become a habit. :)

Up Vote Up Vote ×

Thanks for all the replies. The fax machine is behind the nurses' station and not accessible to the public. Somebody would need to have Superman vision to be able to read the names from the fax. We have a generic sheet that we can use over and over, but it sure is going to be a lot of paper for the pharmacy. Our department actually does a lot more faxing out than receiving faxes. Plus, how are we going to prove in the patient's chart that the information we faxed actually got to the intended recipient? The way I see it, unless we put some kind of record in the patient's chart there really isn't anyway to prove that fax got to where it was suppose to be. :confused: Anyone else totally lost now?

Up Vote Up Vote ×

After reading the info on the web site that Talino posted, it seems that the purpose of the cover sheet your administration is requiring is a tool to decrease the incidence of a fax being sent to the wrong dept. (Incidental disclosure). I agree with above posters in using a generic cover sheet for each dept. that you send faxes to, color coding these would save time. For example, a generic yellow cover sheet always goes to pharmacy, a generic pink cover sheet always goes to respiratory, etc. You can reuse the cover sheets, and wouldnt have to fill one out for each fax you send.

Up Vote Up Vote ×
Specializes in ER CCU MICU SICU LTC/SNF.
Plus, how are we going to prove in the patient's chart that the information we faxed actually got to the intended recipient?

... you get a confirmation receipt of each Fax transmissions don't you? Well, if this would really be an issue, you may need to start storing these receipts or attaching it to every faxed item. Now we're talking real mountains of paperwork eh? Hmmmm, reminds me of receipts I keep for a dubious "tax" audit. :eek:

Most likely your administration has already in place a HIPAA compliance protocol. Your concerns are legit but let your bosses worry about it and be worthy of their fat checks. Your patient is more interested in your TLC.:kiss

Up Vote Up Vote ×

We're all talking about a standard that has not even been published. The HIPAA security guidelines are still "proposed", not official. My personal belief is that the color coded cover sheets might complicate the issue and you'll end up sending something to a location you didn't intend to through the use of these prepepared cover sheets. Obviously, if it's the policy of your organization to always use a cover sheet, then always use a cover sheet.

That said, if I remember correctly, the original question was whether or not this particular administration was going overboard or not. In my opinion it is. By the way, I see nothing on the website mentioned (which, by the way is simply one lawyer's opinion), that says you have to use a cover sheet. Maybe I'm missing it, but I don't think so.

In general, people have way overblown what is required by HIPAA. 98% of it is about taking reasonable steps to protect PHI. The most important thing to remember is that no policy should negatively affect patient care. If a particular administration's policy does that, they need to find other ways to comply with HIPAA.

Up Vote Up Vote ×
Specializes in ER CCU MICU SICU LTC/SNF.
Originally posted by Scott_T

We're all talking about a standard that has not even been published. The HIPAA security guidelines are still "proposed", not official.

Check this out..

http://www.hhs.gov/news/press/2002pres/hipaa.html

...even granting it is still "proposed", then it's justifiable for an organization to go "overboard." You'll never know what's what.

Originally posted by Scott_T

By the way, I see nothing on the website mentioned (which, by the way is simply one lawyer's opinion), that says you have to use a cover sheet. Maybe I'm missing it, but I don't think so.

"ADMINISTRATIVE PROCEDURES

Include a pre-printed confidentiality statement on all fax cover sheets. The statement should instruct the receiver to destroy the faxed materials and contact the sender immediately, in the event that the transmission reached him/her in error."

I guess if you don't use a cover sheet, it's "do whatever you want with it for the recipient", eh?

You're correct he's a lawyer all right, but check out his bio in the bottom of this page...

http://www.hipaadvisory.com/action/legalqa/hipaalaw.htm#SteveFoxBio

I sure wouldn't mine an expert's opinion.

Originally posted by Scott_T

In general, people have way overblown what is required by HIPAA. 98% of it is about taking reasonable steps to protect PHI. The most important thing to remember is that no policy should negatively affect patient care. If a particular administration's policy does that, they need to find other ways to comply with HIPAA.

Your absolutely right ;), thanks to a free info site...

http://www.hipaadvisory.com/regs/index.htm

Up Vote Up Vote ×
Specializes in Vents, Telemetry, Home Care, Home infusion.

Does the originator of this ruling realize that you fax 100 times a day to pharmacy just from your ONE unit? Tha'ts 100 coversheets x 5 nursing units =500 extra pieces of paper???

As long as used INTERNALLY within your institution to a PREPROGRAMED fax number, a coversheet shouldn't be necessary. If you are faxing to an infrequent location, a coversheet would be a good idea in case fax # is changed or down. All faxes OUTSIDE your facility, especially to physician offices should have a cover sheet.

Agree with Scott:

HIPAA allows for what is called "incidental disclosure", so even if someone other than the intended recipient were to pick up a fax not intended for them, it could be considered "incidental disclosure."

YEs, you need to have a preprinted confidentiality statement on all fax cover sheets. The statement should instruct the receiver to destroy the faxed materials and contact the sender immediately, in the event that the transmission reached him/her in error

Some of the facilities our intake department get faxes from have notices that state to refax information back to the sender. Other coversheets (including my own agency) request them returned via U.S. MAIL--- with the idea that return this way guarantees that they've been returned to you. Told my VP that was hogwash as anyone could copy and distribute the errant fax even with such a notice and that NO ONE has ever followed this policy. Most error recepients call then fax back the info to our department. (Mostly its that we sent a Pittsburgh referral to our NJ office etc).

If you DO do a lot of faxing to outside sources, I suggest a standard cover letter with offices names/fax number listed. You can then just circle the appropriate party and have correct number to fax --right on the form. Since we send a great many Verbal orders and plans of treatment needing signature to same docs weekly, we just white out date and add current one--- after a few days we use fresh copy. We keep a copy of forms for each doc listed in an aphabetical filebox--one copy in plastic sheet so we know to copy last one.

We also have a form used to fax hospital discharge planners (DP) to notify them of a homecare patients admisson--it contains with top 10 hospitals DP/case mgmt names and numbers--just check the facility, add pts name and DOB and secretary faxes. We keep faxed sheet in chart as proof of hospital coordination---also that we want our patient BACK.

Up Vote Up Vote ×

NRSKarenRN-

I knew you would have an answer for me. Thanks. No, I don't think the people making this rule up have even considered the fact that our fax machine goes practically non-stop to pharmacy from 7am-10pm, and then some. The pharmacy fax is a preprogrammed number, it is actually the number one button on the preprogrammed keys. The funny thing is, half the time the pharmacy can't read what is on the faxed copy anyway and call us for clarification...

I am really starting to dread this HIPAA thing. I think it will go to far the other way and the people who have a right to know will have to jump through hoop after hoop to get just the basic information....This will probably be something else that will drive people away from nursing and other healthcare occupations...

Up Vote Up Vote ×
+ Add a Comment