HIPAA Compliance


Venali helps its customers comply with U.S. laws including HIPAA (the Health Insurance Portability & Accountability Act).  Pursuant to the 2009 amendments to HIPAA, Venali may qualify as a “Business Associate” as defined by HIPAA.   A Business Associate” is an organization that performs certain services for a covered entity involving the use and/or disclosure of personal health information (“PHI”).  Covered entities and business associates are required to take measures to protect PHI.

According to the Security Standard Final Rule, a covered entity may permit a business associate to create, receive, maintain, or transmit electronic PHI on the covered entity’s behalf only if the covered entity obtains satisfactory assurances, in accordance with §164.306(a) that the business associate will appropriately safeguard the information.

Venali has implemented physical, organizational and the technical safeguards necessary to protect the confidentiality and integrity of PHI transmitted using Venali’s services.

As a result of the growing demand for Venali Desktop Internet Fax Services in the medical industry, many organizations are seeking information about HIPAA compliance and how it relates to implementing Venali. This information is presented in the following three sections:

HIPAA Compliance: Fax Machines and IT
Venali Desktop Internet Fax Services
Venali Security and HIPAA

Organizations that have questions about their specific needs and implementation plans are encouraged to contact Venali directly.

HIPPAA Compliance: Fax Machines and IT
Today many patient records, documents and transactions are delivered and exchanged using fax systems while physician’s offices, clinics and hospitals launch and support their HIPAA initiatives.

The HIPAA rules, both established and anticipated, provide a catalyst for medical organizations to increase their use of IT for handling their protected health care information. But IT systems can only reach so far. For numerous reasons, the need to exchange the bulk of this information via fax is a reality. One of the fundamental drivers behind the creation of HIPAA itself was the need for many different organizations and people to share a single patient’s information.

The need to exchange information between care providers means that regardless of what internal IT investments and improvements are made by a medical organization, they can not eliminate the need to share some data with other care givers via fax technology. Depending on the types of information being exchanged and the types of organizations they are sharing it with, many medical organizations have enough faxing volume and activity to merit improvements in how they send, receive, log and store faxes.

IT Systems/Features – HIPAA Advantages Faxing – HIPAA Disadvantages
PC’s and workstations have user login and password systems. Everyone in a medical office has physical access to one or more fax machines. All popular PCs and operating systems are designed to blank screens and lock for re-login when there is no recent use. Many received faxes remain on the fax machine or in a holding tray for long periods of time. Information is stored digitally behind robust IT security systems and policies. Information is stored on paper creating the need for expensive storage improvements along with inefficient and cumbersome policies and processes.

Venali Desktop Internet Fax Services
By enabling users to send and receive faxes to and from anywhere in the world from their PC or workstation just as easily as they send and receive email, Venali Desktop Internet Fax Services deliver convenient mouse-click and keyboard access to faxing. By enabling organizations to log, store, and manage their fax records, Venali Internet Desktop Fax Services combines the power and convenience of IT systems with the need to support and manage fax as a means of exchanging information. With Venali Desktop Internet Fax Services, medical organizations use the many inherent HIPAA advantages of IT systems while eliminating the HIPAA disadvantages associated with faxing.

Venali Security and HIPAA
Organizations with HIPAA compliant email systems gain significant HIPAA compliance advantages for faxing while also enjoying the many other Venali customer benefits. Deploying Venali requires virtually no up-front investment or user training. And unlike traditional fax methods, Venali solutions do not require ordering, installing and managing servers, fax machines, and phone lines. The exchange of information via the public internet is not yet considered to be fully HIPAA compliant but there are effective methods to deploy Venali and using the internet for connectivity. The most effective way for organizations to deploy a HIPAA-compliant Venali implementation is by connecting to Venali via a Virtual Private Network. Using this method leverages the low costs of the internet infrastructure while ensuring that emails containing in-bound or out-bound faxes travel only through a secure and encrypted virtual tunnel.

Alternatively, Venali can be deployed by integrating it with the Microsoft Fax Client that is part of Windows 2000 and higher. Using this implementation method eliminates the need for a VPN connection but all in-bound and out-bound faxes are secure because they are encrypted using SSL (Secure Socket Layer).

Organizations seeking information about Venali Desktop Internet Fax Services should contact their Venali Solutions Provider/Integrator or Venali sales at 786.276.0660 or sales@venali.com.