In today’s connected world of healthcare, you’re right to be concerned about document security and HIPAA compliance.

The Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) establishes regulations for the use and disclosure of an individual’s Protected Health Information (PHI) held by ‘covered entities’ (typically clearing houses, employer sponsored health plans, health insurers and medical service providers).

Such ‘covered entities’ can process PHI through Scrypt’s products and services entirely confident that we can help them meet the HIPAA requirements.

Scrypt may be defined as a ‘Business Associate’ (BA). A BA is a person or organization that performs certain services for a covered entity. involving the use and/or disclosure of PHI. When PHI is transferred from one computer to another, HIPAA security measures need to implemented by the covered entity and BA.

According to the Security Standard Final Rule, a covered entity may permit a BA to create, receive, maintain or transmit ePHI on the covered entities behalf only if the BA obtains satisfactory assurances, in accordance with §164.305(a) that the BA will appropriately safeguard the information.

This information is intended to provide assurance that Scrypt will safeguard all information transferred to and from covered entities while using our products and services. Scrypt has implemented physical, organizational and technical safeguards necessary to protect the confidentiality and integrity of the information being processed.


Scrypt has a plethora of physical, organizational and the technical measures to protect the confidentiality and integrity of information processed by our products and services. Our safeguards, combined with our smart technology, means that we deliver the highest levels of security in relation to digitizing, processing and storing sensitive information.


We exceed rigors of HIPAA compliance by utilizing the latest smart technology and provide the highest security levels.

Sfax faxing tips

HIPAA has particular requirements for exchanging PHI and specifically around faxing PHI to ensure that the privacy and security of the information is protected throughout the entire document lifecycle.

Sfax is our secure HIPAA-compliant cloud-based fax solution. Not only are our solutions intrinsically superior to manual faxing, they are entirely capable of meeting the specific HIPAA requirements for faxing:

  • Incoming faxes do not sit on publically-available fax machines. They are automatically routed to a recipient’s secure inbox
  • Senders select recipients from established lists reducing the chance of incorrectly specifying the destination fax number
  • Notifications are sent to recipient’s inbox with a link to a specific fax
  • Cover pages are tightly controlled
  • Complete end-to-end audit trail of all fax activity.