Good Morning-I am currently on assignment with Duke University Health System in Raleigh NC.A little backstory, we are receiving an increasing number of requests (particularly from law firms) that are coming in with an electronic/digitized signature. Currently, these particular requests are being verified by having staff call and confirm with the patients that they did indeed sign these authorizations.We are hoping to do away with this current workflow but have been presented with the additional concern. How do we know these "agents" are utilizing the proper multi-authentication to confirm the patients identity prior to submitting the request to us?. I have spent countless hours researching and cannot find any exact verbiage on how these cases would be handled by HIPAA should we get and process a fraud request that utilizes an electronic signature. I have done research on the popular E-signature software and how they ensure multi authentication. We just want to be confident the agents are utilizing these tools appropriately as well.Is anyone willing to share how they handle electronic/digitized signatures for medical record requests. Do you accept Digitized only and not electronic? Are there only certain vendors you accept? (DocuSign, AdobeSign, etc.).Thank you in advance for your help.