5 min read

Fax, Cloud Fax, and HIPAA Compliance

Fax, Cloud Fax, and HIPAA Compliance

If a fax comes through your line, and nobody is there to pick it up, is it HIPAA compliant?

As an office technology provider that works with many medical and healthcare providers across the United States, we know that HIPAA compliance is at the forefront of every healthcare worker’s mind, all the time.

So, we’re well versed with the question, “Will this solution/technology/service make us HIPAA compliant?”

The answer to this question is always a tough one. The truth is, no product will ever make you HIPAA compliant, but a product can help make keeping up with compliance rules simpler.

As an example, HIPAA compliance dictates the need for faxing rather than emailing — but it can also easily lead to a situation where your office is not in compliance with HIPAA. So, how can a solution be both necessary to achieving compliance, but also be responsible for HIPAA violations?


HIPAA dictates that healthcare providers must take reasonable precautions to prevent PHI (Protected Health Information) and EPHI (Electronic Protected Health Information) from falling into the wrong hands. PHI and EPHI includes patient history, prescriptions, mental health status, billing information, and more.

Notice that nowhere in that statement is there any mention of a particular type of technology, software, or any proprietary solution. In fact, HIPAA was specifically written to exclude any specific solution, as to avoid curtailing progress or pigeon-holing healthcare providers into using an outdated system.

HIPAA does specifically state, however, the mediums of information storage that are covered under HIPAA: paper documents, digital documents, microfilm, and microfiche.

In short, it’s not the solution that makes your office HIPAA compliant: it’s how you use it.

Now, we can get to answering the question proposed above; how can a method of communication that is compliant with HIPAA standards break compliance? (Say that ten times fast.)

There is a phrase in HIPAA’s guidelines that serves as a catch all for potential negligence: “reasonable precautions.” So, to repeat the question at the very start of this blog, if a fax prints out on your machine, and the intended recipient isn’t there to pick it up, is it HIPAA compliant?

An unattended fax is technically in view of anyone who walks by the fax machine. Potentially, anyone, even a patient, could walk into the room that holds your fax machines, and view, take, or copy the unattended fax. It’s a question that is best answered with another question: is leaving PHI unattended, in reach of whoever walks by, a reasonable precaution? No.

The same could be said for a hypothetical network secured by the latest and greatest firewalls and antivirus software. If the server the EPHI is stored on is accessible by anyone with a wi-fi connection in the office, then the network is not HIPAA compliant. If that server was password protected, and required special permission for access, then it would be HIPAA compliant.


There’s a reason fax is so widely used throughout the healthcare industry: email is not a secure or official channel of communication, due to its easily mutable nature. Information included in an email can be easily changed, it is extremely difficult to verify the intended recipient, and emails are not considered legal documents in court.

It is for these reasons that email is not used by healthcare providers — not because email isn’t compliant with HIPAA standards. But, information must still be shared between providers, and insurance, and medical offices.

Let’s face it. Fax machines are the rotary phones of the office. But, faxes are still necessary. This is why healthcare providers are stuck spending money on a solution that is both costly and inefficient.

There’s no nice way to put it — fax machines are a burden on your bottom line. Medical offices are rapidly moving towards creating a full digital environment: from patient portals, to online billing, to VoIP phone systems. The one analog holdout is the fax machine.

Imagine the steps necessary to sending and receiving a fax:

  1. The sender walks to the printer
  2. Then, they print the document(s)
  3. And walk to the fax machine
  4. And then feed the document(s) into the fax machine
  5. And then they must dial the number
  6. And then wait for the fax to send
  7. Then they destroy or file the printed document
  8. And finally, wait for verification that the fax was received
  9. The recipient needs to walk to the fax machine
  10. Then they need to wait for the fax to come through
  11. Finally, they need to file it

That’s quite the number of steps taken just to send a document to another office, and it assumes the fax went through without any errors or timing out on either end.

To make matters worse, traditional fax isn’t just inefficient, it’s incredibly costly. On average, a fax costs a half cent per image (image meaning a single side of a piece of paper), and requires a specific type of infrastructure only required by a traditional fax machine.

Even if you aren’t using a VoIP phone system, most likely, your phone system does not run through copper wire like a fax. And traditional copper-based communication systems are expensive — especially when they are only used for one purpose.

Want to know why your non-VoIP phone system doesn’t use copper wire? Learn more here.


If a traditional fax machine is like a rotary phone, cloud fax would be like a smartphone. Cloud fax is a type of service provided by many different brands, like Faxcore, Rightfax, or X Medius.

Cloud faxes are sent through your email client, and are designed to work with the most popular emails clients like gmail, Outlook, and Constant Contact. Because a cloud fax is sent through a digital system, you never need to worry about printing a document before sending it to another office — you can simply attach it to an email, and press send.

As a major security bonus, you can use digital directories in your cloud fax service to send a fax to a specific person (this feature is only available if they use a cloud or fax solution as well).

In addition to this, cloud fax offers full audit tracking, allowing your to track where and when a fax was sent, making it incredibly easy to manage your fax system. Unlike traditional fax, cloud fax lines are inexpensive — and multiple faxes can be sent simultaneously through one line, without the risk of timing out.

In fact, not only are cloud faxes more secure than traditional faxes, they also carry more legal authenticity. This is achieved through timestamps and accurate date certification.

When a recipient receives a fax, they will be notified of its arrival — meaning if they use a cloud fax service of their own, they can simply open their inbox. Or, if they use a traditional fax, they know when it is time to get up from their desk and head to the fax machine.

Yes, you read that right — cloud fax is fully capable of sending a fax to a traditional fax machine.


To send a cloud fax, simply open up your email client, and then address the email to the intended fax number, followed by “@serviceprovidername.com.”

Keep in mind: depending on the service provider, like Faxcore, Rightfax, or X Medius, the domain name will change.

Then, hit send. That’s all there is to it.


For the user of a cloud fax solution, there is very little difference between a cloud fax and an email, as is the same for the recipient of the fax.

Where the two technologies differ is their method of transferring information. If you were to send an email to a fax machine, nothing would come out — this is because fax and email transfer information differently. It would be akin to a fish trying to speak with a tree.

Cloud fax solutions take the digital document that has been faxed, and transfer them to a secure server, which then configures the data into a format readable by a fax machine. Then, the document is sent to the fax machine itself, where it prints out normally.

If the cloud fax is being sent to another cloud fax user, this format transfer never happens — but unlike an email, the document sent is un-editable, just like a regular fax, preserving its legality.


Cloud fax solutions are almost always less expensive than a traditional fax line. If your office sends less than 500 faxes per month, you can expect to spend around $65 for a cloud fax solution.

As with any cloud solution, there are pricing tiers for different usage volumes, and your highest associated cost will be the upfront cost of implementation, and number porting (if you want to keep your old fax numbers).

Want to learn more about cloud fax? Read our blog, Email To Fax: How To Send A Fax Via Email

Switching to cloud fax is easy, and will save you time, money, and security woes. If you’d like to learn what cloud fax implementation would look like at your office, reach out to us here.

How Much Does it Cost to Reduce Faxes on my Copier?

How Much Does it Cost to Reduce Faxes on my Copier?

Faxes are an integral form of communication for your business, but they are also a bottleneck. While this secure and key communication tool is...

How Fax over IP Makes Your Faxes More Secure and Profitable

How Fax over IP Makes Your Faxes More Secure and Profitable

Here’s a fun office riddle: when you send a fax, where does it go?

How to Fax From Your Computer - Canon Copiers & Windows OS

How to Fax From Your Computer - Canon Copiers & Windows OS

Are you in a situation where you need to send a fax now? It’s a situation we all find ourselves in, and one that can be hard to get out of without a...