Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Is Fax.Plus HIPAA compliant?

Is Fax.Plus HIPAA compliant?

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities (CEs) and their business associates (BAs) must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI). We know the  HIPAA industry is vast and that sending important documents securely to other providers or to patients is fundamental to patient care. This is especially true with the recent digital transformation in healthcare and the current need to function more remotely.

RELATED: Historic Expansions of Telehealth to Combat COVID-19

Today, we will determine if Fax.Plus is HIPAA compliant or not, and we'll explain why you should consider using HIPAA compliant email instead.


Free Whitepaper "Kill the Fax"

About Fax.Plus

Fax.Plus is one of several online fax service providers that offer fax numbers for sending and receiving faxes through a web portal, by email, and/or even via mobile apps. The Swiss company offers services through all platforms. Customers sign up for one of five flexible pricing plans from Free to Enterprise depending on their needs. Users can send and receive faxes internationally and keep their current fax number if desired.


Fax.Plus and the business associate agreement

A BA is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI on behalf of a CE. In this instance, Fax.Plus is a BA for a healthcare organization if it transmits or stores PHI. RELATED: Is a Name PHI? Generally, the HIPAA Privacy Rule allows CEs to disclose PHI to a BA if they receive assurance that the information is protected through a signed business associate agreement (BAA). Fax.Plus will sign a BAA with users of its Enterprise plan. CEs must first sign up for the highest tier then request a BAA.


Fax.Plus and security

The company utilizes cybersecurity safeguards to meet HIPAA requirements for securing PHI and electronic PHI (ePHI). Once a CE joins the Enterprise tier and signs a BAA, HIPAA compliant advanced security controls are enabled. Instituted policies and procedures include:
  • Access controls
  • Encryption for data at rest and in motion
  • Audit controls
  • User authentication
  • No storage option
  • Proper data disposal
  • Physical safeguards
  • Cybersecurity training for personnel
General password security only asks for a username and password. However, two-factor authentication is enforced for those within the Enterprise plan. Mobile app users have the added protection of biometric authentication. Finally, Fax.Plus explores further email security options to ensure HIPAA compliance. For example, inbound documents may only be sent to the intended recipient’s email to limit unwanted disclosure.


Is Fax.Plus HIPAA compliant?

The BAA is a key component of HIPAA compliance and Fax.Plus offers a BAA for Enterprise plan customers. Without it, a CE is liable for a breach or HIPAA violation, which is why signing one is critical. RELATED: Healthcare Data Breaches – A Haunting Reality Furthermore, Fax.Plus displays its stringent cybersecurity practices on its website and seems to understand what HIPAA compliance means. Conclusion Fax.Plus is HIPAA compliant.


HIPAA compliant email—a better alternative to fax

Rather than waste time and energy with physical and electronic faxing, CEs should stick to sending and receiving important documents through HIPAA compliant email. RELATED: Fax Machines Are Terrible for Healthcare – Here’s Why Paubox will not only sign a BAA but will also work tirelessly to keep you safe without any added steps for the sender or recipient. With  Paubox Email Suite, CEs have all outbound email (and file attachments) encrypted by default; users can send messages from existing email platforms (such as  Microsoft 365 and  Google Workspace). Emails are delivered directly to your recipients’ inboxes—no passwords or portals are required. When you need to send documents that contain PHI, HIPAA compliant email is the most secure method available.
Try Paubox Email Suite for FREE today.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.