Traditional fax machines transmit unencrypted signals—anyone with line access can intercept them. Online fax services protect your documents with TLS and AES-256, but only if you pick the right provider. Here's exactly how fax encryption works.
Frequently Asked Questions
Are traditional fax machines encrypted?
No. Traditional fax machines transmit documents as unencrypted analog audio signals over phone lines. There is no encryption at any point in the process—anyone with physical access to the phone line can intercept and decode your fax.
Can a fax be intercepted or hacked?
Yes. Traditional faxes can be intercepted via a phone line tap, read from an unattended print tray, or exploited through hardware vulnerabilities (like the 2018 Faxploit attack). Online fax services using TLS 1.3 and AES-256 are substantially harder to intercept.
What encryption does a HIPAA-compliant fax service use?
HIPAA-compliant fax services use TLS 1.2 or higher for data in transit and AES-256 for data at rest. They also provide access controls, audit logs, and a signed Business Associate Agreement (BAA). All of these are required—not optional—under the 2026 proposed HIPAA Security Rule.
Is online fax more secure than email?
Yes, when using a reputable encrypted fax service. Standard email often travels unencrypted across multiple servers. Online fax services like mFax Business create a direct, TLS-encrypted connection with AES-256 storage—making them a safer channel for sensitive documents.
Does mFax encrypt my faxes?
Yes. mFax uses TLS 1.3 for data in transit and AES-256 for data at rest on every transmission. mFax Business also provides a signed Business Associate Agreement (BAA) for healthcare and compliance use cases, making it suitable for sending PHI.