Is eFax HIPAA Compliant? Plans, BAA & Alternatives
eFax is HIPAA compliant only on its Protect and Corporate plans. Learn which eFax tiers include a BAA, what the fine print says, and how mFax Business compares on price, encryption, and compliance features.
Frequently Asked Questions
Is eFax HIPAA compliant?
Only on the Protect ($49.99/mo) and Corporate plans. The Plus and Pro plans do not include a BAA and cannot be used to transmit PHI. See our [complete HIPAA fax guide](/blog/hipaa-compliant-fax/) for what compliance requires.
Does eFax sign a BAA?
Yes, but only for Protect and Corporate subscribers. You cannot review the BAA terms before purchasing a plan — a concern flagged by compliance analysts.
Which eFax plan do I need for HIPAA compliance?
eFax Protect at $49.99/mo is the minimum HIPAA-compliant tier. It includes a BAA, AES-256 encryption, and audit trails. The Plus and Pro plans are not HIPAA compliant.
Is there a cheaper HIPAA-compliant alternative to eFax?
Yes. [mFax Business](https://mfax.to/business/) offers HIPAA compliance with a BAA on all paid plans starting at $20.99/mo — less than half of eFax Protect's price.
Is eFax HITRUST certified?
Only eFax Corporate holds HITRUST CSF certification. eFax Protect, despite being marketed as HIPAA-compliant, is not HITRUST certified.