Is a traditional fax machine secure?

Traditional fax machines offer no encryption — they transmit data as unencrypted analog signals over the public telephone network. Physical documents also sit exposed in the output tray. They're less secure than a certified online fax service. See our full breakdown in [Is Fax Still Secure?](/blog/is-fax-still-secure/).

What makes a fax HIPAA compliant?

For HIPAA compliance, a fax service must use TLS 1.2+ encryption in transit, AES-256 encryption at rest, role-based access controls, a full audit trail, and sign a Business Associate Agreement (BAA) with your organization. See the complete checklist in our [HIPAA fax requirements guide](/blog/hipaa-fax-requirements/).

What is the difference between a regular online fax and a secure fax?

A regular online fax service may route documents over the internet but offers no guarantee of encryption standards, compliance certifications, or audit logging. A secure fax service explicitly enforces AES-256 at rest, TLS 1.2+ in transit, provides a BAA, and is audited (SOC 2 Type II or HITRUST) by a third party.

Can faxes be intercepted?

Traditional PSTN faxes can theoretically be intercepted via phone-line tapping — no encryption is used. Secure online faxes encrypted with TLS 1.3 are effectively impossible to intercept in transit. The greater risk for online fax is account compromise (weak passwords, no MFA), not wire-level interception.

What Is a Secure Fax? Definition, Features & How to Send One

A secure fax encrypts your documents in transit and at rest, adds access controls, and maintains an audit trail — protecting sensitive data that ordinary fax or email leaves exposed. Here's exactly what that means and how to send one.

Frequently Asked Questions

What is a secure fax?: A secure fax is a digital document transmission that uses TLS 1.2/1.3 encryption in transit and AES-256 encryption at rest, combined with access controls and an audit trail. Unlike traditional fax or plain email, a secure fax ensures only authorized parties can access the document.
Is a traditional fax machine secure?: Traditional fax machines offer no encryption — they transmit data as unencrypted analog signals over the public telephone network. Physical documents also sit exposed in the output tray. They're less secure than a certified online fax service. See our full breakdown in [Is Fax Still Secure?](/blog/is-fax-still-secure/).
What makes a fax HIPAA compliant?: For HIPAA compliance, a fax service must use TLS 1.2+ encryption in transit, AES-256 encryption at rest, role-based access controls, a full audit trail, and sign a Business Associate Agreement (BAA) with your organization. See the complete checklist in our [HIPAA fax requirements guide](/blog/hipaa-fax-requirements/).
What is the difference between a regular online fax and a secure fax?: A regular online fax service may route documents over the internet but offers no guarantee of encryption standards, compliance certifications, or audit logging. A secure fax service explicitly enforces AES-256 at rest, TLS 1.2+ in transit, provides a BAA, and is audited (SOC 2 Type II or HITRUST) by a third party.
Can faxes be intercepted?: Traditional PSTN faxes can theoretically be intercepted via phone-line tapping — no encryption is used. Secure online faxes encrypted with TLS 1.3 are effectively impossible to intercept in transit. The greater risk for online fax is account compromise (weak passwords, no MFA), not wire-level interception.