compliance-hero
Compliance

Comprehensive Compliance Across Multiple Industry Standards

hipaa-compliance-intro

HIPAA + BAA Compliance

In today’s digital age, safeguarding data, particularly sensitive health information, is paramount. For this reason, eFax has been meticulously designed to meet the stringent standards set by the Health Insurance Portability and Accountability Act (HIPAA) and the Business Associate agreement (BAA). Regardless of the healthcare documents you transmit, eFax guarantees the highest protection of your business and client data.

Find Out More

The eFax® Commitment to Compliance

We are excited to announce that eFax Corporate®, our top-tier cloud fax solution for enterprises, has successfully obtained the prestigious HITRUST Common Security Framework (CSF) certification.

This significant achievement demonstrates our unwavering dedication to maintaining the utmost level of security and compliance for our customers.

Get Started
icon-red-servers

AES 256-bit and TLS 1.2

Military-grade encryption and maximum security protocol sed by endpoint devices to authenticate and encrypt data securely

icon-red-storage-security

HITRUST CSF® Certified

Integrates rigorous security controls from HIPAA, NIST, and ISO standards, with a comprehensive benchmark to safeguard sensitive data

HIPAA Compliant Cloud Fax

HIPAA

Secure transmission and storage of protected health information (PHI) to safeguard patient data

icon-red-api-gear

SOC 1 & 2

Ensures system reliability, effective internal controls, and protection of customer data

HIPAA

eFax demonstrates a strong commitment to the healthcare sector’s needs by ensuring its electronic faxing service is HIPAA-compliant. HIPAA (Health Insurance Portability and Accountability Act) mandates strict standards for the secure transmission and storage of protected health information (PHI) to safeguard patients’ data.

Recognizing the criticality of these standards, eFax has implemented robust security measures. These measures include high-grade encryption for both transmission and storage of faxes, secure access controls, and comprehensive audit trails. eFax is also willing to sign Business Associate Agreements (BAAs) with healthcare providers, ensuring legal and regulatory compliance in handling and managing PHI.

Learn-hippa-compliance

GLBA

eFax demonstrates a strong commitment to ensuring compliance with the Gramm-Leach-Bliley Act (GLBA). eFax provides a feature-rich fax solution that directly supports GLBA compliance efforts through improved document management and secure data transmission.

Using advanced AES 256-bit encryption, TLS 1.2, and SSAE16/SOC2 certified data centers, businesses can rest assured that all digital faxes sent and received are secure and compliant with GLBA requirements.

Secure-Fax-PMT

PCI

eFax Corporate is PCI-DSS Compliant and uses v.3.2 encryption requirements. This means that faxes in transit and at rest are secured with the strongest encryption approved by the National Institute of Standards and Technology (NIST).

Additionally, eFax’s PCI-DSS compliance ensures that businesses that process, store, or transmit credit card information maintain a secure environment. This level of security is imperative for businesses in the finance sector, e-commerce companies, and any organization that deals with credit card payments.

BAA Agreements

SOC Compliance

eFax Corporate adheres to the rigorous standards of the Service Organization Control (SOC) protocols. These protocols offer an authoritative benchmark for the practices of businesses handling sensitive data. eFax’s compliance with SOC protocols is validated by third-party auditors, ensuring an unbiased and thorough evaluation of our controls and practices.

eFax leverages SOC 1 and SOC 2 compliance to assure our system’s reliability and the effectiveness of our internal controls. These parameters focus on protecting and safeguarding customer data and maintaining its confidentiality and privacy. This allows businesses to confidently use our digital fax solutions, knowing their sensitive information is handled with the highest level of security and compliance in mind.

SOC2

With SOC2 compliance, businesses can ensure that all their protected data is stored securely and handled with the utmost care. Not only does this ensure customer data safety, but it also reinforces customers’ trust in a company’s products and services.

eFax Corporate understands the importance of SOC2 compliance and has implemented measures to satisfy its requirements. Businesses can trust that their important information is safe by maintaining secure data collection and storage protocols, data transmission, user authentication, system access control, and other aspects of our digital fax solutions.

HITRUST

eFax goes above and beyond in ensuring its commitment to data protection and security by acquiring the HITRUST Certification. The HITRUST Common Security Framework (CSF) is a rigorously detailed set of security controls that integrates various cybersecurity standards, including HIPAA, NIST, and ISO, offering a comprehensive benchmark for safeguarding sensitive data and ensuring regulatory compliance.

eFax’s attainment of the HITRUST Certification signifies that its electronic faxing platform meets these stringent security standards, showcasing its dedication to preserving the confidentiality, integrity, and availability of its users’ data.

Administration
protect-icon

eFax Protect

eFax Protect allows you secure faxing with 256-bit AES encryption and HIPAA, SOX and GLBA regulatory compliance. With a mobile application, no additional hardware (read: fax machines) and free online storage, eFax Protect meets your business compliance needs. You can fax by email and even share large files.

Learn More
corporate-icon

eFax Corporate

eFax is specifically designed to cater to the needs of businesses. Whether you’re a large enterprise or a smaller business, eFax Corporate offers a comprehensive set of fax features that comply with regulatory standards like HIPAA, GLBA, SOX, PCI. We prioritize security with 256-bit TLS encryption and Tier-3 secure servers, ensuring our cloud-based faxing service is flexible, scalable, and secure.

Learn More

Start Building with the eFax® Platform

Compare All Plans Contact Sales

Related FAQs

See All FAQs

Technically, traditional machine faxing can be HIPAA-compliant because it offers point-to-point data protection. The issue may arise when the fax prints out at the recipient’s machine, though. Healthcare organizations must ensure they are sending the document to the right recipient and include a cover letter explaining who the information is for in case it ends up in the wrong hands. 

However, even with these precautions, traditional faxing isn’t foolproof. Documents can easily end up with the wrong people, especially if they’re left forgotten at fax machines. And if the wrong person accesses the information, the file-sharing process is no longer HIPAA-compliant. 

A better solution is eFax. It offers consistently safe and HIPAA-compliant file-sharing processes, thanks to the AES 256-bit encryption. You no longer have to worry about whether your faxes are going to the right place or if someone has accidentally intercepted them. By using eFax, you know exactly where your information is going — and that the data is completely protected in transit.  

Yes, eFax Corporate’s cloud fax solutions use SSL encryption to protect both your inbound and outbound faxes. You also have access to eFax Protect™, our HIPAA-compliant online fax storage solution that uses 256-bit AES and TLS encryption to protect your information.

Yes, eFax takes the security and privacy of your documents very seriously. We use the strongest encryption methods available to protect your faxes, and our servers are regularly monitored to ensure the highest level of security.

Yes, eFax is completely safe and fully complies with HIPAA regulations. 

HIPAA allows for data-sharing, but only between certain stakeholders. Any wrong step — like using a non-secure file-sharing platform — can make data available to unintended recipients and even bad actors. And unfortunately, many typical methods companies use to share information are not as safe as they seem. This is especially true as hackers continually improve their tactics.

Healthcare organizations need a tamper-proof way to share sensitive patient information — and eFax provides just that. 

eFax Protect’s HIPAA compliant fax solution uses military-grade encryption to ensure no one can intercept the data while in transit. It doesn’t matter if your team faxes from their desktop, mobile device or laptop — the AES 256-bit encryption protects the information to help your organization remain HIPAA compliant.

Yes. The added convenience and enhanced employee productivity of a fax API would be valuable to your business only if that API were at least as secure as the other means of transmitting faxes. The security concerns of sending company data unsecured — particularly proprietary or regulated data — would outweigh the benefits of being able to fax by email directly from your workflow applications.

Explore the Other eFax® Platform Pillars

Customer Service Customer-Service

Customer 
Services

Learn More
Cost Cost

Cost Value

Learn More
Reliability Reliability

Reliability

Learn More
Compliance Compliance

Compliance

Learn More
Interoperability Interoperability

Interoperability

Learn More

Take Your Faxing to the Next Level

For over two decades, eFax® has been the leading provider of best-in-class electronic fax solutions, serving small businesses and cloud-driven enterprises alike.

Compare All Plans Start for Only $15
What's Your Fax use case?*(Required)
Interested in eFax Api?
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form