Comprehensive Compliance Across Multiple Industry Standards
HIPAA + BAA Compliance
In today’s digital age, safeguarding data, particularly sensitive health information, is paramount. For this reason, eFax has been meticulously designed to meet the stringent standards set by the Health Insurance Portability and Accountability Act (HIPAA) and the Business Associate agreement (BAA). Regardless of the healthcare documents you transmit, eFax guarantees the highest protection of your business and client data.
The eFax® Commitment to Compliance
We are excited to announce that eFax Corporate®, our top-tier cloud fax solution for enterprises, has successfully obtained the prestigious HITRUST Common Security Framework (CSF) certification.
This significant achievement demonstrates our unwavering dedication to maintaining the utmost level of security and compliance for our customers.
AES 256-bit and TLS 1.2
Military-grade encryption and maximum security protocol sed by endpoint devices to authenticate and encrypt data securely
HITRUST CSF® Certified
Integrates rigorous security controls from HIPAA, NIST, and ISO standards, with a comprehensive benchmark to safeguard sensitive data
HIPAA
Secure transmission and storage of protected health information (PHI) to safeguard patient data
SOC 1 & 2
Ensures system reliability, effective internal controls, and protection of customer data
HIPAA
eFax demonstrates a strong commitment to the healthcare sector’s needs by ensuring its electronic faxing service is HIPAA-compliant. HIPAA (Health Insurance Portability and Accountability Act) mandates strict standards for the secure transmission and storage of protected health information (PHI) to safeguard patients’ data.
Recognizing the criticality of these standards, eFax has implemented robust security measures. These measures include high-grade encryption for both transmission and storage of faxes, secure access controls, and comprehensive audit trails. eFax is also willing to sign Business Associate Agreements (BAAs) with healthcare providers, ensuring legal and regulatory compliance in handling and managing PHI.
GLBA
eFax demonstrates a strong commitment to ensuring compliance with the Gramm-Leach-Bliley Act (GLBA). eFax provides a feature-rich fax solution that directly supports GLBA compliance efforts through improved document management and secure data transmission.
Using advanced AES 256-bit encryption, TLS 1.2, and SSAE16/SOC2 certified data centers, businesses can rest assured that all digital faxes sent and received are secure and compliant with GLBA requirements.
PCI
eFax Corporate is PCI-DSS Compliant and uses v.3.2 encryption requirements. This means that faxes in transit and at rest are secured with the strongest encryption approved by the National Institute of Standards and Technology (NIST).
Additionally, eFax’s PCI-DSS compliance ensures that businesses that process, store, or transmit credit card information maintain a secure environment. This level of security is imperative for businesses in the finance sector, e-commerce companies, and any organization that deals with credit card payments.
SOC Compliance
eFax Corporate adheres to the rigorous standards of the Service Organization Control (SOC) protocols. These protocols offer an authoritative benchmark for the practices of businesses handling sensitive data. eFax’s compliance with SOC protocols is validated by third-party auditors, ensuring an unbiased and thorough evaluation of our controls and practices.
eFax leverages SOC 1 and SOC 2 compliance to assure our system’s reliability and the effectiveness of our internal controls. These parameters focus on protecting and safeguarding customer data and maintaining its confidentiality and privacy. This allows businesses to confidently use our digital fax solutions, knowing their sensitive information is handled with the highest level of security and compliance in mind.
SOC2
With SOC2 compliance, businesses can ensure that all their protected data is stored securely and handled with the utmost care. Not only does this ensure customer data safety, but it also reinforces customers’ trust in a company’s products and services.
eFax Corporate understands the importance of SOC2 compliance and has implemented measures to satisfy its requirements. Businesses can trust that their important information is safe by maintaining secure data collection and storage protocols, data transmission, user authentication, system access control, and other aspects of our digital fax solutions.
HITRUST
eFax goes above and beyond in ensuring its commitment to data protection and security by acquiring the HITRUST Certification. The HITRUST Common Security Framework (CSF) is a rigorously detailed set of security controls that integrates various cybersecurity standards, including HIPAA, NIST, and ISO, offering a comprehensive benchmark for safeguarding sensitive data and ensuring regulatory compliance.
eFax’s attainment of the HITRUST Certification signifies that its electronic faxing platform meets these stringent security standards, showcasing its dedication to preserving the confidentiality, integrity, and availability of its users’ data.
Start Building with the eFax® Platform
Related FAQs
See All FAQsTechnically, traditional machine faxing can be HIPAA-compliant because it offers point-to-point data protection. The issue may arise when the fax prints out at the recipient’s machine, though. Healthcare organizations must ensure they are sending the document to the right recipient and include a cover letter explaining who the information is for in case it ends up in the wrong hands.
However, even with these precautions, traditional faxing isn’t foolproof. Documents can easily end up with the wrong people, especially if they’re left forgotten at fax machines. And if the wrong person accesses the information, the file-sharing process is no longer HIPAA-compliant.
A better solution is eFax. It offers consistently safe and HIPAA-compliant file-sharing processes, thanks to the AES 256-bit encryption. You no longer have to worry about whether your faxes are going to the right place or if someone has accidentally intercepted them. By using eFax, you know exactly where your information is going — and that the data is completely protected in transit.
Yes, eFax Corporate’s cloud fax solutions use SSL encryption to protect both your inbound and outbound faxes. You also have access to eFax Protect™, our HIPAA-compliant online fax storage solution that uses 256-bit AES and TLS encryption to protect your information.
Yes, eFax takes the security and privacy of your documents very seriously. We use the strongest encryption methods available to protect your faxes, and our servers are regularly monitored to ensure the highest level of security.
Yes, eFax is completely safe and fully complies with HIPAA regulations.
HIPAA allows for data-sharing, but only between certain stakeholders. Any wrong step — like using a non-secure file-sharing platform — can make data available to unintended recipients and even bad actors. And unfortunately, many typical methods companies use to share information are not as safe as they seem. This is especially true as hackers continually improve their tactics.
Healthcare organizations need a tamper-proof way to share sensitive patient information — and eFax provides just that.
eFax Protect’s HIPAA compliant fax solution uses military-grade encryption to ensure no one can intercept the data while in transit. It doesn’t matter if your team faxes from their desktop, mobile device or laptop — the AES 256-bit encryption protects the information to help your organization remain HIPAA compliant.
Yes. The added convenience and enhanced employee productivity of a fax API would be valuable to your business only if that API were at least as secure as the other means of transmitting faxes. The security concerns of sending company data unsecured — particularly proprietary or regulated data — would outweigh the benefits of being able to fax by email directly from your workflow applications.
