Many healthcare teams still rely on clunky fax workflows that waste hours, manually downloading, renaming, and uploading referrals into EMRs. Fax.Plus solves this with a HIPAA plan, strong encryption, and a fax API so you can send PHI securely, track every step, and stay compliant without slowing down.
A secure fax API design must embed compliance into every stage of data handling. Fax.Plus HIPAA plan ensures all transmissions and stored data follow these principles by default.
Send fax: submit the fax job to Fax.Plus, receive a unique job ID, and monitor progress via secure webhook callbacks.
Receive fax: route inbound faxes from Fax.Plus directly to secure, access-controlled endpoints in your environment.
Manage Outbox: List, retrieve, update, or cancel pending fax jobs in your outbox to control scheduled sends and handle exceptions.
Fax Numbers: Provision and manage fax-enabled phone numbers, assign them to users, and configure notification or routing preferences.
Reliability & Safety: Configure retries, timeouts, and idempotency keys to prevent duplicate sends and ensure consistent delivery.
Use Fax.Plus webhooks for delivery receipts, failure notifications, and audit logging with HIPAA-ready metadata.
Implement signature validation and secret rotation to ensure webhook authenticity. Fax.Plus provides tools for both.
Fax.Plus encrypts all PHI at rest using AES-256 and in transit using TLS.
Avoid storing PHI in logs or temporary files on your side; Fax.Plus never includes PHI in webhook payloads.
Use redaction where possible and configure Fax.Plus retention settings to keep only the minimum data required.
Integrate fax functionality into your EMR, EHR, client portal or system using a developer-centric API, comprehensive documentation, and SDKs, making it easy for developers of all skill levels.
1const axios = require('axios');
2const OutboxApiFp = require('@alohi/faxplus-api').OutboxApiFp;
3const Configuration = require('@alohi/faxplus-api').Configuration;
4
5const config = new Configuration({
6 accessToken: accessToken,
7 basePath: 'https://restapi.fax.plus/v3',
8 // Header required only when using the OAuth2 token scheme
9 baseOptions: {
10 headers: {
11 "x-fax-clientid": clientId,
12 }
13 }
14});
15
16async function sendFax() {
17 const reqParams = {
18 "userId": '13d8z73c',
19 "payloadOutbox": {
20 "comment": {
21 "tags": [
22 "tag1",
23 "tag2"
24 ],
25 "text": "text comment"
26 },
27 "files": [
28 "filetosend.pdf"
29 ],
30 "from": "+12345667",
31 "options": {
32 "enhancement": true,
33 "retry": {
34 "count": 2,
35 "delay": 15
36 }
37 },
38 "send_time": "2000-01-01 01:02:03 +0000",
39 "to": [
40 "+12345688",
41 "+12345699"
42 ],
43 "return_ids": true
44 }
45 }
46 const req = await OutboxApiFp(config).sendFax(reqParams);
47 const resp = await req(axios);
48}
49
50sendFax()from faxplus import ApiClient, OutboxApi, OutboxComment, RetryOptions, OutboxOptions, OutboxCoverPage, PayloadOutbox
from faxplus.configuration import Configuration
outbox_comment = OutboxComment(tags=['tag1', 'tag2'],
text='text comment')
retry_options = RetryOptions(count=2, delay=15)
outbox_options = OutboxOptions(enhancement=True, retry=retry_options)
outbox_cover_page = OutboxCoverPage()
payload_outbox = PayloadOutbox(from='+12345667',
to=['+12345688', '+12345699'],
files=['filetosend.pdf'],
comment=outbox_comment,
options=outbox_options,
send_time='2000-01-01 01:02:03 +0000',
return_ids=True,
cover_page=outbox_cover_page)
conf = Configuration()
conf.access_token = access_token
# header_name and header_value required only when using the OAuth2 token scheme
api_client = ApiClient(header_name='x-fax-clientid', header_value=client_id, configuration=conf)
api = OutboxApi(api_client)
resp = api.send_fax(
user_id='13d8z73c',
body=payload_outbox
)<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}',
// The x-fax-clientid header is required only when using the OAuth2 token scheme
'x-fax-clientid' => '{client ID}',
);
$client = new GuzzleHttp\Client();
// Define array of request body.
$request_body = ...; // See request body example
try {
$response = $client->request('POST','https://restapi.fax.plus/v3/accounts/{user_id}/outbox', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
// The x-fax-clientid header is required only when using the OAuth2 token scheme
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
"x-fax-clientid": []string{"YOUR CLIENT_ID"}
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://restapi.fax.plus/v3/accounts/{user_id}/outbox", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
AES-256 encryption for stored files (at rest).
TLS/SSL for data in transit.
Role-based access control (RBAC).
Single sign-on (SSO) and two-factor authentication (2FA).
Detailed logs with timestamps and delivery confirmations.
Tamper-evident records.
Configurable retention policies.
Archiving and secure deletion.
Healthcare organizations use Fax.Plus HIPAA-compliant fax APIs to:
companies and teams trust Fax.Plus to grow their business
consistent, reliable uptime across all Alohi services
Countries impacted by Fax.Plus
Our sales team is ready to provide you with further assistance.
Get Pricing details for custom high-volume plans.
Schedule a Fax.Plus demo.
Explore use cases for your team.
Help you with the migration process.
Request to access Sandbox
