Alohi logo
Products
SolutionsTrustContact Sales
Fax plus logo
Download
Arrow
Corporate Solutions
Arrow
Features
Arrow
Pricing
Log in
Get Started
Fax plus logo
Download
Arrow
Corporate Solutions
Arrow
Features
Arrow
Pricing
Log in
Get Started
Products
Arrow
SolutionsTrustContact Sales
HIPAA Fax
Fax Medical Records

How to Fax Medical Records

HIPAA Compliant Guide for Healthcare

Because emails are prone to breaches and hacks, sending medical records this way is not safe. Use a HIPAA-compliant fax service instead, include a confidential cover sheet, verify the recipient number, and keep audit trails. For secure medical record faxing, try Fax.Plus.

HIPAA Plan
Schedule a Demo
hipaa-fax

HIPAA Rules for Faxing Medical Records

HIPAA requires both technical and administrative safeguards when faxing protected health information (PHI).

Technical Safeguards

Technology-driven measures that prevent unauthorized access and ensure PHI stays protected during faxing.

  • Encrypt all data in transit and at rest to protect PHI.

  • Limit device access: Use unique logins with multi-factor authentication and restrict fax permissions to authorized staff.

  • Harden physical fax devices: place machines in supervised or access-controlled areas, and lock them when not in use.

  • Verify transmission details: double-check the recipient’s fax number before sending and confirm receipt with the intended party.

Administrative Safeguards

Policies, procedures, and training practices that ensure faxing processes consistently protect PHI.

  • Establish written policies covering who may send PHI and how recipient numbers are verified.

  • Use a HIPAA-compliant cover sheet: Include sender and recipient details, plus a confidentiality notice.

  • Train all staff handling faxed PHI on security procedures and HIPAA rules.

  • Maintain audit trails: Record who sent or received each fax, along with date, time, and location.

  • Protect stored PHI: Encrypt digital copies, keep paper faxes in locked storage, and dispose outdated records.

/ How to

How to Fax Medical Records Securely

To begin, confirm patient authorization or another valid legal basis for disclosure. Then gather all required documents (e.g., chart notes, labs, referrals) and verify they are accurate and complete. Finally, follow this simple workflow using Fax.Plus to ensure compliance and traceability.

Fax Medical Records
Set up HIPAA fax
Common Mistakes
Assistant Must-Dos

How to Send a Fax with PHI

1
Once you have set up HIPAA mode for your organization and ensure a BAA is in place.
2
Go to the Send Fax section in your Fax.Plus Dashboard, and type in the verified fax number of your recipient including the country code and area code. You can send a fax online from a computer to multiple fax numbers at once.
3
Attach files (PDF, TIFF, or scanned pages) and add your HIPAA cover sheet as the first page with Fax.Plus cover sheet generator.
4
Send securely. In HIPAA mode, PHI is not emailed as attachments; users are notified to view in the secure portal.
5
Monitor delivery status in the dashboard and save the delivery confirmation to the patient record.
6
Retain the audit log per your policy and route inbound faxes to the correct team inbox for follow-up.
Get started

Become HIPAA Compliant on Fax.Plus

Discover how to become HIPAA Compliant on Fax.Plus with this step-by-step tutorial.

1
Create an account on Fax.Plus and purchase an enterprise plan
2
Port in or add a fax number to your account.
3
Meet data residency requirements by selecting the appropriate data center location in the compliance tab
4
Activate Advanced Security Controls to further secure your account
5
Request and sign a Business Associate Agreement (BAA) to officially mark your account as fully HIPAA compliant.
Get started

Common Mistakes and How to Avoid Them

Most incidents come from process gaps, not technology. Common mistakes to avoid include:

  • Wrong Number: Always perform a second check.

  • No Cover Sheet: Increases risk of unauthorized disclosure.

  • Skipping Confirmation: Without delivery proof, audits are harder.

  • Poor Training: Leads to preventable compliance issues.

  • Weak Record-Keeping: Store logs in patient files for audit readiness.

When Sending a Fax, the Medical Assistant Must

When transmitting a fax that includes patient information, the medical assistant must ensure that every step complies with HIPAA guidelines. This includes:

  • Verify HIPAA mode and security features are active.

  • Use the correct confidential cover sheet.

  • Confirm the fax number to avoid misdirected PHI.

  • Keep a record of sent faxes and confirmations for audits.

Fax vs Email: Why Faxing Is the Best Choice

Faxing medical records might seem old-fashioned, but it remains a secure method. Unlike email, fax data travels over the telephone network, making it less vulnerable to cyberattacks. With modern enhancements, services like Fax.Plus combine traditional faxing with state-of-the-art internet security. This means you don’t have to invest in an old fax machine or worry about outdated technology.

Risky, non‑compliant practice

  • Printed faxes sit on a shared machine where anyone can view PHI.

  • Fax-to-email sends PHI as open attachments.

  • No audit trail or delivery proof.

Compliant practice (Fax.Plus)

  • Role-based access; PHI is viewed only in the secure Fax.Plus portal.

  • HIPAA mode disables PHI email attachments; staff receive secure notifications instead.

  • Delivery confirmations and audit logs show who sent, when, and to whom.

How Long Does It Take to Fax Medical Records?

Sending medical records via Fax.Plus is nearly instantaneous. Once your documents are uploaded and the secure settings are in place, your fax is sent in seconds. This quick process is ideal for urgent situations where time is critical.

Fax.Plus automatically retries on busy lines to ensure delivery. Long documents or repeated retries may add a few minutes. Delivery confirmations are provided for every fax, so build time for review into urgent workflows.

Secure Medical Record Faxing with Fax.Plus

Fax.Plus reduces risk while keeping teams productive.

  • Meets HIPAA requirements, HIPAA mode contains PHI within the secure portal. A signed BAA is available for covered entities and their business associates.

  • Stores data in highly secure centers across multiple countries, with the ability to choose storage location to meet regional data residency laws.

  • Uses 256-bit Advanced Encryption Standard (AES) for data at rest and in transit.

  • Supports role-based access.

  • Provides delivery confirmations and instant retry on busy lines for reliable transmission.

HIPAA Plan

Why Fax.Plus

Select a HIPAA-compliant service that scales. Fax.Plus offers straightforward onboarding, number porting, granular permissions, data residency options, and an API for automation, useful for clinics, hospitals, labs, and public health agencies.

Extremely Secure Solution

Built-in HIPAA Compliance

Fax.Plus is designed as a HIPAA compliant faxing solution with multiple layers of protection. Fax.Plus provides a signed BAA with enterprise accounts.
All Fax Functions In Your Own App

Access to PHI Records

Streamline record management by accessing audit trails of sent faxes. Easily search your archive using dedicated notes to find stored faxes, saving time and improving efficiency.
advanced_security_controls icon

Secure HIPAA fax

We use strong 256-bit AES encryption for stored documents, with each user having their own unique encryption key.
Dedicated Support

Advanced admin controls

Streamline staff management with flexible tools to enhance security, compliance, and operational efficiency.
Keep Your Current Fax Numbers

Easy Workflow for Staff

Our user-friendly apps bypass the complexity of Radiology Information Systems (RIS), Electronic Health Records (EHR), and Practice Management (PM) systems.
Seamless Integrations

Cost Efficiency

Enjoy visibility of all expenses, choosing from various plans tailored to meet admin demands, including options for high-volume needs.

FAQs

Can You Fax Medical Records?
Arrow
Yes, if you follow HIPAA safeguards. Use a HIPAA-compliant fax service like Fax.Plus, limit access with roles and MFA, include a confidential cover sheet, verify the number, and keep delivery confirmations and audit logs. Fax.Plus supports these controls and offers a BAA.
What are the requirements for faxing medical records?
Arrow
Secure transport, verified identity, minimum necessary data, and documentation. Confirm patient authorization, encrypt data in transit and at rest, use a confidential cover sheet, double-check the destination, and retain delivery proof and audit logs. Document your policy and train staff.
How do I create a HIPAA-compliant fax cover sheet?
Arrow
To create a HIPAA compliant fax cover sheet keep it simple and protective. Include sender and recipient details, date, purpose, callback number, total page count, and a short confidentiality notice. Avoid unnecessary PHI, use only the minimum required to identify the patient.
What if a fax is sent to the wrong number?
Arrow
Treat it as a potential breach. Follow your incident response plan: notify privacy/security leads, attempt to retrieve or destroy the misdirected information, document the event in your log, and determine if breach notification is required. Tighten number verification to prevent repeats.
Can Fax.Plus integrate with my EHR or email?
Arrow
Use the Fax.Plus API or routing rules to file faxes to the right team inbox or workflow. In HIPAA mode, PHI is not sent as email attachments; staff view documents in the secure portal.
Do I need a BAA to use Fax.Plus in healthcare?
Arrow
Yes, if you are a covered entity or a business associate. Fax.Plus provides a BAA so you can use the platform for ePHI.
Can I keep my existing fax numbers?
Arrow
Yes. Port your numbers to Fax.Plus to avoid changing contact information or disrupting patient and partner communications.

Discover Fax.Plus,
HIPAA compliant fax solution.

Want to see how our cutting-edge faxing solution can help your healthcare organisation?
Schedule a demo and one of our representatives will contact you for a customized demonstration.

Schedule a Demo

DISCLAIMER: The information on this site is for general information purposes only, and Alohi cannot guarantee that all the information on this site is current or accurate. This is not intended to be legal advice and should not be a substitute for professional legal advice. For legal advice, consult a licensed attorney regarding your specific legal questions.

Partner with us!

Join our affiliate program and deliver exceptional online faxing solutions to your audience.
Become a Partner
ALOHI Products
Sign.Plus logoSign.Plus logoFax.Plus logoScan.plus logo
solutions
E-SignatureAI PhoneOnline FaxingMobile ScannerEnterprise E-SignatureEnterprise Faxing
pricing
Sign.Plus PricingDial.Plus PricingFax.Plus PricingBundle Offerings
DEVELOPERS
Developer CenterSign.Plus APIFax.Plus APIFree Developer Account
Resources
Help CenterBlogRelease NotesSystem Status
Company
About AlohiPressCareersAffiliate ProgramLegalContact Us
Trust & Security
Trust CenterSecurity OverviewComplianceData ResidencyE-Signature Legality Guide
Built with support from
Swiss confederation flag
gdpr compliant scan.plusccpa compliant scan.plusiso 27001 compliant scan.plussoc 2 compliant scan.plushipaa compliant scan.plus
scan on google playscan on apple device iphone
Copyright © 2025 Alohi
Terms of ServicePrivacy PolicyCookie Settings
English