Secure Faxing

A: The technical details of our transport security depend on the method being used to send and receive faxes via FAXAGE. We support faxing through email, our website and our API. Each is detailed below:

Website faxing - is protected by industry-standard TLS/SSL

API faxing - is protected by industry-standard TLS/SSL

Fax by App - is protected by industry-standard TLS/SSL

Print to fax - is protected by industry-standard TLS/SSL

Email fax receiving - can be secured in one of four ways:

1. Our email fax servers are TLS (encrypted email) enabled and will utilize TLS when sending you email if your email server is configured to support TLS connections.
2. There is a 'secure email' option that can be enabled by you. This option sends a link to download your fax via SSL rather than the fax itself.
3. You may upload your PGP key into the FAXAGE system. We will then PGP encrypt all faxes we send to you in your email.
4. We support setting a per-user password in the FAXAGE system, which will password protect all emailed fax PDF's.

Email fax sending - can be secured in one of two ways:

1. Our TLS support allows your email server to encrypt outbound faxes being sent to us via email.
2. You may utilize our public PGP key, which is available from public key servers under pgp@faxage.com and is also available for download from within the FAXAGE website after logging in. You can then encrypt your attachments when sending faxes with your email.

For both inbound and outbound email faxing, it is your responsibility to ensure that your email server is appropriately configured to support TLS if server to server transport security is desired. Otherwise, PGP support is also available to encrypt the attachments.

A: FAXAGE is fully compliant with current PCI regulations for cardholder information security including encryption via SSL when you give us your credit card information and encryption when the information is stored.

A: Technically, our security measures can comply with HIPAA, SOX and GLB regulatory requirements. Additionally, our HITRUST Certification includes the HIPAA Security Rule as well as the base CSF NIST compliance factors. In order to fully evaluate our system against your specific needs, we recommend:

1. Download our Secure Internet Faxing Data Sheet and review our security measures against your requirements
2. Evaluate our security against your controls needs
3. For HIPAA compliance, you may need a business associate agreement (BAA) in place with us. If this is the case, please email us to request a copy of our standard BAA at support@faxage.com. We will work with you on putting the necessary agreement in place. Also, please see our HIPAA Faxing Checklist for guidance on HIPAA compliance with FAXAGE. Our HIPAA Compliant Fax Solutions page has more details as well.

A: System auditing is the ability to see the 'Who', 'What' and 'When' related to authorized users taking actions within your FAXAGE account. For example, sending a fax, downloading a received fax, deleting a fax, changing a password, and so forth.

Having an audit trail is important for compliance purposes as well as generally to make sure that authorized users are using the FAXAGE system in an accountable fashion.