HIPAA-Compliant Faxing.
No Machine Required.
Send protected health information by fax, from your browser. Browser-based processing. TLS encryption. No document storage. Free to start.
2 free faxes per month. No account required.
How it works
How FaxDrop handles your health documents
Every step from upload to delivery is designed to minimize PHI exposure.
Browser-based processing
Your document is processed locally on your device. No server-side storage before transmission.
TLS-encrypted upload
The document transmits to Sinch's fax infrastructure over a 256-bit TLS-encrypted connection.
PSTN fax delivery
Sinch delivers the fax over the Public Switched Telephone Network. Point-to-point. No server in between.
Immediate file deletion
FaxDrop deletes your document immediately after the fax is sent. No document retention. Period.
FaxDrop uses Sinch as its fax carrier. Sinch is a publicly traded communications platform (Sinch AB, Nasdaq Stockholm) that offers a Business Associate Agreement for healthcare use cases.
The requirements
What makes a fax service HIPAA compliant
Not every online fax tool qualifies. HIPAA compliance for a fax service comes down to four specific things.
Business Associate Agreement (BAA)
Any service that handles PHI on behalf of a covered entity needs a signed BAA. This is a legal contract where the provider agrees to protect PHI under HIPAA rules. No BAA means no HIPAA compliance. FaxDrop's fax carrier Sinch offers a BAA for healthcare use cases.
Secure transmission (TLS)
The upload path from your device to the fax service needs TLS encryption. The fax itself travels over PSTN (point-to-point circuit), which is inherently secure. FaxDrop uses 256-bit TLS for all document uploads.
Access controls and audit trails
HIPAA requires covered entities to limit PHI access to authorized users. For fax services, this means authentication, delivery tracking, and confirmation that the fax reached the intended recipient. FaxDrop sends delivery confirmation on every fax.
Clear data handling and deletion policies
How long does the service store your documents? Where are they stored? Can they be deleted on demand? FaxDrop deletes document content immediately after the fax is sent. Only metadata (number, timestamp, status) is retained for your history.
Side by side
FaxDrop vs other HIPAA fax services
Most HIPAA fax services charge $10 to $20 per month. FaxDrop starts free.
| Service | BAA available | Browser-based | No doc storage | TLS encryption | Free HIPAA tier |
|---|---|---|---|---|---|
| FaxDropRecommended | Yes | Yes | Yes | Yes | Yes |
| eFax | Yes | No | No | Yes | No |
| Fax.Plus | Yes | No | No | Yes | No |
| iFax | Yes | No | No | Yes | No |
eFax, Fax.Plus, and iFax require paid subscriptions for HIPAA-covered use cases. FaxDrop is free to start.
Use cases
Who needs HIPAA-compliant fax
Doctor's offices and clinics
Referrals, prior authorizations, prescription requests, and patient records all move by fax daily.
Learn moreDentists and dental offices
Treatment records, X-ray referrals, insurance pre-authorizations, and patient coordination.
Learn moreMental health providers
Therapist intake forms, treatment summaries, and referrals require extra privacy protection.
Learn morePharmacies
Prescription transfers, insurance verifications, and controlled substance documentation.
Learn moreHealth insurance companies
Prior authorization requests, claims processing, appeals, and member correspondence.
Learn moreAccountants and tax professionals
Financial records and tax filings involving health data require compliant transmission.
Learn moreSend a HIPAA-compliant fax in under 60 seconds.
No fax machine. No monthly subscription. 2 free faxes included. Read the full HIPAA fax guide for technical details.
Common questions
HIPAA fax questions, answered
Is faxing HIPAA compliant?
Yes. The U.S. Department of Health and Human Services (HHS) confirms that fax is an acceptable method for transmitting protected health information (PHI). Fax travels over a point-to-point telephone circuit, which is harder to intercept than email. HIPAA does not require encryption during fax transmission.
Is FaxDrop HIPAA compliant?
FaxDrop processes documents in the browser and transmits them over TLS-encrypted connections. Documents are not stored after the fax is sent. FaxDrop uses Sinch as its fax carrier, and Sinch offers a Business Associate Agreement (BAA) for healthcare use cases covering the fax transmission pipeline.
What is a BAA and do I need one?
A Business Associate Agreement (BAA) is a contract required by HIPAA when a third-party service handles protected health information (PHI) on behalf of a covered entity. If you are a healthcare provider, payer, or clearinghouse using FaxDrop for PHI, a BAA with the underlying fax carrier (Sinch) is in place. Individual patients faxing their own records do not need a BAA.
Does FaxDrop store my medical documents?
No. FaxDrop processes documents in the browser when possible and does not retain document content after transmission. Files are deleted immediately after the fax is sent. Metadata (fax number, timestamp, delivery status) is retained for your fax history.
How does browser-based processing help with HIPAA?
Browser-based processing means your document is handled locally on your device before being transmitted. The document is not uploaded to a server for storage or processing. This reduces the exposure window for PHI and eliminates server-side document retention risk.
What are the most common HIPAA fax violations?
The most common HIPAA fax violation is a wrong fax number. One transposed digit can send patient records to an unintended recipient. Other violations include fax machines in public areas, missing cover pages, and no delivery confirmation. FaxDrop provides delivery confirmation on every fax.
Can I send HIPAA faxes for free?
Yes. FaxDrop includes 2 free faxes per month with no account required. For healthcare providers sending PHI regularly, paid credits start at $1.99 per fax with no subscription required.
Send a HIPAA-Compliant Fax Free
No fax machine. No subscription. Browser-based processing. TLS encryption. Files deleted after sending. Two free faxes every month.
Send Your Free FaxFAQs
Frequently Asked Questions
Is faxing HIPAA compliant?+
Yes. The U.S. Department of Health and Human Services (HHS) confirms that fax is an acceptable method for transmitting protected health information (PHI). Fax travels over a point-to-point telephone circuit, which is harder to intercept than email. HIPAA does not require encryption during fax transmission.
Is FaxDrop HIPAA compliant?+
FaxDrop processes documents in the browser and transmits them over TLS-encrypted connections. Documents are not stored after the fax is sent. FaxDrop uses Sinch as its fax carrier, and Sinch offers a Business Associate Agreement (BAA) for healthcare use cases covering the fax transmission pipeline.
What is a BAA and do I need one?+
A Business Associate Agreement (BAA) is a contract required by HIPAA when a third-party service handles protected health information (PHI) on behalf of a covered entity. If you are a healthcare provider, payer, or clearinghouse using FaxDrop for PHI, a BAA with the underlying fax carrier (Sinch) is in place. Individual patients faxing their own records do not need a BAA.
Does FaxDrop store my medical documents?+
No. FaxDrop processes documents in the browser when possible and does not retain document content after transmission. Files are deleted immediately after the fax is sent. Metadata (fax number, timestamp, delivery status) is retained for your fax history.
How does browser-based processing help with HIPAA?+
Browser-based processing means your document is handled locally on your device before being transmitted. The document is not uploaded to a server for storage or processing. This reduces the exposure window for PHI and eliminates server-side document retention risk.
What are the most common HIPAA fax violations?+
The most common HIPAA fax violation is a wrong fax number. One transposed digit can send patient records to an unintended recipient. Other violations include fax machines in public areas, missing cover pages, and no delivery confirmation. FaxDrop provides delivery confirmation on every fax.
Can I send HIPAA faxes for free?+
Yes. FaxDrop includes 2 free faxes per month with no account required. For healthcare providers sending PHI regularly, paid credits start at $1.99 per fax with no subscription required.
Security & Compliance
HIPAA Compliant
Signed BAA on file · No document retention
PCI DSS Level 1
Payments secured by Stripe · No card data touches our servers
256-bit SSL
End-to-end TLS 1.2+ encryption in transit
Zero Retention
Files deleted immediately after transmission completes