Fax Security Issues When Sending and Receiving Medical Records & How to Decrease Risks to Patient Privacy When Faxing


The benefits that come from transmitting patients’ records more rapidly using technology must be balanced against patient privacy. This article considers the use of faxes to transmit information. Faxes are possibly the most vulnerable mode of transmission available and involve a high risk of error and unauthorized disclosure. For those not dissuaded from sending faxes, the article offers some ways to minimize risks.

The Threat From Faxes

Faxes have a high risk of error inherent in their transmission. The destination is entered as a numeric string which is much more error prone than entering words. Some sources estimate that up to 30% of faxes do not meet their correct destinations. (Source:AllBusiness.com)

If the fax reaches the correct destination, then it may be misinterpreted since the information may be handwritten or obscured in transmission. Finally, the sender cannot control the security of the destination where the information may arrive. For all of these reasons transmission by secure encrypted email or other forms of electronic transmission is nearly always preferable.

Minimizing Risk if You Must Use a Fax

If you must send a fax, than telephone ahead. Notify the intended recipient that you’re about to fax a sensitive document, and ask them to wait at the fax machine until it is received to prevent it being picked up and read by the wrong person. Ask them to call back when the fax has been safely received.

The fax cover sheet should carry a warning that makes clear the fax you’re sending is confidential, and only to be viewed by the person to whom it’s addressed. Further, the cover sheet should also instruct the recipient to destroy the document after reading it.

Another possibility is the use of Internet-based faxing that allow you to send and receive faxes via e-mail. This can enable you to use all of the additional safeguards of e-mail to protect your patient information. However, for full benefit, you need to be able to control both ends of the process. If you can do this, then why not simply use emails with scanned image attachments when required?


Faxes are not a good way to transmit sensitive data. In spite of this, faxes are still widely used to transmit patient information. Alternatives do exist, especially through the use of more secure encrypted electronic transmission. Where more secure transmission methods exists, there is little excuse for the continued use of faxes. People worry about the privacy of electronic records, but faxes are much worse