Many applicable laws and regulations, such as HIPAA and PCI, are likely to require companies to protect any sensitive data in their possession or control. You and your company’s management are ultimately responsible for ensuring your company complies with its data protection obligations. TPx’s Virtual Fax service is configured as a useful tool to help your company protect sensitive data sent or received via facsimile transmission.
Here are some details you should know about TPx’s Virtual Fax service and its configuration.
Network Security and Encryption
Virtual Fax uses TLS encryption for all send and receive functions. After a fax is sent or received, it is stored on the Virtual Fax portal behind secure (HTTPS) authentication, although it is not stored with encryption.
Direct Routing of Inbound Faxes
With a traditional fax machine, sensitive documents may sit out in the open or end up with the wrong recipient. TPx’s Virtual Fax service directly routes inbound faxes to their intended recipients by email and/or through the Virtual Fax web portal. Your company’s admin-level user can modify inbound fax routing rules as needed.
The Virtual Fax portal keeps an event log for each fax. The log tracks all activity and changes by the users that accessed or changed that fax.
By default, the Virtual Fax portal stores all faxes and their records for 30 days. TPx offers the option to immediately delete faxes upon completion of a send/receive function so that they are never stored on TPx’s server. Using this option will require you to ensure that your email delivery is working properly, or else you will have no other record of the deleted faxes.
Any users associated with a specific Virtual Fax number may view all of the faxes sent or received on that Virtual Fax number for as long as those faxes exist in the portal.
Your company’s admin-level user for Virtual Fax may view all faxes sent or received for all the Virtual Fax numbers in use by your company, for as long as those faxes exist in the portal. You should exercise due care in selecting your admin user, and ensure that the admin follows your compliance policies.