The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

Online faxing, also called internet faxing or e-faxing, allows for the sending or delivery of faxes via the internet without the need of a dedicated phone line or a fax machine. It may be offered as a subscription service, and may form part of a wider package of cloud-based communications products.

Online faxing may offer benefits such as reduced infrastructure cost, ensuring the receipt of documents and enabling faxes to be sent and received from anywhere with an internet connection. From a security perspective any benefits will depend on how the particular service is implemented. For example, faxes could be delivered to the email inbox of the recipient rather than immediately printed on receipt by the fax machine. Online services may also offer additional encryption whilst the data is in transit – although the actual extent of protection may be limited. It is also the case that sending a fax to an email inbox would be at risk from a similar set of security risks as sending personal information entirely via email.

When deciding whether to use online faxing, some factors to consider may include:

  • whether the provider offers encryption of any part of its services and faxes sent through them, as standard or for additional cost;
  • similarly, whether the provider offers secure online storage, and whether it includes additional features (eg, the ability to delete faxes from its servers upon delivery in cases where sensitive information may be sent);
  • whether the provider offers an audit trail of faxes sent and received through its servers; and
  • where the provider's services are located and whether they are based in a secure environment.

Use of online faxing has grown in some sectors, such as housing and healthcare. Where sensitive personal data are likely to be transmitted using online faxing, it is important to make sure that suitable technical and organisational safeguards for the transmission and/or storage of data are in place.