Most clinics still have one. It sits in the corner, does its job, and nobody questions it.
They should.
As of February 2026, fax machines remain the leading cause of patient privacy breaches in Ontario. In 2021 alone, nearly 5,000 breaches in Ontario happened because a fax went to the wrong number. And the consequences of those mistakes just got a lot more serious.
The Rules Changed. Most Clinics Do Not Know It.
Since January 2024, Ontario’s Information and Privacy Commissioner can issue penalties of up to $50,000 for individuals and $500,000 for organizations under PHIPA.
Those powers are now being used. The first penalty was issued in August 2025 against a physician and his clinic.
For more serious offences the numbers climb higher. An individual can face up to $200,000 and a year in prison. An organization can face up to $1,000,000.
A fax sent to the wrong number is a reportable privacy breach. It always has been. The difference now is that regulators have real financial tools to act on it and they are using them.
The Alternative Is Already There
Here is what surprises most clinics. Secure digital alternatives to fax are very likely already built into the EMR platform you use every day.
Most major Canadian EMRs now include secure messaging, digital referrals, and electronic document delivery as part of their standard offering. Prescriptions, lab results, referral letters, and hospital discharge summaries can all be sent and received digitally, tracked, confirmed, and stored directly in the patient chart automatically.
No paper. No misrouted transmissions. No breach to report.
The Office of the Privacy Commissioner of Canada is actively calling on healthcare organizations to replace fax with encrypted email, secure patient portals, electronic referrals, and electronic prescribing. The infrastructure to do exactly that already exists inside most clinic systems.
So Why Is the Fax Still There?
Habit, mostly. Sometimes cost. Changing a workflow takes time and attention that most clinics simply do not have spare.
But the cost of switching is almost always lower than expected. In many cases the digital tools are already included in your current EMR subscription and simply have not been turned on or configured.
The cost of not switching is harder to predict and potentially far higher.
What to Do Next
Start with a conversation with your EMR provider. Ask them specifically what secure messaging, eReferral, and digital document delivery options are available on your platform. The answer may be closer than you think.
The tools are there. The regulatory pressure is real and escalating. The first step is simply asking the question before a misdirected fax forces the conversation for you.
Sources
Information and Privacy Commissioner of Ontario