Sending Faxes with T.38 - Legal through AREDN?

OK I'm hoping to receive not just opinions on this, but facts (and sources) to back up your position.

I was asked by my local EOC whether fax machines could be hooked up to the AREDN network.  As it turns out, YES, they can and it works.  

Why fax machines?  Well there are certainly many use cases, but the one that is most obvious is HIPPA compliance. According to this article (which I found on the Internet so it must be true, right), fax via T.38 (which is most fax machines) is HIPPA compliant.  https://www.healthitoutcomes.com/doc/ways-cloud-faxing-is-hipaa-compliant-0001

Another use case is that we save time and can be 100% accurate by sending an original, signed ICS form rather than copying everything from a written form to a digital form.  I can send a dozen or so original ICS forms via fax in the same amount of time it would take to copy and send them via Winlink.  We truly become the "conduit" in that transaction and wouldn't have to worry about messing up the message.

I've heard concerns from emergency managers, hospitals, etc. that sending sensitive patient information over the air, whether by voice or digitally via Winlink is a concern since it can be intercepted.  We use Winlink as a means of "security by obscurity" assuming of course nobody would maliciously want to intercept our transmissions.  It's not 100% safe, but it's pretty good - or so we tell the emergency managers.

Anyway, assuming fax via T.38 is perfectly HIPPA compliant, my only concern as a ham operator is - am I sending a message in violation of FCC rules?  Is it "encoded for the purpose of obscuring their meaning" per Section 97.113(a)(4)?  I would argue that we're not obscuring the meaning of the transmission at all, but rather, we are simply securing its transmission from interception in order to comply with HIPPA rules.  But I'd like to see some educated responses on the subject. 

P.S. We all know that the HIPPA rules and perhaps even the FCC rules will be thrown out during real emergencies.  I for one am going to get the message through and worry about the punishment later if it's a life or death choice.  But for exercises, I don't want to set a bad example if this could get operators in trouble.

P.S.S. If you want to know HOW I did this, I will be writing an article on the setup soon.

---mark, KM6ZPO