In some cases that's unacceptable. I know according to the HIPAA laws, information can only be delivered in person or sent via fax. Scanning and emailing PDFs is not allowed.
Where do you get this idea? I used to work in an insurance office, and while I was there I was on the HIPAA compliance team. I looked at a lot of HIPAA documents, and none of what I saw ever specified one modality of transmission over another. Compliance was specified in terms of due diligence, not in terms of procedures: as long as you could document that you'd done everything reasonable to secure any PHI, you were in compliance.
Sending a fax can be a compliant transmission, if you take certain steps but it's not specified as such in the law as far as I could see.
I was told by my health insurance agent that emailing documents was considered insecure, and therefore illegal. But hell, he could've just been lazy for all I know. Hopefully I'll never need to meet with him again.