I’ll admit, I’m pretty frustrated right now lol. me and my doctor have been trying to submit a referral to a specialist but for the last several weeks, when i call them, they still haven’t gotten it yet. they told me it’s because they only have one fax machine so it refuses any incoming faxes if it’s in the middle of printing a different one.
my problem is, why haven’t we come up with a more modern and secure way of sending medical files?!?! am i crazy for thinking this is a super unprofessional and unnecessary barrier to care?
luckily I’m mobile enough to drive a physical copy to their location, but not everybody who needs to see this type of doctor can do that, nor should they have to.
In the eyes of the law, a fax is a secure way to send personal information. An email, even an encrypted one, is not. We need to fix the law, but lawmakers as a rule do not understand technology.
Speaking as someone who works directly in the field: this is just plain factually incorrect. Encrypted email is compliant with patient privacy regulations in the US.
The issue is entirely cultural. Faxes are embedded in many workflows across the industry and people are resistant to change in general. They use faxes because it’s what they’re used to. Faxes are worse in nearly every way than other regulatory-compliant means of communication outside of “this is what we’re used to and already setup to do.”
I am actively working on projects that involve taking fax machines away from clinicians and backend administrators. There are literally zero technical or regulatory hurdles; the difficulty is entirely political.
I work with healthcare software so I can echo most of what you’re saying.
The thing is the lowest common denominator is a fax (usually a fax server that creates a PDF or TIFF of what comes over the wire), so that’s what people go with. It’s the interoperability between different systems that’s the problem. There’s no one standard…except for faxes.
There’s no one standard…except for faxes.
HL7 and FHIR have been around for decades. Exchanging data is actually the easy part.
The problem is typically more on the business logic side of things. Good example is the fact that matching a patient to a particular record between facilities is a much harder problem than people realize because there are so many ways to implement patient identifiers differently and for whoever inputs a record to screw up entry. Another is the fact that sex/gender codes can be implemented wildly differently between facilities. Matching data between systems is the really hard part.
(I used to do HL7 integration, but have since moved more to the systems side of things).
“embedded in many workflows”
Key statement right there.
And once people see what that really means, and what it would take to move past it (including time, cost, and risk), they may start to understand. You’re dealing with it first hand, so you know what’s involved.
It became the de facto way to send stuff with high confidence it went to the right place. Then tech addressed the paper-to-paper over one phone line issue with modem banks into a fax server. So all the same fundamental comm tech (so fully backwards-compatible), but a better solution for the company with that infrastructure. Such a company has little motivation to completely change to something new, since they’d have to retain this for anyone that hasn’t switched. Chicken-and-egg problem, that’s slowly moving forward.
It’ll be a long time before it’s gone completely. Perhaps in 20 years, but I suspect fax will still be around as a fallback/compatibility.
Such a company has little motivation to completely change to something new, since they’d have to retain this for anyone that hasn’t switched.
They’ve had motivation since the HITECH Act passed in 2009. Medicare/Medicaid compensation is increasingly directly tied to real adoption of modern electronic records, availability, and interoperability. Most healthcare orgs rely heavily on Medicare/Medicaid revenue, so that’s a big, big deal.
You’re dealing with it first hand, so you know what’s involved.
I do. Which is why I’m actively and aggressively removing fax machines from our environment. Efaxing (e.g., fax-to-email gateways) will stick around for back-compatibility purposes with outside organizations, but the overall industry trend is to do everything you can to minimize the footprint of fax machines because they’ve traditionally been used in ways that will cost the company serious revenue if they cause you to miss CMS measures.
We need to try and bankrupt any company that produces fax machines.
The industry will need to adapt once fax machines aren’t produced anymore.
And just try to get regular people to use email encryption. Yes, it could be signed to show that it hasn’t been altered, but then most users can’t even figure out where a file has been saved.
So they use faxes.
Here (not US) they’ve tried implementing a dedicated “secure email platform” for medical professionals so that they can exchange patient data. It’s both progress and kind of idiotic, but it’s not very widely used (because now, they have yet another email address to manage, on top of the six they already have to use).
Secure email is nearly always implemented as a portal-based system in practice. It’s also typically only used for one-off exchanges. It’s not our first-line method of communication, but it gets used within the facility literally every day.
HIE portals are more commonly used for provider-to-provider exchange that doesn’t justify full data integration.
At any rate, the fundamental point stands: regulatory compliance has absolutely nothing to do with why faxes are still in use in the industry.
You’re both right.
Faxes in the eyes of the law are secure, for any privileged or confidential info. So are secured emails, last I checked.
this makes no sense to me when patient portals exist. why isn’t there a provider portal that can handle sending medical info back and forth? I can see all my medical details online already.
See, you’re thinking 21st century, but this is both a healthcare management technology and a government regulation issue, so you’re 2 centuries too new. We need to go back to 1843 with the electric printing telegraph, which used pendulums and electric signals to scan images and send them over telegraph wires. That’s where healthcare technology regulations stopped.
That is patently false. Encrypted email and patient portals are absolutely allowed under regulation.
What you have here is a practice that has probably been in operation since the 80s or before, and they refuse to change their ways.
Providers have a market incentive to provide the most convenient experience to their patients. The market incentive does not exist for sending information to other providers so they will take the path of least resistance to be compliant with regulation
read my post again. this is a provider that is probably losing business because people can’t get their referral in to see them unless they walk it through the door themselves. how is that convenient?
m banks into a fax server. So all the same fundamental comm tech (so fully backwards-compatible), but a better solution for the company with that infrastructure. Such a company has little motivation to completely change to something new, since they’d have to retain this for anyone that hasn’t switched. Chicken-and-egg problem, that’s slowly moving forward.
Thats the thing. Most if not all insurance companies HAVE provider portals. They cannot get rid of fax until every mom and pop clinic, dentist office, and hospital use these portals.
Example of a Provider Portal: https://www.floridablue.com/providers https://healthy.kaiserpermanente.org/northern-california/community-providers/claims
I mean, from a technological perspective email, even encrypted, really isn’t that secure. That being said neither is fax but…