117

I'll admit, I'm pretty frustrated right now lol. me and my doctor have been trying to submit a referral to a specialist but for the last several weeks, when i call them, they still haven't gotten it yet. they told me it's because they only have one fax machine so it refuses any incoming faxes if it's in the middle of printing a different one.

my problem is, why haven't we come up with a more modern and secure way of sending medical files?!?! am i crazy for thinking this is a super unprofessional and unnecessary barrier to care?

luckily I'm mobile enough to drive a physical copy to their location, but not everybody who needs to see this type of doctor can do that, nor should they have to.

top 47 comments
sorted by: hot top controversial new old
[-] Nemo@slrpnk.net 74 points 1 week ago

In the eyes of the law, a fax is a secure way to send personal information. An email, even an encrypted one, is not. We need to fix the law, but lawmakers as a rule do not understand technology.

[-] commandar@lemmy.world 87 points 1 week ago* (last edited 1 week ago)

Speaking as someone who works directly in the field: this is just plain factually incorrect. Encrypted email is compliant with patient privacy regulations in the US.

The issue is entirely cultural. Faxes are embedded in many workflows across the industry and people are resistant to change in general. They use faxes because it's what they're used to. Faxes are worse in nearly every way than other regulatory-compliant means of communication outside of "this is what we're used to and already setup to do."

I am actively working on projects that involve taking fax machines away from clinicians and backend administrators. There are literally zero technical or regulatory hurdles; the difficulty is entirely political.

[-] stinerman@midwest.social 22 points 1 week ago

I work with healthcare software so I can echo most of what you're saying.

The thing is the lowest common denominator is a fax (usually a fax server that creates a PDF or TIFF of what comes over the wire), so that's what people go with. It's the interoperability between different systems that's the problem. There's no one standard...except for faxes.

[-] commandar@lemmy.world 8 points 1 week ago* (last edited 1 week ago)

There’s no one standard…except for faxes.

HL7 and FHIR have been around for decades. Exchanging data is actually the easy part.

The problem is typically more on the business logic side of things. Good example is the fact that matching a patient to a particular record between facilities is a much harder problem than people realize because there are so many ways to implement patient identifiers differently and for whoever inputs a record to screw up entry. Another is the fact that sex/gender codes can be implemented wildly differently between facilities. Matching data between systems is the really hard part.

(I used to do HL7 integration, but have since moved more to the systems side of things).

[-] stinerman@midwest.social 4 points 1 week ago

I work in a particularly niche area (home infusion/home medical equipment) and while HL7 and FHIR are indeed things, practically no software that was built for those lines of business had any sort of module for that. We have a FHIR interface now and...no one uses it. They prefer faxes.

[-] commandar@lemmy.world 3 points 1 week ago* (last edited 1 week ago)

That's likely a peculiarity of the niche you're in. HL7/FIHR are the norm for enterprise-level systems. Hospitals couldn't function without it and at any given time we typically have multiple HL7 integration projects rolling just as a mid-size regional.

Definitely less defined in the small-practice and patient-side space. Though, like I said, the big problem there ends up being data normalization anyway.

[-] Bo7a@lemmy.ca 3 points 1 week ago

I feel this - I'm often on the other end working with data from clinicians in the field for massive studies. The forms that come in can have an infinite number of possibilities just for noting sex. Enough so that our semantic layer needs a human reviewer because we keep finding new ways field clinicians have of noting this. Now imagine that over the whole gamut of identifiers.

tl:dr - Humans are almost always the problem in data harmonization.

[-] mesamunefire@lemmy.world 1 points 1 week ago

EDI as well

[-] BearOfaTime@lemm.ee 7 points 1 week ago* (last edited 1 week ago)

"embedded in many workflows"

Key statement right there.

And once people see what that really means, and what it would take to move past it (including time, cost, and risk), they may start to understand. You're dealing with it first hand, so you know what's involved.

It became the de facto way to send stuff with high confidence it went to the right place. Then tech addressed the paper-to-paper over one phone line issue with modem banks into a fax server. So all the same fundamental comm tech (so fully backwards-compatible), but a better solution for the company with that infrastructure. Such a company has little motivation to completely change to something new, since they'd have to retain this for anyone that hasn't switched. Chicken-and-egg problem, that's slowly moving forward.

It'll be a long time before it's gone completely. Perhaps in 20 years, but I suspect fax will still be around as a fallback/compatibility.

[-] commandar@lemmy.world 4 points 1 week ago

Such a company has little motivation to completely change to something new, since they’d have to retain this for anyone that hasn’t switched.

They've had motivation since the HITECH Act passed in 2009. Medicare/Medicaid compensation is increasingly directly tied to real adoption of modern electronic records, availability, and interoperability. Most healthcare orgs rely heavily on Medicare/Medicaid revenue, so that's a big, big deal.

You’re dealing with it first hand, so you know what’s involved.

I do. Which is why I'm actively and aggressively removing fax machines from our environment. Efaxing (e.g., fax-to-email gateways) will stick around for back-compatibility purposes with outside organizations, but the overall industry trend is to do everything you can to minimize the footprint of fax machines because they've traditionally been used in ways that will cost the company serious revenue if they cause you to miss CMS measures.

[-] AnUnusualRelic@lemmy.world 1 points 1 week ago

And just try to get regular people to use email encryption. Yes, it could be signed to show that it hasn't been altered, but then most users can't even figure out where a file has been saved.
So they use faxes.

Here (not US) they've tried implementing a dedicated "secure email platform" for medical professionals so that they can exchange patient data. It's both progress and kind of idiotic, but it's not very widely used (because now, they have yet another email address to manage, on top of the six they already have to use).

[-] commandar@lemmy.world 1 points 1 week ago

Secure email is nearly always implemented as a portal-based system in practice. It's also typically only used for one-off exchanges. It's not our first-line method of communication, but it gets used within the facility literally every day.

HIE portals are more commonly used for provider-to-provider exchange that doesn't justify full data integration.

At any rate, the fundamental point stands: regulatory compliance has absolutely nothing to do with why faxes are still in use in the industry.

[-] Pyr_Pressure@lemmy.ca 1 points 1 week ago

We need to try and bankrupt any company that produces fax machines.

The industry will need to adapt once fax machines aren't produced anymore.

[-] yabai@lemmy.world 1 points 1 week ago

Unfortunately, supply and demand dictates that new manufacturers will pop up in place

[-] JustZ@lemmy.world 0 points 1 week ago

You're both right.

Faxes in the eyes of the law are secure, for any privileged or confidential info. So are secured emails, last I checked.

[-] commandar@lemmy.world 3 points 1 week ago* (last edited 1 week ago)

To be clear, this is specifically what I was calling incorrect:

An email, even an encrypted one, is not.

Faxes are one compliant means of electronic communication. They're just not the only one. Secure email is fine.

[-] cheers_queers@lemm.ee 13 points 1 week ago

this makes no sense to me when patient portals exist. why isn't there a provider portal that can handle sending medical info back and forth? I can see all my medical details online already.

[-] halcyoncmdr@lemmy.world 7 points 1 week ago

See, you're thinking 21st century, but this is both a healthcare management technology and a government regulation issue, so you're 2 centuries too new. We need to go back to 1843 with the electric printing telegraph, which used pendulums and electric signals to scan images and send them over telegraph wires. That's where healthcare technology regulations stopped.

[-] 4am@lemm.ee 5 points 1 week ago* (last edited 1 week ago)

That is patently false. Encrypted email and patient portals are absolutely allowed under regulation.

What you have here is a practice that has probably been in operation since the 80s or before, and they refuse to change their ways.

[-] BearOfaTime@lemm.ee 4 points 1 week ago

Well before.

And "refuse to change their ways" - are you going to underwrite the project to implement a transition and hold all the liability for the risks?

Its not like changing systems is just a click of a button, this is an extensive project, that you better get right or you're dealing with records going the wrong way, potentially having serious life and safety implications.

Plus, you have to maintain this legacy fax system because not everyone else has migrated to something new. So for the remainder of your career, it still doesn't go away, and you'll have to continue to pay for its maintenance.

Companies have systems they've built up over years, that works. They'll move forward as it makes fiscal sense.

[-] halcyoncmdr@lemmy.world 2 points 1 week ago

I never claimed that email or patient portals weren't allowed.

[-] TORFdot0@lemmy.world 1 points 1 week ago

Providers have a market incentive to provide the most convenient experience to their patients. The market incentive does not exist for sending information to other providers so they will take the path of least resistance to be compliant with regulation

[-] cheers_queers@lemm.ee 2 points 1 week ago

read my post again. this is a provider that is probably losing business because people can't get their referral in to see them unless they walk it through the door themselves. how is that convenient?

[-] King_Bob_IV@startrek.website 2 points 1 week ago

I have never seen a specialist without a giant wait-list. These providers tend to have too many patients so they have a negative incentive for trying to make it easier to reach them.

[-] Killn1@lemmy.world 1 points 1 week ago* (last edited 1 week ago)

m banks into a fax server. So all the same fundamental comm tech (so fully backwards-compatible), but a better solution for the company with that infrastructure. Such a company has little motivation to completely change to something new, since they’d have to retain this for anyone that hasn’t switched. Chicken-and-egg problem, that’s slowly moving forward.

Thats the thing. Most if not all insurance companies HAVE provider portals. They cannot get rid of fax until every mom and pop clinic, dentist office, and hospital use these portals.

Example of a Provider Portal: https://www.floridablue.com/providers https://healthy.kaiserpermanente.org/northern-california/community-providers/claims

[-] Num10ck@lemmy.world 1 points 1 week ago

because the referring physicians refuse to log into multiple systems and the providers refuse to log into multiple systems and theres no universal trusted system.

[-] satans_methpipe@lemmy.world 1 points 1 week ago

Vanilla facsimile is not secure at all.

[-] Vendetta9076@sh.itjust.works -1 points 1 week ago

I mean, from a technological perspective email, even encrypted, really isn't that secure. That being said neither is fax but...

[-] Fluffy_Ruffs@lemmy.world 5 points 1 week ago

Encryption would protect an email in flight and prevent interception. Faxes have no such capability and are entirely susceptible to being tapped.

[-] Kolanaki@yiffit.net 19 points 1 week ago

Shit, they could just get a better fucking FAX machine that can put new incoming faxes into a queue. The last fax machine I used (like well over a decade ago) could at least do that.

[-] cheers_queers@lemm.ee 6 points 1 week ago

no kidding! i have enough to deal with, without having to babysit a doctor's office that won't update their equipment.

[-] Brkdncr@lemmy.world 5 points 1 week ago

You can even have multiple fax machines on the same phone number if you really need it.

[-] deranger@sh.itjust.works 14 points 1 week ago

Referrals are electronic for those running a modern EMR, like Epic. The systems exist, it’s up to both sides to implement them.

[-] cheers_queers@lemm.ee 2 points 1 week ago

thank you, this is exactly the type of answers i was hoping for!

[-] Today@lemmy.world 7 points 1 week ago

I have to fax docs a lot. Couple of years ago we started using stonefax so it's like an email. I wish the faxing was the worst part - most take 1-3 calls to the doc to get them sent back.

[-] pmk 7 points 1 week ago

Where I work, the fax was a way to ensure that information could be sent in multiple ways, if one way would fail. In the medical field (at least where I live) we must have systems with backup systems in a few layers. We have a nice digital medical chart system, and I still have to print out many things and put in a binder that no one ever reads. Because the internet could stop working, or electricity could fail. We even have routines for which types of pen and paper can be used if we need to write things by hand while electricity is gone.

[-] finitebanjo@lemmy.world 4 points 1 week ago

Unfolding a Xerox copy faxed over a phone line wont infect your entire network.

Opening an email, tho...

[-] bjornsno@lemm.ee 7 points 1 week ago
[-] finitebanjo@lemmy.world 2 points 1 week ago

Its not the fax over phone line that was compromised, its the internet connected printer. In fact, HP even has services where you email to your own printer in order to print.

[-] aramis87@fedia.io 1 points 1 week ago

Can you pick it up and deliver it to the new office in person?

[-] henfredemars@infosec.pub 0 points 1 week ago
[-] cheers_queers@lemm.ee 4 points 1 week ago

i understand HIPAA. i don't understand why we are still using the technology we started using in the 60s. my question is why haven't we found a better way since then?

[-] droporain@lemmynsfw.com 3 points 1 week ago

You can't even stop junk snail mail or end daylight savings time. Good luck.

[-] halcyoncmdr@lemmy.world 2 points 1 week ago

The "modern" fax machine using telephone was invented in 1964 by Xerox, but technically the fax machine goes back to 1843. Bain patented the electric printing telegraph, which used pendulums and electric signals to scan images and send them over telegraph wires.

[-] tiredofsametab@fedia.io 2 points 1 week ago

it's generally harder to fax to a wrong number, have that actually hit a fax machine, and have it print than to accidentally email the wrong person or something. There are things that could be implemented into certain systems to only send to certain addresses, etc., but that information also exists in multiple places that can be accessed as well. For a fax, the message exists on the sender's side (physical if any, machine memory possibly), receiver's side (same), and briefly on the wire. This is opposed to hard drive, cloud, etc. where it is always vulnerable.

[-] stinerman@midwest.social 1 points 1 week ago

Plenty of people still use landlines. That tech is much older than faxes. Internal combustion engines have been around for about as long. There have been improvements, of course, but the basic idea of spark plugs igniting fuel, which pushes down a piston is quite old.

Like many things the 1960s tech is "good enough" and the government hasn't mandated a specific standard.

this post was submitted on 14 Nov 2024
117 points (97.6% liked)

No Stupid Questions

35870 readers
1324 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.



Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.



Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- Majority of bots aren't allowed to participate here.



Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 1 year ago
MODERATORS