Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Just Banned the National Health Service From Buying Any More Fax Machines (qz.com)

Posted by msmash on from the about-time dept.

The UK's NHS will be banned from buying fax machines from next month -- and has been told by the government to phase out the machines entirely by 31 March 2020. From a report: More than 9,000 fax machines are in use by the NHS, a July survey found. All will be replaced by email, according to a report from the BBC. The shift, ordered by UK health secretary Matt Hancock, is intended to improve patient safety and make communications more secure. Rebecca McIntyre, a cognitive behavioral therapist, told the BBC that using fax machines made it difficult to ensure patient's information was actually sent to the right place, and that it wasn't being seen by non-authorized people. "You would not believe the palaver we have in the work place trying to communicate important documents to services (referrals etc)," she said. "We constantly receive faxes meant for other places in error but this is never reported." Further reading: The Fax is Not Yet Obsolete.

111 comments

  1. UK vs. US by dtmos · · Score: 5, Informative

    The fascinating part is that, at least in the health care facilities with which I am familiar, the explanation given for not using fax machines in the UK is the same reason for not using email in the US: Just change "using fax machines made it difficult to ensure patient's information was actually sent to the right place, and that it wasn't being seen by non-authorized people" to "using email made it difficult to ensure patient's information was actually sent to the right place, and that it wasn't being seen by non-authorized people."

    The privacy of a phone call used for a fax is seen by these institutions as greater than the multi-hop routing of Internet email. (It used to be true that one knew (or could find out) a defined physical location for the ends of a phone call, but that, of course, is no longer true.)

    1. Re:UK vs. US by AmiMoJo · · Score: 1, Informative

      While interception of email is possible (although you would hope that they were mostly using transport encryption these days) there are far bigger risks, e.g. sending to the wrong person or the wrong people seeing the paper as it comes out of the fax machine and sits in the in-tray. At least with email there is a decent audit trail too, fax machines at best might store the last N numbers dialed but certainly not the message content.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re: UK vs. US by Anonymous Coward · · Score: 2, Interesting

      It's an occupational hazard. I work for a major US health insurer. We are doing what we can to eliminate faxes and year by year they are less important, but can we talk about secure email? There are so many platforms and for each one you have to have a login. Once you are inside the secure site, the functionality varies. Some allow you to download the message and attachments all together. Others do not, which is a huge pain when some sends over dozens of documents and you are taxed with downloading each one. All in the name of HIPAA.

    3. Re: UK vs. US by Anonymous Coward · · Score: 0

      Use S/MIME or GPG. Problem solved

    4. Re:UK vs. US by Anonymous Coward · · Score: 0

      Emails may be stored by who knows how many servers between the sender and the recipient. For example if you somehow get access to the mail provider's IMAP server you likely have access to everything, past and present. Considering this is the UK it's also much easier to have a huge mail dump on a USB drive and accidentally forget it on a train.

    5. Re:UK vs. US by Anonymous Coward · · Score: 2, Insightful

      My company has a big bank of fax machines in a locked room with badge-controlled access and all they are getting is customer orders. Surely something as sensitive as patient medical data could be physically secured as easily.

    6. Re:UK vs. US by necro81 · · Score: 1

      Surely something as sensitive as patient medical data could be physically secured as easily

      Could be but are not. (Spoken from experience as a former employee of medical facilities and as an observant patient.)

    7. Re:UK vs. US by Anonymous Coward · · Score: 0

      My company has a big bank of fax machines in a locked room with badge-controlled access and all they are getting is customer orders. Surely something as sensitive as patient medical data could be physically secured as easily.

      Security from organizations that are a mix of bureaucrats and doctors?

      Bureaucrats don't care, and you do know the difference between God and doctors, right? God knows he's not a doctor.

    8. Re:UK vs. US by Anonymous Coward · · Score: 0

      UK rejected their national ID card scheme, so that route is no go for distributing keys. I wonder if this decision means that UK will eventually enable encryption on a national scale. Card readers have been a problem in other countries trying to utilize an ID card. Keys in sim cards have been another option but I'm not sure about the integration of that with other systems for the purposes of encryption.

    9. Re:UK vs. US by Comboman · · Score: 1

      The difference is, each individual has a private email address whereas fax machines are shared for a whole department and anyone walking by can read them. Both are equally vulnerable to misdirection due to the errors by the sender (wrong digit in fax number or wrong character in email address). Both phone and email are (typically) unencrypted, and as long as the government wants to maintain the ability to snoop, that's unlikely to change.

      --
      Support Right To Repair Legislation.
    10. Re: UK vs. US by omnichad · · Score: 2

      That's about as useful in the real world as write-only disks.

    11. Re:UK vs. US by gmack · · Score: 1

      It really doesn't need to be either fax or email. Here, my doctor has a 2FA dongle to access his account with the Government of Quebec, yet the pharmacy faxes him prescription update requests and his receptionist faxes his reply. I don't see why they can't have some secure, medical professional only system for sending medical related information.

    12. Re: UK vs. US by CronoCloud · · Score: 1

      Yes, let's talk about secure e-mail. If you're talking about "platforms" you're doing it wrong because secure e-mail should be done within the e-mail client, not by using some kind of proprietary "secure-messaging" service.

      A good e-mail client supports both gpg and S/MIME encryption.

    13. Re:UK vs. US by bill_mcgonigle · · Score: 1

      They usually pre-program "speed dials" on these things to help ensure that most records don't get sent to the wrong place.

      Twenty-ish years ago I got an HP Digital Sender - paper in one side, email out the other - and integrated it with the employee directory of the hospital I was working for. Everybody loved the speed and reliability, plus the clarity was way better than FAX, but nobody wanted to type in a whole name on the chicklet keyboard when they were used to one-button dialing. Even 10 numbers was shorter than most names. Oh, and also there were no busy signals.

      If these devices had come with some hardware buttons and/or an SDK, healthcare might have been off FAX years ago.

      Also, they cost 10x what a plain-paper FAX machine did and offered very little difference besides a NIC instead of a modem. I supposed since they didn't print anything there wasn't much to make on toner or paper. At that time people receiving the documents would often, though not always, print them out to their local laser printer to go into the existing workflow.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    14. Re: UK vs. US by CronoCloud · · Score: 1

      What? GPG and S/MIME are the standards for e-mail encryption, good e-mail clients support both.

    15. Re:UK vs. US by ShanghaiBill · · Score: 3, Informative

      Emails may be stored by who knows how many servers between the sender and the recipient.

      So can faxes. The days of circuit switching ended long ago.

      Obvious solution for email: Encryption

      Obvious solution for faxes: There isn't one.

    16. Re: UK vs. US by omnichad · · Score: 2

      The problem isn't the standards is my point.

    17. Re:UK vs. US by max99ted · · Score: 1

      haha nice! I still have my HP 9100c on the home network. They did colour scanning as well which was not nearly as common at the time.

      --

      Please stop APK.. you're only hurting yourself.

    18. Re:UK vs. US by Anonymous Coward · · Score: 0

      AmiMoJo is SO TRIGGERED right now you guys...

    19. Re:UK vs. US by sjames · · Score: 1

      Of course, when you fax, it just drops into a tray. Often a FAX machine is shared, so anyone can rifle through the faxes that have arrived.

    20. Re: UK vs. US by Anonymous Coward · · Score: 1

      GPG and S/MIME are ok, but the public / private key mechanism is far from foolproof and ubiquitous. If every email address was registered, identity verified, and assigned keys, then it would be a usable option.

      Medical communication also needs to be accessible by other people. So the encrypted message that's sent to Dr. A needs to be read by Dr A., Nurse B, PreCert C, Medical Records D, Consultant E - G, OnCall DR's H - M. It's not as simple as encrypt message to 1 user.

      There's a lot of activity in this sector, but it's not 'email' .

    21. Re: UK vs. US by Anonymous Coward · · Score: 0

      Costs are much higher in your scenario.

      Email + encryption is much cheaper than physical security.

    22. Re:UK vs. US by scdeimos · · Score: 1

      I never understood companies (or government departments) buying teams of fax machines to receive faxes. We've had these things called fax modems for decades already as well as software to receive faxes - some of them even integrate with Collabra, Exchange, Google Docs and that thing called Lotus (e.g.: GFI FaxMaker has been around over 20 years).

    23. Re:UK vs. US by rtb61 · · Score: 1

      I would point to the fact, the Google as a corporation made the claim that email is equivalent to postcards, they wanted the excuse to examine everyone's email. So NHS by law can not send patient information to a GMail address because privacy laws are in force for the medical profession. In fact by law, unless the email is encrypted or goes direct to that persons in home email server which would be the equivalent of a fax machine in their home, would probably be illegal because the ISP has full access to emails, as do employers. Prior to any government attempting this, which would be a criminal act, they should secure email first as in require encrypting email clients to be used. The encryption can be fairly simply, as it would be a criminal offence to decrypt an email not addressed to you. I don't see how you can use email for medical records legally because in most instances, others will access it, either ISP or employers.

      --
      Chaos - everything, everywhere, everywhen
    24. Re: UK vs. US by Anonymous Coward · · Score: 0

      Today everything is "in the cloud", not in a client

    25. Re: UK vs. US by chipperdog · · Score: 1

      I wish I could mod you up.... there are standards for encrypting email that have been around since the 1990s, but no one cared back then and our current "app" culture rather use a trendy, usually proprietary, app instead following a standard...but then again most healthcare providers around here are already using electronic records (which currently send faxes to external providers), you's think there could be an Owncloud/Dropbox/Gdrive style sharing via https link/api (maybe some inter-provider standard for exchanging heathcare information). That would provide an audit log of who accessed information, etc..

    26. Re:UK vs. US by Mal-2 · · Score: 1

      Would it be so hard though to provide an email address on government servers which people have to log into like any other webmail provider? Then at least you'd know who was holding the data. If people choose to forward the emails on to external addresses, then they did that and it ceases to be a legal problem.

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
    27. Re:UK vs. US by Mal-2 · · Score: 1

      Many times, I have called someone to let them know I would be sending a fax. If they ask me to wait ten minutes because they can't hover over the machine right now, then I wait ten minutes.

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
    28. Re:UK vs. US by Bruce66423 · · Score: 1

      Flawed because the NHS has a 'walled garden' of a secure network within which data is secure.

  2. But email is not secure by paulej72 · · Score: 2

    But email is not secure.

    1. Re:But email is not secure by Anonymous Coward · · Score: 0

      It is in the NHS. NHSmail has several layers of extra encryption layered on top of your standard SMTP.

    2. Re:But email is not secure by Luthair · · Score: 1

      The BBC article which the summary references yet doesn't link to (presumably because qz spammed this submission) specifically mentions how faxing to the wrong place is a common occurrence.

    3. Re:But email is not secure by CronoCloud · · Score: 1

      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1

      GPG and S/MIME encryption is a thing that exists.
      -----BEGIN PGP SIGNATURE-----

      iQEzBAEBAgAdFiEE0YU0isbenb1PGb7IaCsut4kt6eEFAlwOoLwACgkQaCsut4kt
      6eH+5Af8CvAPqfbIMUt7dxCgECFrzweDYo641tDoD1eW0AUrCC25+Aiy9x98zJyZ
      KV2EjL9TGCtrq83z5mJlwCd3mXXCGpcLp1nMG9Pi7X0ddXEdN2XQWlkvzpCIeygx
      I/AKbY9foiKQ6YsrUS7GtKR7ErN5QaooGKFGciAa4a5pZHdDBqDwTehC8blkGyHI
      S1RDIGUJpqIKT+wVPHdMoPj6TEJBy+S0AvKX/trBd+EqYOYF4OU9vWncKLYnFxDT
      cFqDcICSoCyxFLQBlsz/P0mlycx76yFY3/UBSjHXhaYlUsmibtf3LwIasDzA4CEp
      cgE479UjnmDficc59xt8tNCAm7cFVA==
      =zWYp
      -----END PGP SIGNATURE-----

    4. Re: But email is not secure by Anonymous Coward · · Score: 0

      Except that NHS mail is a monolithic outlook webmail system. It is secure because it is monolithic and under direct government control.

      However, because it is under government not employer control access can be difficult to get and is easy to lose ( forget your password and the employer may not have authority to reset it), change NHS employer (common for residents and trainees who rotate to a new site every 3 months) and your access will be revoked until your new employer spends in the sponsorship forms to transfer your account (and not all NHS employers will sponsor NHSmail access so your account can be permanently lost).

      Users don't like NHSmail because it is clunky and slow to use. Searching for users is difficult because it is such a large monolithic database (you need to contact John Smith in purchasing, and you can easily pick up someone 400 miles away)

      IT departments may not like it because they don't have control over spam/malware filtering or data exfiltration scanning.

  3. Re:TRUUUUMMMPPP! by Anonymous Coward · · Score: 0

    Maybe you just suck at investing. Considering you bought bitcoin. And if you didn't see the stock market bloodbath coming that is your fault.

  4. You can't be sure with email by jd · · Score: 0

    Unless certificates are issued to all staff in the form of Class III cards, same as the US military use, and all emails are encrypted using certified correct chips (software is too easily infected as heartbleed showed) then you provide only the illusion of assurance.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re: You can't be sure with email by Anonymous Coward · · Score: 0

      Which happens to already be in place in EU healthcare systems...

    2. Re:You can't be sure with email by necro81 · · Score: 1

      Unless certificates are issued to all staff in the form of Class III cards, same as the US military use, and all emails are encrypted using certified correct chips (software is too easily infected as heartbleed showed) then you provide only the illusion of assurance.

      I do not disagree. But practically speaking this seems like an impossible goal.

      Given the fractured nature of healthcare in the U.S., getting everyone on the same page regarding encryption and certificates is more or less impossible. And as soon as one medical provider faces the least bit of inconvenience in getting information through encrypted channels, they will immediately (and probably forevermore) fall back on unencrypted channels. Stupid human nature.

      The only saving grace is that, if such encrypted procedures are mandated in most places most of the time, the attack surface is dramatically reduced compared to the present time.

      At least in the UK's NHS they have a bit more control over the infrastructure and procedures - both in specifying them and in ensuring uniformity. I'm not saying that it is then easy or guaranteed to work, but it is at least in the realm of practical feasibility.

    3. Re: You can't be sure with email by Anonymous Coward · · Score: 1

      Good thing the UK is an EU member state...

  5. Not different in the US by Anonymous Coward · · Score: 1

    My wife works at a hospital in the US, where the hospital still uses paper charts, and sends faxes *internally* to different departments.

    The problem has never been technical. Email + Smart Card + Encryption is simple to set up, and baseline simple to use. The resistance is administration, staff, doctors, coworkers, etc. You've got to remember, that medical people are generally smart and capable, but figuratively suck-ass-at tech. I'm talking rebooting-a-computer-is-hard suck-at-tech. Think about training your grandma to use an iphone suck-at-tech. Another problem is replacing a system that works.

    You've pretty much got to replace every component wholesale in one attempt. There is no piecemeal replacement these type of systems. It has to go live, it has to work, and it has to be easy, and it has to be cheap, and people have to want it, and people have to want to use it, and probably 100 other conditionals that must be TRUE for everything to work. It's a hard problem, it never works well in less than a year.

    Med people will retire in the face of learning something new. I've seen it first hand now, IRL. Introduce a new system and that doc who's 65 and working because 'why not' will just decide to retire. Now there's a shortage, now we went from understaffed to 'oh shit, y'all don't mind working *more* weekends until we *never* hire anyone back, right?'

    There are ripples to this type of thing, not a easy problem to solve.

    1. Re:Not different in the US by Anonymous Coward · · Score: 0

      You know, a lot of resistance to new software comes from the fact that you offshored it to India and it's terrible.

    2. Re: Not different in the US by Anonymous Coward · · Score: 0

      Nonsense. You can replace faxes with scan to email and email to fax. That gets you a rolling digital copy if everything. Eventually, department by department, office by office, the faxes are replaced with scanners and printers, and a tablet thin client that sits unused until the older doctors die off/get trained.

  6. FAX by Anonymous Coward · · Score: 0

    At least with email there is a decent audit trail too, fax machines at best might store the last N numbers dialed but certainly not the message content.

    Most "mopiers," which I assume these facilities are using (combination fax/copier/printer) do store faxes sent. They are also very secure - you can lock out whom can pull up sent faxes, and you can require a code to print out a fax when one is received.

    Most issues with email can be resolved with encryption. It's the best use case for GPG. Only the recipient can decrypt the message. Of course, this required training, standardized email clients, etc... There have been web companies that do all of this automatically, and were actually quite secure. Of course multiple governments have forced them to close down, as the way they were structured meant they couldn't comply with wiretap requests.

    1. Re:FAX by sjames · · Score: 1

      They can be secured and their firmware can be conscientiously updated whenever a CVE comes out, but don't count on it.

    2. Re:FAX by Anonymous Coward · · Score: 0

      Only the recipient can decrypt the message.

      In health care, this is generally bad. It's rare that a message would only need to be decrypted by 1 user.

      Dr. A, Nurse A, Consult B, Nurse B, OnCall C, PreCert D, Medical Records E, etc, etc,etc.

    3. Re: FAX by cc1984_ · · Score: 1

      PGP can handle multiple recipients

    4. Re: FAX by Anonymous Coward · · Score: 0

      yes, but that presumes the sender knows the proper chain of recipients that will need access. And some of these are rolls vs an individual person, so you'd have to share credentials between the staff fulfilling a specific role.

  7. Spy vs I by Ostracus · · Score: 1

    Maybe someone will revive Google Health?

    --
    Shai Schticks:"You don't make peace with friends, you make peace with enemies"
  8. Re:TRUUUUMMMPPP! by Anonymous Coward · · Score: 0, Interesting

    The Stock Market only turned downward when it became obvious that the Dems would take the House. It's been positive for two years, and suddenly it starts tanking, mostly after the midterms handed the purse to the dems.

  9. Fax still works by Socguy · · Score: 4, Insightful

    As someone who now works in health care (not the UK), I can say that this is dumb. Fax machines are actually very convenient since most documents are still filled at least partially by hand. In order to email, I would have to log onto a computer, wait for it to secure-boot then scan the doc in then open email, attach and send. For privacy reasons every time I walk away from a computer, it must be logged off. The other issue with sites that use email is that any documents with personal information (that would be all of them) must be encrypted using a unique password that must be pre-arranged with the recipient. Therefore, before I can email someone their document, I must call them and work out a password with them This would not be any great burden if it was only once a day but with the amount of documents flying around, the simplicity of dropping a document in the feeder and pushing a single button is invaluable.

    The other reason that email is frowned upon in the healthcare industry is that it's far too easy to print multiple identical copies of documents. Patients more and more often want their prescriptions emailed to them and I have to tell them no. How great would it be to get a prescription for Oxy over email and then print a hundred copies, one for each pharmacy in the city?

    1. Re:Fax still works by mccalli · · Score: 2

      You need to do none of that. Worst case, get a scanner that can email directly. And you're done.

    2. Re:Fax still works by mejustme · · Score: 1

      The other reason that email is frowned upon in the healthcare industry is that it's far too easy to print multiple identical copies of documents. Patients more and more often want their prescriptions emailed to them and I have to tell them no. How great would it be to get a prescription for Oxy over email and then print a hundred copies, one for each pharmacy in the city?

      Are your faxes printed on magical paper that prevent copying?

    3. Re:Fax still works by freeze128 · · Score: 1

      In the US healthcare Insurance industry, there is just no substitute for FAX. Your insured cardholders often have papers that need to be transferred to your company. These cardholders are from all over the globe, may not be computer savvy enough to figure out scanning and encryption, and only need to transfer the documents when they submit a claim - possibly only once or twice. The FAX is the fastest, simplest answer. You just cant spend hours on the phone trying to tell a novice how to scan a document and setup PGP in order to securely email it to you. If that was the only document that they sent, that would be a colossal waste of time.

    4. Re:Fax still works by es330td · · Score: 1

      In the US healthcare Insurance industry, there is just no substitute for FAX.

      The same is true in my industry, financial services. Only a fax provides positive confirmation that a message was received in good order. When a person is making a six figure investment both sides need to have the confidence that information was sent AND received as intended.

    5. Re:Fax still works by Anonymous Coward · · Score: 0

      I get the handwriting part. The required one-time password is weird. If a no-privacy fax is ok, then an organization-wide shared 'privacy password' is slightly better security wise. I.e. all uses the same password for this, so no need to inform anyone.

      But why do you have to wait for a computer to boot up? Don't turn them off for no good reason. (They have sleep modes for saving power).
      If you have your own computer, just leave it on and logged in. A screen lock gives the same privacy as logging out, so all you need is to unlock it with your password. Unlock in under a second, and you typically leave the mail program running so no waiting for that either.

      If you don't work in a fixed location - then you need to log in to use a provided computer. But you still shouldn't need to boot it. Computers should be on, for quick access. And logging in should be a one-second affair. If it takes longer, tell IT to fix it because this IS possible. And no, it doesn't take a super fast computer either. Any old clunker can log in that fast - just set it up do not do anything special when the user logs in. No special sw should run at login time, and no long-winded messing with the network either.

    6. Re:Fax still works by Anonymous Coward · · Score: 0

      I've got an app on my phone that can produce scans of documents and email them that are several orders of magnitude better than anything a fax machine ever dreamed of producing.

      There are plenty of encrypted email options that do not require offline exchange of passwords.

      And I think a fax is way more likely to be misdirected (sent to the wrong number) than an email.

      The print copies thing is just insane on the surface. Fax machines can print any number of copies too.

      Basically, all your arguments against email at worst equally apply to faxes and arguably, faxes are worse.

    7. Re:Fax still works by Rick+Schumann · · Score: 1

      There are email services in existence as I write this that don't allow copying, forwarding, and self-destruct upon opening/reading messages received. Based on the knowledge of this it seems trivial to me for there to be email services specifically for the healthcare industry that operates the same way, plus fully encrypted with strong encryption. Could be designed to be as simple to use as normal email. For once this is a problem that technology can actually solve properly.

    8. Re:Fax still works by PsychoSlashDot · · Score: 1

      As someone who now works in health care (not the UK), I can say that this is dumb. Fax machines are actually very convenient since most documents are still filled at least partially by hand.

      Washing your hands frequently is also inconvenient,but best serves your patients.

      In an age of enlightenment with regards to patient privacy and accountability, fax just doesn't have the ability to do the job right. Adequately, yes, I grant. But all of the processes you name could benefit from modernization.

      --
      "Oh no... he found the .sig setting."
    9. Re:Fax still works by lgw · · Score: 1

      Phone calls are probably easier to hijack than email these days. Fun fact: authorities in in Las Vegas area have given up on maintaining control of the phone system (organized crime redirects calls to call-girls to their own girls). At least email can be encrypted.

      Of course, almost all "six figure investments" are made with a click in a broker's web UI (or an ibank's internal web UI).

      --
      Socialism: a lie told by totalitarians and believed by fools.
    10. Re:Fax still works by Jahta · · Score: 1

      Plus the Fax network wasn't affected when the NHS computer systems were taken off the air by the WannaCry malware.

    11. Re:Fax still works by Anonymous Coward · · Score: 0

      Doctors will willingly switch only when the technology is easy to use and maintain. When doctors are booking ten minute increments, adding an extra minute to send documents adds up quickly.

      Learn about tradeoffs. They explain why people don't use open source.

    12. Re:Fax still works by Vicious+Penguin · · Score: 1

      You need to do none of that. Worst case, get a scanner that can email directly. And you're done.

      If you are speaking from a capability point of view, then you are entirely correct. But the parent was talking about the layers of regulations that hamstring data sharing in medicine.

      All that hullabaloo the parent mentioned is real and my staff spends hours each day fooling around with it. Oh yes, and it is the law too (at least in the US).

    13. Re:Fax still works by RatherBeAnonymous · · Score: 1

      Email is forbidden and fax machines persist (in the US) primarily due to HIPPA regulation 45 CFR 164.312(e)(1).

      (1)Standard: Transmission security. Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

      Email can not guarantee that all hops in the SMTP path are encrypted. Fax bypasses this regulation because POTS is not considered an electronic communications network. There are work arounds. Encrypted attachments are OK, but better are secure email services where the message recipient receives an HTTPS link to download the message and they manage user accounts and passwords. I assume these are not used often because of the perceived complexity or the expense of using HIPPA compliant 3rd party vendors or software.

      I used to work for a school. I had to deal with HIPPA regs from a technical angle for students with special needs.

    14. Re:Fax still works by Anonymous Coward · · Score: 0

      The other reason that email is frowned upon in the healthcare industry is that it's far too easy to print multiple identical copies of documents. Patients more and more often want their prescriptions emailed to them and I have to tell them no. How great would it be to get a prescription for Oxy over email and then print a hundred copies, one for each pharmacy in the city?

      We have an electronic prescription system in which the doctor fills the prescription which then becomes directly accessible by the pharmacy where the patient visits to buy the medicine.

    15. Re: Fax still works by tangent · · Score: 1

      > Fax machines are actually very convenient

      My grandmother was in a US hospital recently, in another state. She was traveling with my parents and fell ill there. Since my grandmother was living with my parents at the time, all of her medical records were back home, and the out-of-state hospital had no way to get her records from the local hospital that produced them, so they called me to drive over to my parentsâ(TM) house to fetch them.

      I did that, then called the out-of-state hospital to ask what email address I should send them to, and got absolute cluelessness. The impression I got is that they didnâ(TM)t think they had email.

      So they wanted me to fax everything. Fine. I drove half an hour to the office to use the one fax machine whose availability I can even be sure of at 6pm on a Saturday night, and it doesnâ(TM)t work. Canâ(TM)t fax a thing. And why should it? We havenâ(TM)t faxed anything in a decade. It could have died last year, and we wouldnâ(TM)t have known about it.

      I eventually figure out that itâ(TM)s unplugged from the phone line ever since the volume of junk faxes exceeded the number of real faxes by 10×. Also, there was that exploit a few months ago where a rogue fax could take over your LAN. Weâ(TM)d just been using this machine as a copier and scanner.

      So, I found the phone cord, plugged it in, and it still wonâ(TM)t fax.

      Keep in mind that weâ(TM)re something like an hour into this saga by this point, between me traveling to my parents house, then to the office, then fighting with the fax machine.

      Convenient? Hah!

      I ended up taking pictures of the documents with my camera phone and sending them over iMessage to my mother, who pinched-and-zoomed them on her phone in front of the doctor. As clunky as that is, it actually beat fax for convenience. It was probably more secure, too.

      We can do a *lot* better.

    16. Re:Fax still works by Anonymous Coward · · Score: 0

      Psst! I'll let you in on a secret. Every man and his dog is moving away from paper based records, even the (Australian) legal profession and if you can move those curmudgeons the hospitals should be a snap.

    17. Re:Fax still works by Anonymous Coward · · Score: 0

      And this is bullshit. Nothing should be filled out by hand.

      We have these things called smartphones and tablets. There is no reason for their to not be a clearly legible, digital paper-trail in all developed nations/states/cities.

      I have been screwed over multiple times over the past six months due to this notion that we should still be using paper, fax, transcription, voodoo, smoke signals and leeches and trepanation.

      Digital channels are not thermometers, there is no reason why it should take 100 years for them to be adopted. Yes, seriously, look at the history of the thermometer in the medical profession. Backwards ass people like you that defended or halted progress caused godknows how much death and suffering because you won't get with the fucking program.

      Fuck you. Piss off and die. I am tired of suffering because of people like you. You are worthless. I will replace you with Alexia and Siri and have a higher success rate of my test and procedure getting ordered properly and my medication dosing not killing me.

    18. Re:Fax still works by Anonymous Coward · · Score: 0

      Only a fax provides positive confirmation that a message was received in good order.

      That really depends on the definition of 'received'. The sender only knows if the transmission was a success or a failure and they only know that IF they verify logs. I can't count the number of times I've found FAX transmission failure reports. The sender doesn't know the FAX failed because they walked away. If a FAX transmission is successful, you still don't know what happened after that.

      1.) Paper may have been empty
      2.) Toner may have been empty
      3.) Power loss between replacing paper/toner that cleared the pending printouts from memory
      4.) Mis-routed internally on the receiving end
      5.) Person on receiving picks up all the print jobs including someone else's job
      6.) My company converts incoming FAXs to PDF then emails. Maybe I forget to disable FAX while doing maintenance on the email server so the incoming FAXs are going to eather.

      In all of these cases, you would see a successful transmission but none would result in the the FAX being received AS INTENDED (your words).

    19. Re:Fax still works by mccalli · · Score: 1

      I'm in the UK - here there are plenty of email solutions here for health care, and I can order repeat prescriptions through an app. Please understand - I'm interested and learning from the comments about the US health care system. However the story comes from the UK - there's literally no reason here at all to be using a fax machine since there's plenty of already in use alternatives.

    20. Re:Fax still works by ben_kelley · · Score: 1

      Fax machines are actually very convenient

      Not for the patient.

    21. Re:Fax still works by JSG · · Score: 1

      In the UK, the prescription document is simply a thing to hand over to a pharmacy - mostly vestigial. The prescription itself is transmitted electronically. Nowadays you don't even have to sign a prescription charge waiver form: the machine knows already. To be honest, I haven't actually seen a prescription form for quite a while. It is almost as though at least part of the NHS has noticed that it is 2018 8)

    22. Re:Fax still works by Mal-2 · · Score: 1

      You don't need fax machines to receive or send faxes, though. Nor do the documents received ever have to be printed. A fax server on the local network is actually a lot more convenient, both sending and receiving.

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
    23. Re:Fax still works by havana9 · · Score: 1

      How in Italy have solved the problem. Every recipe, except those for OTC drugs, have a barcode, and when you go to a pharmacy they scan the barcode and the software checks if that is valid. This works both with handwritten recipes, that you normally get on an home visit, or a printed or PDF recipe. If you need opiates or other controlled drugs you have to ask the pharmacy in advance, and they normally phone the doctor for confirmation.
      This is a recipe that could be handwritten You can clearly se on the right the barcodes, because, you know, with a colour laser printer it's easy to print a fake one, and if someone steals a recipe block, it could be trace.

  10. Don't Tell Them About eFax by Anonymous Coward · · Score: 3, Insightful

    eFax would make their heads explode.

    1. Re:Don't Tell Them About eFax by Anonymous Coward · · Score: 0

      Doesn't solve the issue in this case. Since it's interoperable with PSTN fax machines you still have the same issues of not knowing who has received it or if it has been sent to the correct place.

    2. Re:Don't Tell Them About eFax by Anonymous Coward · · Score: 0

      What is a signed read receipt?

    3. Re:Don't Tell Them About eFax by Anonymous Coward · · Score: 0

      Probably a 'better' product would be EtherFax. It is mostly used by businesses but acts more like an encrypted remote scanner/printer if both sides are using EtherFax versus sending fax tones. If not, they fax it out via TDM which is much more reliable than T.38 has ended up being.

      That said, you still end up with a pile of paper or a graphical TIF/PDF on the other end versus discrete data, which is a PITA to handle efficiently. At least it transfers a lot quicker than 15-30 seconds/page.

    4. Re:Don't Tell Them About eFax by Anonymous Coward · · Score: 0

      How about using something correctly rather than banning it?

      Faxes going to the wrong place? Assign someone to the task of tracking it down and getting it fixed.. We do this in tech all the time, something broken, some process or, pipline doing something bad? We assign engineers to find and solve the problem.. Oh no wait, we can't solve problems by throwing human labor at it, we ban the technology, and try to replace it with some other overpriced boondoggle.. because that's ok! The irony here is lulz.

    5. Re:Don't Tell Them About eFax by Anonymous Coward · · Score: 0

      Fax doesn't really generate a paper chain.

      Email does. Email can literally do everything fax can do, plus throw end to end encryption on it, and control and review who receives things centrally.

  11. It's a bullshit argument by Anonymous Coward · · Score: 1

    The UK civil servantry has no trouble sending sensitive data every which wrong way, regardless of medium.

    Fax sent wrong, email accidentally the whole contact list, dvds lost in the mail, usb left on the bus, papers left in taxis, laptops stolen from cars, briefcases left on trains, it's all been sent wrong, left behind, lost, stolen, or whatever else, at one time or another. Usually unencrypted, of course.

    So this is just a big fat gesture in lieu of doing something useful. Like "banning all diesels", "banning all faxes" is going to cost a lot and do very little. As is usual when you let idiots run the show -- whether political idiots hungry for being seen to be doing *something*, or neophile idiots chasing the latest appses for grateness. The kind of idiot changes, the constant presence of idiocy does not.

    1. Re:It's a bullshit argument by jabuzz · · Score: 1

      Worse than that, a whole range of devices from photocopies to multifunction printers come with a built in fax facility. So you would have to ban all dual usage devices too which I doubt they are doing.

    2. Re:It's a bullshit argument by Anonymous Coward · · Score: 0

      No need to ban the device that "also have fax capability". You merely unplug it from the phone line - and then goes on to save some money discontinuing said phone line. The device is now a printer/scanner that no longer have fax capability since that require a phone line. If it does an ok job being 'just printer', then no need to get rid of it.

    3. Re:It's a bullshit argument by tepples · · Score: 1

      If the regulation were "Buy no more dedicated fax machines, and fill the telephone connector of fax-copiers with epoxy," would you find that practical?

  12. Now how about banning Windows XP by Anonymous Coward · · Score: 0

    The NHS has more Windows XP machines than anyone else.

    1. Re:Now how about banning Windows XP by jfdavis668 · · Score: 1

      Yes! They should upgrade to Vista!

  13. What are they even faxing? by ltbarcly · · Score: 1

    It amazes me that there is even any need to fax patient information at all in the UK. They have had centrally run and managed and funded healthcare since the end of WWII ! I would have thought they would have some terminal text-based records system from the 1980's that was universally deployed. I mean the closest thing I have experienced to the UK system is the US military's system, which has been computerized with centralized records since I was a baby in the 80's (parents were in air force). Sure, there used to be physical records as well, but I remember them being things like x-rays and notes about x-rays, things that you couldn't really digitize at that time. I really doubt they are faxing x-rays, so the UK situation is extremely confusing. WTF is going on there?

    1. Re:What are they even faxing? by lgw · · Score: 1

      It's almost as if competition spurs efficiency. Nah, that's crazy talk.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    2. Re:What are they even faxing? by Vicious+Penguin · · Score: 1

      It's almost as if competition spurs efficiency. Nah, that's crazy talk.

      You are certainly correct, but the use of fax in the healthcare industry has more to do with another huge painful thing that the government does to us: unintended consequences.

      HIPPA laws greatly restrict the use of electronic distribution of patient records. Thus, we fax everything. Again, to your point, reality is not optional.

    3. Re:What are they even faxing? by Anonymous Coward · · Score: 0

      I guess you don't work in the healthcare industry and are probably so young and healthy you rarely if ever had to interact much with any healthcare system.
      A standard method of communicating lab results (blood, urine, cultures, etc.) to patients is by FAX.

    4. Re: What are they even faxing? by Anonymous Coward · · Score: 0

      The Palo Alto Medical Foundation let me email my doctors, read my test results, schedule appointments, and well, just about everything else.

      If it's a HIPPA violation, then SutterHealth would be out of business. Instead they have offices from San Francisco, down to San Jose.

      Try again. It's called a secure channel, maybe you notice /. has a green https at the top?

      Stop with the lies about HIPPA not allowing emails and online records.

  14. Both Suck by jellomizer · · Score: 1

    Both methods of Faxing and Emails are bad options for sharing Medical Data.
    The better method which would actually require strong IT in healthcare would be appropriate HL7 communications either via Clearing House or direct VPN connection between systems.
    This technology isn't new, but it better for sending healthcare info, as the data can be parsed and categories more easily into the EHR and EDM systems.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  15. Re:TRUUUUMMMPPP! by Anonymous Coward · · Score: 0

    If that reaction have been the rule during the last few decades, I wonder if the Democrats need a new major party competing with them on economy while retaining the societal values that the voting population supports and that support the voting population.

  16. Re:TRUUUUMMMPPP! by ClickOnThis · · Score: 1

    The Stock Market only turned downward when it became obvious that the Dems would take the House. It's been positive for two years, and suddenly it starts tanking, mostly after the midterms handed the purse to the dems.

    Wrong. Try again.

    Stock markets hate uncertainty. There's loads of uncertainty right now coming from Trump's trade wars and a teetering Brexit. There is no uncertainty regarding who has the House. In fact, the market has expected it for months, and whatever effect it was going to have happened months ago.

    --
    If it weren't for deadlines, nothing would be late.
  17. Could be done (in theory) by sjbe · · Score: 1

    Given the fractured nature of healthcare in the U.S., getting everyone on the same page regarding encryption and certificates is more or less impossible.

    It's only impossible in the sense that it would require an act of our currently dysfunctional congress. Congress could make a standard required with the stroke of a pen and everyone would have to get on board. It really wouldn't be all that hard. But of course we have elected a quorum of of asshats who think that somehow this would be a bad thing.

    1. Re:Could be done (in theory) by Anonymous Coward · · Score: 0

      What's amusing is Congress did just that, it's called HIPAA / HITECH and it included an exemption for fax.

  18. Confirmation? by sjbe · · Score: 1

    Only a fax provides positive confirmation that a message was received in good order.

    No it does not. It provides confirmation that the message was delivered to a particular fax machine but provides no information beyond that, including whether or not it printed legibly on the other end.

    When a person is making a six figure investment both sides need to have the confidence that information was sent AND received as intended.

    If that's the goal a fax is definitely not the technology you want. You have absolutely no idea who picked up that piece of paper on the other end and what they did with it. Might have gone straight to the trash for all you know. Pretending that a fax is some sort of reliable means of logging communications is absurd.

  19. It is 2018 by Impy+the+Impiuos+Imp · · Score: 1

    "They don't really need to stop this, as all modern, 2018 medical facilities are happy with fax machines," said a representative for the firm contracted to supply fax machines, The McFly Corporation.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  20. Faxes are good enough for government work by g01d4 · · Score: 1

    Industries that still rely on fax machines usually have little incentive to improve productivity, especially if the status quo can be deemed good enough. This is particularly true for government agencies. When politicians attempt to foist productivity improvements on the bureaucrats the outcome often doesn't bode well. It typically takes some kind of crisis for such improvements to be implemented.

  21. Good by Anonymous Coward · · Score: 0

    Last I checked faxes are all in cleartext; using them at all risks exposure of patient data.

    1. Re:Good by RatherBeAnonymous · · Score: 1

      But, it's not "on a computer", so it's safe.

  22. Re: Telgram vs. Post Cards by Anonymous Coward · · Score: 0

    The Fax is closer to the telegram, as long as it is calling the correct fax number.

    The email is just a post card in the email, anyone can read it and the receiver doesn't know how many have read it.
    The other option would be to set up a web page where the scan of the docs can be uploaded.

  23. Fuck sake. England and UK are not same thing. by Anonymous Coward · · Score: 0

    Shitey backward #Brexit England has finally got around to this. End of.

  24. Abject failure of the tech industry by Xylantiel · · Score: 1

    I see it as an essential abject failure of the tech industry that most people have no way to securely send a simple document to someone else they know or have a real-world relationship with (doctor/patient, vendor/customer, service/client). Thinking about it, the closest I can come to a genuinely accessible solution is Signal. What's even more sad is that the reason that this problem is unsolved is that the major tech players are so addicted to spying on their customers that they can't bring themselves to actually provide a secure communication solution.

  25. Bzzt! Wrong! by Anonymous Coward · · Score: 0

    Email alone isn't a solution, because ISPs (and who knows who else) are data mining every email communication sent over the Internet. Encrypted email or secure download links is the solution, but this is cumbersome in comparison. FAX machines are cheap. Furthermore, privacy laws protect (real) phone line communications. (We do need the same protections for VOIP, though, even if VOIP is encrypted.)

  26. Why Email? by chipperdog · · Score: 1

    Most healthcare providers around here already have electronic records (EPIC being dominant platform). Why not some open, standardized protocol for exchanging health data between systems? Records could be shared just like sharing a file in Owncloud/Gdrive/Dropbox....It would provide an audit log of every access and could be simpler than faxing

    1. Re:Why Email? by Anonymous Coward · · Score: 0

      Already been done. EPIC already can share information between other EPIC systems. And Carequality.org allows sharing between vendors of different EHR products. The backend is there, but not every install has turned on the features.

  27. "digitally transformed" fax-replacements suck more by Anonymous Coward · · Score: 0

    The one thing that seems clear from all the jargon is that your "better method" introduces more middlemen to handle the message. Middlemen, black boxes, cloud services, what-have-you. All things opaque and incomprehensible to the uninitiated in the mysteries of ICT, so people will just assume it'll be okay. And when it turns out it wasn't okay, you end up with gigantic data leaks, since it's more likely entire database gets exposed than not.

    So I like the "faxes in a locked room requiring badge access" approach a lot more. The risks are much more directly related to things you can see or hold in your hand and a single leak has a much smaller chance of exposing the entire archive filled with patient dossiers. As nice as modern technology is, moving lots of heavy boxes full of paper around is sweaty business, and that's a security feature network connected computers don't have.

  28. Re: TRUUUUMMMPPP! by Anonymous Coward · · Score: 0

    Nonsense. Fox news tells us all bad thing, past, present and future, are the result of big government Democrats.

    All good things are from small government conservative, "family values (ha!)" Republicans...

    Activist liberal judges bad. Conservative judges changing traditional law good.

    Hey ate fucking hypocrites. Well the rich ones. The poor are incel hypocrites.