Time for Fax Machines to Die

It’s time for us to move beyond fax machines, which are still in wide use in healthcare. If you’re an American who has been prescribed a drug in the past several years, it’s extremely likely your doctor sent that prescription to the pharmacy via fax “technology.”

This was sparked from a story in this week’s column:

21st Century Problem

Some in Canada are having trouble getting tested for Covid-19 thanks to overburdened fax machines. Faxing is so slow there’s a huge backlog of testing referrals because the faxes can’t get through to already-busy machines. Then New Brunswick’s fax network crashed completely, grinding their testing to a standstill. Horizon Health Network officials have announced a new system to catch up again: they switched to secure email, which “has eliminated the potential for bottlenecks,” said Tim Calvert, Horizon’s regional director of I.T. Security. Faxes are still widely used in healthcare because of its perceived security. In Ontario, meanwhile, Finance Minister Peter Bethlenfalvy has ordered that province’s public services, including the healthcare system, to phase out fax machines entirely by the end of the year. “Nothing says ‘The Flintstones’ like a fax machine,” he said. (RC/CBC) …Old problem: busy signals. New problem: spam filters.

There Are Better Alternatives

In the early 1990s, when I started This is True, I had a fax machine. It was handy when signing up newspapers to carry the column, which was the first leg in my business plan for income. Sure, I got some business thanks to the fax, but very quickly the number-one user of my fax machine, after (yep!) spam, was credit applications from a car dealer.

No, I wasn’t in the business of auto loans: the car dealer had programmed their fax machine incorrectly, putting my number in rather than some lender.

I called the car dealer. I called them again. And again and again. I still got the loan applications (and who knows how many buyers wondered why they never got their car loans!?)

A fax machine photographed when it was taken offline …in 2005. (Photo: Georgfotoart CC 4.0, resized.)

The faxes kept coming.

Until one day I got a great idea: I wrote a letter to the car dealership that said that for any further loan applications were sent to me, I was going to call each customer to tell them that the car dealer had sent their confidential financial information to a complete stranger, and suggest they take their business to a more professional dealer.

There were several pages after that: the first page of several loan application forms showing the customers’ names, addresses, social security numbers, income levels, etc. I did, of course, fax it to them.

The dealer never replied to my letter …but I never got any other faxes from them. I’m sure someone at the company was read the riot act by an irate boss who realized the faxes were putting them at huge risk of lawsuits.

Faxes are Secure?

Healthcare systems think faxes represent a “secure” communications channel.

No, really: “The health care system has long used faxes as a secure method of transferring confidential or sensitive documents, particularly in cases where agility, cost, and also any limitations posed by legacy systems are a factor,” said Tim Calvert, the Horizon Healthcare regional director of I.T. Security, who was quoted in the story above. “With faxing, the information is transferred directly from one fax to a receiving fax with a confirmation that the transmission was received, thus limiting the risk of unauthorized access.”

Which assumes two things that are really important to security: 1) that the number they’re sending the information to is correct (or, as the case may be, still correct!), and 2) that the receiving fax machine is physically secure, and the person pulling the maybe semi-legible sheets of paper from it is trustworthy enough to receive such sensitive information and will route it appropriately and securely.

Of course, the sender has no way to know about the receiving end’s security procedures.

Hopefully, the transmission doesn’t actually use paper at all: the images can be rendered into computer files (e.g., PDF documents) and then be routed on an internal network as needed. And that’s another issue with them: they’re images, not text that can (say) be lifted out of the document and plopped into just the right place in a patient’s medical chart. While optical character recognition can convert it to text, I’m sure you’ve seen examples of the results of OCR: sometimes horribly distorted “information” that makes little or no sense.

Of course, the sender may also be faxing from a computer. So why use such old technology in the first place, when encrypted communications is the norm for data transmission online?

Healthcare is bound by regulations like no other industry.

Isn’t There Already Something Better?

Sure: EMR — Electronic Medical Records — are now the gold standard, but when I was on the board of our local health clinic, the nightmare was that EMR systems were not compatible with each other. We had to subscribe to a “network” at great cost that would translate one medical provider’s EMR to our EMR (and back). It got worse: there were two such EMR networks in our state alone that (you guessed it!) were not compatible with each other — unless you paid another fee for translation between the two.

And everyone in that chain wanted to make a “good” profit.

Which is, of course, the problem: I’d love to know what percentage of healthcare spending is skimmed off as profit in the United States. It would be interesting to compare that to the same number from Canada and other countries.

Let’s take faxes off life support and turn to much-more-modern encrypted communications channels …just like Canada is working on.

– – –

Bad link? Broken image? Other problem on this page? Use the Help button lower right, and thanks.

This page is an example of my style of “Thought-Provoking Entertainment”. This is True is an email newsletter that uses “weird news” as a vehicle to explore the human condition in an entertaining way. If that sounds good, click here to open a subscribe form.

To really support This is True, you’re invited to sign up for a subscription to the much-expanded “Premium” edition:

One Year Upgrade
Comments

(More upgrade options here.)

Q: Why would I want to pay more than the minimum rate?

A: To support the publication to help it thrive and stay online: this kind of support means less future need for price increases (and smaller increases when they do happen), which enables more people to upgrade. This option was requested by existing Premium subscribers.

 

23 Comments on “Time for Fax Machines to Die

  1. These days most prescriptions do not arrive at the pharmacy via fax. The majority come via a secure electronic system, referred to as “e-scrip” in the industry. There were a lot of problems when this system was rolled out a few years ago, but it operates mostly smoothly now. Most of the problems are caused by user error due to lack of training. Even narcotics are transmitted electronically. Formerly they had to be written and hand carried to the pharmacy, allowing for potential alteration and fraud. I would love to see fax machines mostly phased out and just kept as an emergency backup. Unfortunately there are a few medical practices who stubbornly cling to them.

    Reply
  2. As I understand it the actual communications protocol used by fax-to-fax transmission is not encrypted, meaning they’re easily captured by inexpensive wiretaps. And like many unencrypted communications they are easily altered and/or falsified. Think deepfakes of 40 year old technology using modern technologies.

    Reply
  3. Another industry that still uses faxes: income taxes. I work for a major tax preparation company (I will not say which, just that we are one of the big ones) and while returns are often sent electronically from our server to the IRS server, when other forms or correspondence due to a letter audit need to be sent we have often used the fax to send them due to speed. While the fax number is unlikely to change, I don’t know if the IRS has a more secure way to receive documents quickly other than fax. Mind you, just because this will get something TO the IRS faster, it doesn’t mean that it will be taken care of by them that much faster.

    Reply
  4. When our teenage son (now 38) got his first cell phone, it would ring about 2 am daily. I finally told him to turn it off overnight and that solved the wake up issue. Yet, there was a missed call notification every morning. I turned his phone on and answered one of these calls to hear incoming FAX tones. I put a forward on his line to the incoming FAX line on my computer and got a copy showing what, from, and to whom. It was a product update message intended for a supplier’s customer. I notified the sender of the problem and they said they’d take care of it. The problem persisted for another week, so I contacted the intended customer and asked if they would like updates from their supplier. They indicated that they hadn’t received one in weeks, so I told them why. INSTANTLY, no more FAXes. When you hit ’em in the pocketbook, they tend to take notice.

    A good summary of my experience with the car dealer. -rc

    Reply
  5. Back in the early 2000s, my family received a fax containing a prescription for medication for a distant relative who lived a few towns away. We were quite bewildered as we didn’t think this relative had our fax number, nor did he have any apparent reason for sending this particular document to us. It wasn’t until a few years later that we fully understood what happened: it turned out that our fax number was only one digit off from that of a local pharmacy, and apparently someone at a doctor’s office had simply misdialed. It was a complete coincidence that the prescription just happened to be for someone we knew.

    I’m sure they were thrilled for you to learn about their medical condition! -rc

    Reply
  6. Faxes use POTS (Plain Old Telephone System), which is why they’re so slow. The assumption of security was, at least initially, that they were transmitted over copper wires, point to point, and could only be intercepted via wiretap. However, that’s long since gone by the board; the signals are digitized and routed through the same networks as VOIP (Voice Over Internet Protocol); they only end up on copper at the destination. This change started close to 20 years ago, and was probably complete except for certain marginal locations at least a decade ago. So using fax machines at the send and receive locations, and using the POTS protocol, is no more than an archaic choke points.

    Worse from a medical standpoint, the earlier faxes used thermal paper, which is not archival; unless you copied them or stored them in a controlled environment, they became illegible over time.

    Even back in the ’90s, I was sending and receiving faxes on my computer. Much faster and more convenient — and, as you point out, I had digital records and could cut and paste the contents to wherever. Granted that digital records are not archival either, but that’s a different kind of problem which applies to all contemporary medical records.

    Reply
  7. YES! My wife does insurance pre-verification work at a hospital and it’s mind-boggling that faxes are still a ‘thing’. Ergh.

    Reply
  8. Randy, your Fax commentary reminded me that we are no longer receiving faxes from a very large state university hospital’s HR department whose fax number was almost the same as ours, the last two digits were inverted.

    We used to receive all kinds of documents from job applicants with their personal information, everything from college transcripts to health records. Since the hospital couldn’t prevent folks from misdialing their fax number there wasn’t anything they could do about it. I would always just resend the document to the correct number with a note explaining why it was coming from me rather than the applicant. Evidently they are now using email for their correspondence because I haven’t seen a fax for them in four or more years.

    I still have my fax hooked up and personally never use it, but once in a very great while an attorney will fax something to me for a real estate transaction (I am a Realtor).

    Reply
  9. I used to work for an internet fax company and everyone used to tell me fax was dead. Yeah a dead multibillion dollar industry

    Reply
  10. Bureaucracy and HIPPA requirements are keeping it alive. I can guarantee you that healthcare systems don’t LIKE having to use faxes still!

    Reply
  11. It is the legal angle for signature, both domestically (I’m in Ontari-ari-ario ;)) and at times internationally, as i learned both at universities overseas and doing trade logistics. It’s totally dependant on what a local judge will accept. AND THEY TEND TO BE REALLY OLD!

    Can’t say how it applies to cross-border contracts, but the Electronic Signatures in Global and National Commerce Act was enacted nearly 21 years ago! -rc

    Reply
  12. I agree. I work for a health plan and the other day got a fax that was a complete HIPAA violation including the person’s driver’s license. Yes it was reported.

    Reply
  13. I still like the relative security of sending a document via fax rather than email if it has sensitive information on it.

    Reply
    • Fax more secure than email? Maybe with a free mail account like GMail where they scan your emails for adds. But any Exchange or encrypted email will be way more secure. About the only communication method less secure than fax is sky writing.

      Reply
      • John, getting multiple email servers to seamlessly handle encrypted emails isn’t fun. When my team had to handle secure messaging to other hospitals, we made users log into our system to read them, and just sent out a “you have a message” emails. Epic does the same thing with their patient portal.

        That’s not the only way to make email secure. S/MIME is very widely supported, and as long as the sending and receiving servers both support it, ALL messages are encrypted for transit. -rc

        Reply
  14. I don’t have a fax number. I also don’t have carrier pigeons or pony express.

    Carrier pigeons are much more efficient than pony express. No salary, and the feed is MUCH cheaper! -rc

    Reply
  15. This reminded me of an article I read last year about how Japan’s new PM wants to get rid of fax machines; apparently they are still widely used in Japan not only by government, but by businesses as well. Soranews24.

    Reply
  16. My mom’s estate lawyer told me, back in 2011, that faxed documents were covered by client confidentiality by Michigan law, while email was not, so most legal documents in Michigan are sent by fax, registered mail, or in person, and none by email (at least not by a competent lawyer, according to this gentleman).

    Reply
  17. My doctor’s office refuses to accept (or send) anything in PDF or email form, citing security. Given how many times the pharmacy has to request and re-request scrips when I’m out of refills, I have no confidence they actually know how to use their fax. Fun times.

    Reply
  18. I haven’t seen anyone point out that many faxes have been converted to e-fax the “secure” fax gets converted to a PDF and then sent via “insecure email” thus they have an extremely false sense of security.

    Regarding the false sense of security that the obliviots have about POTs lines, that also needs to go bye-bye. If I can find a Radio Shack, I can hobble together all of the parts needed to tap into most businesses and record any and all phone calls for about $100. That equipment could be put into the boxes that almost every house and business has on the side of their building. Walk up to it, unscrew the box, unplug a couple of wires and then plug in my wires and no one would know the difference. I know its illegal, but I’m simply pointing out that it is stupid easy to do. With email and tapping into VoIP calls, that takes actual hacking and is much harder for criminals to do.

    Reply
  19. While people may say “secure”, I believe most mean “simple”.

    You can’t compare the steps involved between faxing and any other more ‘high-tech’ method, especially if you’re starting with ‘low-tech.’

    1. I pick up a form at a place of business or government office. (Or receive form in the mail.)
    2. I fill out said form.
    3. I fax it to the recipient.

    You literally can’t get it done in any fewer steps than that.

    Sure you could: 1) Pick up form at business/office. 2) Fill it out. 3) Hand it back to the clerk. Step 3 is much easier than getting it into the fax machine correctly, punching in the number, waiting, and then doing something with the paper after it’s done. -rc

    Reply
  20. I used to work for a fax software company, where I learned that faxes are transmitted as simple TIF images with a max resolution of 200 dpi.

    First, the resolution of a fax is so poor that you could cobble together a document using tape without it looking doctored.

    Second, testing of fax software was regularly done by dropping a TIF file into the send or receive folder on the server, which was accessible on the network. It’s not hard to see how that could be exploited.

    Adding a lot of fuel to the “not really all that secure” fire. -rc

    Reply

Leave a Reply to Mary, Virginia Cancel reply