Medicine, HIPAA, and the myth of the secure, private fax

ECLAT Technology Image of Fax Modems Perhaps you didn’t know this, but the Fax Machine has been around for a very, very long time. In a day of ever advancing technology, one displacing the next at an extraordinary rate, it’s actually hard to believe that the fax machine has endured for as long as it has. Consider, for a moment, that the fax machine was invented long before the Space Shuttle, and even the Space Shuttle has since been retired from use. So, why, then are we still using fax machines?

All it takes is a quick call to your doctor’s office to get the obvious (and wrong) answer : security, privacy, and HIPAA.

The Myth

Here’s how the myth goes. A Fax machine transmits directly from one fax machine to another, which makes it impossible to intercept. Emails, on the other hand, get routed through many servers and could be intercepted.

Okay, so, in concept, that makes sense. But what makes it wrong? Well, basically, just about everything. First and foremost, every phone call is routed through hundreds of switches, just like emails are. Watch any TV Crime or Espionage television (like I Spy from the 1960’s) and you can learn all you need to know about intercepting phone calls. Then, of course, there’s no actual identification on either end of the fax to verify the sender, or recipient, so all the sender has to do is plug in the wrong number and, if the other end has a fax machine, it still goes through – and no-one is the wiser. Since very few fax machines keep records (at least for very long) of these kinds of mistakes, there’s often no log that can be used to back track and find the error and determine what data went awry, or who it went to. Finally, of course, any paper based fax is simply available to anyone who happens to wander by and pick it up : no password required.

Faxes are Analog

Adding to the technical mumbo jumbo of faxes is the fact that it is an analog process, one largely dependent on analog phone services. While some phone service providers are catching on, and adding support for faxes, many still have trouble maintaining this older analog process on their increasingly digital phone networks. This, in turn, forces those who need faxes (hello doctors offices) to turn elsewhere to complete their faxing : Hello Outsourced Online Fax Services.

Online Fax Services

Online fax services have been around almost since the dawn of the internet age. In fact, dial up internet connections almost mandated their invention, since the phone line would be tied up during the internet use, blocking any inbound phone calls, including faxes. To get around this little problem, the fax would go to some other provider, whereupon it would be converted to a digital file, frequently a PDF or a TIFF file, which would then be e-mailed to the final destination.

Yep. You heard that right. Today, many (if not most) faxes often arrive at their final destination : as an email.

So, for all their supposed security and privacy, faxes are subject to all the same routing issues as any other phone call, are altogether too easily sent to the wrong number, have no security, are picked up by the wrong person, and often end up their lives as emails anyway.

Myth Busted

So, is a Fax, that is based on technology that is over 100 years old, more secure than an email? The answer is no, not really. It never actually has been, and today the waters are even more muddy than ever as phone providers go digital, and people outsource more and more services. It’s time that the world wakes up to these realities and deals with this very simple reality: Faxes are simply not secure. We need to accept this fact and start having a real conversation about displacing this old technology with its mythological properties and putting one in place that is real, and actually does the job. In the words of those highly entertaining television personalities : Myth Busted!