Check out the corresponding infographic to this post here!
Healthcare is the last remaining industry holding on to fax as the primary way to communicate critical information. While surgeons are supported by robots in the OR and AI is finding care gaps, the sharing and administrative functions of coordinating healthcare lags decades behind. In fact, 75% of patient information in the US is still exchanged via fax and is costing US healthcare billions of dollars each year…and more importantly, compromising patient safety and provider job satisfaction.
Interoperability is the innovative approach that addresses the archaic means of communication we have been relying on. The healthcare industry must move to interoperable exchange in order to coordinate better care, reduce costs, improve patient outcomes and decrease administrative burn out.
Additional Facts about Fax
The Centers of Medicare and Medicaid Services (CMS) are calling for the end of fax by 2020, and for good reason. Impacts of fax in healthcare include:
- 9+Billion fax pages get exchanged each year in healthcare
- 30% of tests are ordered due to lost or missing fax
- 80% of all serious medical mistakes result from poor or lacking communication, which includes fax
- $2.5 M is the largest fax HIPAA fine issued for faxing to the wrong number
- 25% of faxes do not make it before the patient arrives for their first visit
An Interoperable Solution to Fax
While both modalities push information from one location to another, secure push-based messaging in healthcare is facilitated by DirectTrust™ and is realizing nationwide interoperability with the use of Direct Secure Messages. With over 1 Billion messages sent and received since 2014, Direct Secure Messaging in a viable and established interoperable alternative to fax.
Defining Direct Secure Messaging
The easiest way to think about Direct Secure Messaging is email for healthcare that leverages the Direct Standard™ for the secure exchange of patient health information. Direct messages can have any type of file attachment (including structured data that your EHR can easily ingest without extra effort), and both the message and attachments are encrypted along the entire route, from sender to receiver, to protect the privacy of the content.
What? Huh? Let me simplify further…if you know how to use email, then you’ll know how to use Direct Secure Messaging. It is HIPAA-compliant and supported and promoted by the US Health and Human Services (HHS) and the Office of the National Coordinator for Health Information Technology (ONC). The protocol that governs the accredited exchange method requires identity verification in order to participate over the network to ensure each end point is a “trusted” entity – much more secure than email – and includes a full audit trail.
Dispelling the Myth
The funny thing is people think faxing is secure, perhaps even more secure than digital alternatives with all the cybersecurity threats out there. But in the past year, we have learned that fax machines are a gold mine for hackers. Despite what people may think, traditional fax is not covered by the HIPAA Security Rule, although the Privacy Rule does require safeguards at each end point. However, you know as well as I do, there isn’t someone “manning” the fax machine just waiting for PHI to spit out so they can immediately “safeguard” it.
With busy signals, never received, lost and resends, faxing takes unnecessary time that could be spent with patients, not to mention the time printing and scanning documents just to “incorporate a fax” into the appropriate medical record. Let’s not forget that faxing is still prone to error. People change their numbers all the time, or they fat-finger a digit and before you know it, information is sent to the wrong fax number as highlighted by a case in Texas.
What You Can Do Right Now
The good news…every 2015 Certified Electronic Health Record Technology (CEHRT) system is capable of sending and receiving a Direct Secure Message, providing an easy alternative to fax.
However, some may not realize they have this functionality because it’s typically white-labeled or rebranded inside their EHRs, and the terminology used from each vendor to describe it may be different.
If you’re not sure you have Direct Secure Messaging, ask your EHR administrator. Find out what your Direct Address is and share it with all your community providers. With the evolution of any new communication technology, whether it be fax, email or mobile telephones…all required a user to compile a personal address book…Direct Secure Messaging is no different.
The Change is Simple
It really just starts with how you ask the question. Rather than asking for a fax number, shift the question to “What’s your Direct address?”
Email firstname.lastname@example.org to learn more.
HHS.gov Press Release: $2.5 Million Settlement Shows that not understanding HIPAA requirements creates risk
ReferralMD Article: 30 Healthcare Statistics That Keep Hospital Executives Up at Night
ReferralMD Article: Our Healthcare Referral System is Broken – Dollars Wasted, Lives Lost
HealthIT Security Article: Hospital Faxes Records to Wrong Person in Apparent HIPAA Violation