During the ONC Interoperability Forum last August, CMS Administrator Seema Verma said, “The federal government spent over $35 billion on the effort to get doctors to use Electronic Health Records…new technology that is making their work more difficult, not less – causing more physician burden and burnout. Because of it, doctors today are still recording their notes on paper, and they are still faxing patient records.”
Her challenge to the room of developers was to eliminate the fax machine from physician offices by 2020. Although no legislation on this effort has been passed, there is little doubt it is coming soon. And it’s not just the cost of inefficiency leading the way. The new impetus is the increasing security risk of fax machines. It seems no technology has been left “unhacked,” not even the fax machine.
75% of all medical communications are still done by fax.
Increasing Cyber Threats
When we think of the black market of data, we tend to think of social security numbers and credit cards. The former is worth about 10 cents and the latter 25. But a health record can bring hundreds or thousands of dollars. The reason is that the EHR contains the most comprehensive of personal information such as work history, names of relatives, medical conditions, and prescriptions, in addition to social security numbers and credit card information. This information can be used in a myriad of ways, including identity theft and blackmail.
While we’ve all heard about data breaches via email fishing schemes, the fact is that the same breaches are even easier over fax machines. To infiltrate a system via fax, hackers merely need the fax number, which is usually available on a company’s website. In this case, no human intervention is necessary, meaning no one has to physically click a link in an email to open a pathway into the provider’s system. According to an article in Healthcare Innovation, hackers infiltrate systems by sending a specially coded image to a fax machine. Once received, the fax machine automatically decodes the image, which then releases malware to the machine’s memory. From there, the malware spreads across any network connected to the fax machine, enabling it to gain access to PHI and other patient-related data. This type of breach is especially harmful as fax machines are typically connected to so many networks, putting thousands of patient records and provider systems at risk.
Leveraging Technology to Bypass the Fax
Anytime you introduce new technology or workflows into a practice that is already struggling to keep up, you can be met with pushback. Such is the case with the adoption of the EHR where the intended benefits create new headaches and more work. But this is not the case with all new technologies.
One such example is online referrals. By automating and digitizing the referral process, referring practices spend less time on the phone, manual efforts are eliminated, and patients get the right care from the right specialist faster. Likewise, specialists can customize referral portals to their specialty to help improve provider relationships and build stable referral volume. Lower costs, faster referrals, and happier, healthier patients—all with less work, not more.
The best online referral solutions are those that work alongside any EMR, practice management system, or patient CRM without having to invest in expensive, complex technology integrations. This type of solution allows results to be automatically stored within the patient record, so there's no need for separate logins to separate systems. That saves time and resources that could be better spent on direct patient care.
With online referrals, hackers never get access to patient data
Benefits of online referral technology:
- Less than 5% go unscheduled
- 0% are lost
- Takes just 90 seconds for referral requests
- Reduces paperwork
- Auto-verifies insurance eligibility
- Eliminates time-consuming phone calls
- Analytics provide insight into referral patterns and opportunities
The escalating threat of cyber-attacks on fax machines also escalates the threat to your patients. As long as we continue to embrace outdated, increasingly vulnerable fax machines, we are telling our patients we just don’t care about the security of their data. The mantra of providers is to “first do no harm.” In today’s healthcare environment, that promise needs to extend beyond the exam room and into the back room.
 https://www.cms.gov/newsroom/press-releases/speech-remarks-administrator-seema-verma-onc-interoperability-forum-washington-dc  https://www.vox.com/health-care/2017/10/30/16228054/american-medical-system-fax-machines-why  https://www.forbes.com/sites/mariyayao/2017/04/14/your-electronic-medical-records-can-be-worth-1000-to-hackers/#2a10211450cf  https://www.hcinnovationgroup.com/cybersecurity/article/13010554/attackers-use-fax-machines-to-take-over-networks-spread-malware-check-point-finds