Of all the failings of our medical system I don’t think I would cite having safeguards for patient privacy that require explicit unambiguous consent in the form of a paper signature and mandates for secure communication channels. Yes it’s kinda silly that faxing is still allowed and grandfathered in but a lot of times the lowest common denominator since everybody can get a phone line.

You actually can email that scan, your email provider just has to be part of DirectTrust.

I think it's the cost of the bureaucracy and systems that are a major failing, not privacy itself. The litigation involved is also expensive. I'm trying to get my kid's record transferred to primary care from two hospitals and it's a nightmare. I feel like most of the frustration could have been avoided if the personnel involved were properly trained. The costs of visits and treatments include this overhead.

It doesn't matter if the signature is on paper since the files are digitized and thus exposed to attacks. Not to mention that fax isn't really more secure than email. I have yet to see a provider near me who will accept a scanned document through email, but maybe that's different in other areas. Medical files go for a high price on the black market, but they are still fairly prevalent.

This is different than a hospital, but quite cheaper than a normal primary care visit ($200ish). https://www.bloomberg.com/news/articles/2019-12-13/pittsburg...

Anyways, there are tons of problems and costs in the system.

> It doesn't matter if the signature is on paper…

I’m not saying that having them on paper makes them more secure or anything, just that signing hard copies is the best way to make sure the signer actually understands what they’re doing and the gravity of it. For you I realize this is not such a great feature but for a system that has to work for absolutely everyone pen and paper works really well. But yeah I’m sorry you had such a painful experience with it. It’s supposed to be one request, you fill out the sheet with the doctor’s info and it shows up at their office.

My bad, of course you can’t email documents to your doctors. The issue is that Gmail isn’t set up to process your medical data. Doctors can email other doctors though with that system. I agree that faxing isn’t exactly the panacea of information-theoretic security but it’s pretty good in terms of policy-security. You’re not going to accidentally have your faxes processed for marketing data and anyone who tries risks big-time jail. Plus faxing these days is all digital and encrypted beyond the last mile. Not super dissimilar to the evolution of email having to bolt on security features after years and years. Unless you’re using a literal physical fax machine it’s very likely that your fax was encrypted the whole way.

I’m surprised your office doesn’t have a patient portal of some sort with an document uploader.

The primary doesn't have a portal. The hospital does, but apparently I had to sign up while there (no one told me). Portals cost money, which raises prices and increases attack surface - not something I particularly like.

I swear we signed a release at the primary that they can request the record from anywhere, but so far it seems to be a big fiasco. I strongly question the training and professionalism that our doctors recieved. My kid suffered an SVT 48 hours after recieving 4 vaccines. While I acknowledge vaccines as generally safe and a great modern accomplishment, the staff seems to be brainwashed into thinking they are infallible. Everyone said it can't possibly be associated. Show me the VAERS and PubMed data then? Looks like I have to submit to VAERS and do the data analysis myself. Who knows, maybe I will be published in a journal if I find some strong correlation. No one else will try.