Anyone Still Use Faxing?
-
@BRRABill said:
@scottalanmiller said:
Then you have to fax things. I'm not sure what the question really is. You want an alternative to faxing but must fax. So an alternative isn't an option, right?
Well, I generally use FaxZero. But I'm assuming there is a better way of sending for a company.
I was also assuming there was an electronic way to get these faxes.
Well sure, you can use a VoIP system like Elastix or FreePBX, faxing is built in. It's still faxing just like it's still making phone calls. It doesn't replace the fax, just brings you into the last fifteen years of faxing
Still not replacing the ridiculous faxing system, though. -
@BRRABill said:
I've actually tried telling a few companies (such as Aetna) that I don't have a fax.
They basically say "go to Kinkos" or too bad.
At some point there needs to be a class action about security and accessibility of health care in the US. Faxing is used as an intentional barrier to services and a breach of security so that data leakage has a very visible excuse.
-
Back to the fax thing -
Can you even go electronic on the receipt? You've indicated that you can't because people have to hoover at the fax machine for a private fax.
We have all incoming faxes saved to a network share. There is a department who's job it is to look at that folder and pass out those faxes around the company.
You could, as Scott suggested, install a FreePBX system, buy as many DIDs as you have employees, assign one DID per employee, then have FreePBX send the fax via email to the user, but those costs could add up quickly.
-
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
-
@Dashrender said:
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
No different than email or anything else. So if you consider that enough to be considered secure, everything is secure.
The bottom line is, faxing is likely the least secure technology ever considered. You can call it secure or insecure, that's a grey area that requires you to define what you feel is secure. What you can't argue (not well, anyway) is that it is more secure than any other option. Everything, including traditional insecure voice calls, is more secure than faxing because faxing "just sends" without even casual authentication of the other end point. Get the wrong number and you literally get zero warning that you are illegally sending data, not even the benefit of a surprised receptionist on the other end.
-
@Dashrender said:
Email by self is not secure. it's like a postcard on the interwebs.
But just as secure as faxing
-
@scottalanmiller said:
Get the wrong number and you literally get zero warning that you are illegally sending data, not even the benefit of a surprised receptionist on the other end.
Sure, but what are the chances you dial a number close to the correct number and there's a fax machine there - it's super low. So there's a greater chance of it just failing due to bad number than the wrong person getting it.
What you do stand a good chance of doing though, is choosing the wrong fax number from a contact list to send to, but like email, that's not any more or less dangerous.
-
@scottalanmiller said:
@Dashrender said:
Email by self is not secure. it's like a postcard on the interwebs.
But just as secure as faxing
I disagree because you have to have physical access to intercept the fax, either inside the phone company or at one of the endpoints.
With email, I can get you to install malware and now I'm seeing everything on your computer, including your email - do you can't attack a fax machine like that.
The side channel communication method adds a layer of insulation, if not actual protection.
-
@Dashrender said:
What you do stand a good chance of doing though, is choosing the wrong fax number from a contact list to send to, but like email, that's not any more or less dangerous.
That part is true. But still more dangerous than a phone call where you get a second opportunity to verify.
But no matter what, fax remains the most insecure tool. You can consider it "secure enough" but if you do, everything is secure enough.
-
Well, to me it sounds like keeping our old fax machine and just continuing to buy ink is the way to go.
But as usual I've started three branching topics, LOL.
-
@Dashrender said:
I disagree because you have to have physical access to intercept the fax, either inside the phone company or at one of the endpoints.
Not if you get malware onto the fax machine, carrier equipment, or other.
And nothing is easier than physical access. Way easier than malware.
-
Unfortunately we are still using faxing. Argh. I still have 3 actual fax machines in 2 departments and we have a FaxFinder appliance with two modems that we have some DIDs going to. I was able to convince a user to let go of a rarely-used fax about 2 months ago after he moved offices. I played to his cheapness when I explained that it would cost almost a couple hundred to move the line to his new office. He said forget it. Winner!
-
With things like docusign for legal documents, why do we need to fax such things?
-
Well, I deal with the people most resistant to change and they deal with people in mom and pop shops that are also resistant to change. You want me to scan then e-mail? Why can't I just do one step and fax it?
-
Can't you install a fax server and register phone numbers through your provider? Then you have each phone number forward to a network folder where you control everything through group policy? You still get the faxes but the documents are not sitting on a device. That's the issue here right?
-
@wirestyle22 said:
Can't you install a fax server and register phone numbers through your provider? Then you have each phone number forward to a network folder where you control everything through group policy? You still get the faxes but the documents are not sitting on a device. That's the issue here right?
That is a part, yes. The other part is fat-fingering the fax number and sending something to the wrong place.
-
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
PGP takes care of this. Not many people use it for whatever reason, but it's easy to implement and secure. You don't need to give out a password, they just grab your public key from a publicly available repo or you could even email it to them. Then they just need their own password and their private key file. SFTP is also secure and easy to implement. Need to send me a file, just drop it in with FileZilla.
I think the big problem is getting people to actually care. I really believe the "ours is the only secure way" is like most other arguments. It's just a thing people say to ignore whatever you're talking about.
-
@johnhooks said:
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
PGP takes care of this. Not many people use it for whatever reason, but it's easy to implement and secure. You don't need to give out a password, they just grab your public key from a publicly available repo or you could even email it to them. Then they just need their own password and their private key file. SFTP is also secure and easy to implement. Need to send me a file at all, just drop it in with FileZilla.
I think the big problem is getting people to actually care. I really believe the "ours is the only secure way" is like most other arguments. It's just a thing people say to ignore whatever you're talking about.
We could never get doctors offices to do this. Period. I can't get them to do anything at all actually.
-
@wirestyle22 said:
@johnhooks said:
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
PGP takes care of this. Not many people use it for whatever reason, but it's easy to implement and secure. You don't need to give out a password, they just grab your public key from a publicly available repo or you could even email it to them. Then they just need their own password and their private key file. SFTP is also secure and easy to implement. Need to send me a file at all, just drop it in with FileZilla.
I think the big problem is getting people to actually care. I really believe the "ours is the only secure way" is like most other arguments. It's just a thing people say to ignore whatever you're talking about.
We could never get doctors offices to do this. Period. I can't get them to do anything at all actually.
That's what I mean. It's easier to use, and more secure but they will argue just to get you to be quiet and never do it. It's ridiculous.
-
@johnhooks said:
@Dashrender said:
What I haven't seen is a real easy to use replacement for faxing that is secure.
I know Scott doesn't thing faxing is secure because anyone can tap the phone line, record the whole transmission and then convert that into a text. The problem with that is that it requires physical access to one of the two sides where the phone lines are.
Email by self is not secure. it's like a postcard on the interwebs.
There are several ways to secure email,
- you could pre-encrypt a file, attach it to an email send it, call them and give them the password to decrypt it.
- you could use a service that offers secure email
While option 1 can be completely free, it's time consuming and difficult. Assuming someone uses a different password for every email they send, they will need to either keep track of those password, or consider the email lost after transmission. The same goes for the receiving end.
Option 2 is ridiculously expensive. Most services charge $5+ per month per user. And depending on how you deploy this it can still be a pretty big hassle to use, granted some can be pretty easy to use as well.
Faxing is nearly free in the grand scheme of things.
My office receives approximately 600 pages a day. When I've shopped around for cloud faxing services for this level of inbound faxing, I was looking at costs in the $700/month range. And this was before I looked into what was needed to actually get the faxes to my users.
In a pre existing faxing environment I already have a fax machine, so no extra costs, I have a phone line ($30/month) and I'm storing those on a file server that I already had for other purposes.Huge difference between $30/m to $700/m. Sure with the cloud solution they have dozens or hundreds of lines probably redundant sites, etc - but those things haven't been shown to be needed in my situation.
Then there's the other side - the people sending you stuff - how to you make them change their systems to get the information to you in another way instead of through a fax line?
There's also another issue we've run into. Our EHR has it's own faxing solution. We pick a patient and tell the system to send a fax to another doctors office. Then the fax goes into a queue. We've had more than a few calls where the other office is waiting for those faxes and after 20-30 min they still don't have it. The queue is so long or slow it can take hours to send from our EHR... to by pass this, we print the document, walk it to our fax machine and just fax it by hand.
The medical community is working to solve these types of problems with something called Direct Access - but it won't truly solve the problem, because as I understand it, Direct Access can only send over live data, it can't send things like PDFs, pictures, etc. That may change, but who knows when.
Tons of companies use things like DropBox and Box, and maybe even ownCloud to send these files around - but I just can't see them working in this situation.
I'm all ears for whatever I'm missing.
PGP takes care of this. Not many people use it for whatever reason, but it's easy to implement and secure. You don't need to give out a password, they just grab your public key from a publicly available repo or you could even email it to them. Then they just need their own password and their private key file. SFTP is also secure and easy to implement. Need to send me a file, just drop it in with FileZilla.
I think the big problem is getting people to actually care. I really believe the "ours is the only secure way" is like most other arguments. It's just a thing people say to ignore whatever you're talking about.
Actually sit down and write out a set of instructions on doing this - it's like 20 steps. They already don't want to do it.. and now they have a new 20 step process to learn - GAWD, can't I just use my old way? lol
Those things are easy for you and I, not the lease because we care about security. But those things are nearly infinitely harder than dropping some paper on a fax machine, typing a phone number and hitting send.
I walked someone here through printing to PDF - it was like 22 steps. The current process is print, gather, print, gather, drop on fax machine send. printing to PDF gets rid of our paper costs, but adds labor costs (people who don't want to do this in the first place will always be slow about it).
