

Speaking as someone who works directly in the field: this is just plain factually incorrect. Encrypted email is compliant with patient privacy regulations in the US.
The issue is entirely cultural. Faxes are embedded in many workflows across the industry and people are resistant to change in general. They use faxes because it’s what they’re used to. Faxes are worse in nearly every way than other regulatory-compliant means of communication outside of “this is what we’re used to and already setup to do.”
I am actively working on projects that involve taking fax machines away from clinicians and backend administrators. There are literally zero technical or regulatory hurdles; the difficulty is entirely political.
To be clear, this is specifically what I was calling incorrect:
Faxes are one compliant means of electronic communication. They’re just not the only one. Secure email is fine.