Netflix, Hulu, Amazon Prime, Stan, Apple TV, SBS, iView, Disney, Discovery+, Binge, MUBI and of course YouTube. These streaming services are part of our daily lives. Australians spend 40 hours per week online, as much time as they do at work! For many in COVID-19 times, being online is being at work.
And it is all made possible by the National Broadband Network, an initiative of the Rudd Labor government in the noughties to provide high speed internet connections to Australian households and businesses. The roll out was accelerated (or cannibalised depending on your viewpoint) a few years later by the still very public Malcolm Turnbull when Communication Minister in the Abbott government.
Australia ranks 62 in the world for internet speed, comparatively slow for a developed nation but fast enough to allow for a couple of simultaneous Netflix streams.
The NBN runs on a packet switched network (PSN). Data is split into small packets to make the most efficient use of the infrastructure. And data is not just text but includes the Netflix media stream or your Zoom voice and video connections.
Unfortunately for North Coast medical practices the fax machine continues to survive from its pre-internet days. It uses the old public telephone switching network (PTSN) and this is not compatible with the NBN. However, it is possible to get a fax machine to work with the NBN using an adapter. Local IT providers like Rosh-Tech can assist in setting these up. Alas, the results can still be disappointing. It takes two to tango and also to complete a fax ‘handshake’. Sending a fax often fails in these situations. It is the bane of the medical receptionist’s life.
One solution is to use a fax provider. There are dozens to choose from. The providers offer several options but the neatest is to set up an email-to-fax gateway. The document is sent as an email attachment to the fax provider who then forwards it to the recipient as a fax.
It is not a secure means of communication in many cases and can be expensive if it is the practice’s default means of communication.
From a general practice viewpoint digital information is much preferred to the picture format of a fax or a scan. It is much smaller to store and can be searched at a later date within the patient’s record. This is of more relevance for general practitioners with responsibility for patient care over the long term rather than the episodic care of specialist medical practice.
Electronic transfer of patient data has had a long gestation in Australia. Its usage has risen slowly over 20 years. Radiology and pathology are almost exclusively sent electronically. However, GP/specialist e-communication is far from universal.
The major secure message providers (SMPs) are Medical Objects, HealthLink and Argus and they each provide a relatively seamless e-communcation channel for their users. However, they have different business structures and each uses slightly different technologies. They can interoperate to some degree but there are commercial disincentives to do so. It is a veritable eTower of Babel.
The government, incentivised by the COVID-19 pandemic, has pushed through a number of new electronic technologies in the last two years. These days nearly everyone has an email address and a smartphone – if only because you need it to get into the pub.
While it is now possible to email many patients their private health information it is a requirement of Australia's health privacy laws that this be done via secure means. Few have the capability of setting this up, so once again GPs and their staff are stymied.
The latest version of Best Practice, the electronic health record software, has introduced several new features, several of which are directed at improving secure communication.
Following Google’s lead over the last five years, Best Practice allows users to send email more securely through mail providers like Gmail, Apple, Yahoo and Microsoft. In addition they also default to sending documents in encrypted PDF format. Many will be familiar with this format having received similar documents from their bank or insurance companies. Decrypting the documents depends on each party knowing ‘the pin’, a shared secret, that will unlock the contents of the document.
While this is some improvement it does require that each party knows or has access to the key. A common method used by many companies is to use the subject’s date of birth.
Best Practice defaults to dd/mm but it is possible to set the decryption key to another random number. However, as the key is only four digits long it is trivial for any computer literate intermediary to crack. It is hoped that future versions of the software will have longer and stronger keys.
It is also important that the decryption key should not be shared with the recipient using the same communication channel, which is mostly email. If someone can intercept or access the original document they can usually access the follow-up message with the decryption key. One needs a back channel to send the pin.
Banks and web sites will often use a mobile phone number to send the pin. These one time pins (OTPs) are a considerable improvement in ensuring the privacy of the data sent.
Best Practice has a robust method for associating a mobile phone number with a particular patient and for getting permission to use that for doctor-to-patient communications. They have also developed an app that provides the same functionality.
In the future it is hoped that Best Practice combines these technologies so that we will finally have a secure way of communicating with our patients. When that happens receptionists around the country will rejoice.
Thirty years ago Phil Zimmerman wrote an asymmetric key encryption program, called Pretty Good Privacy. It remains today the standard for higher level encryption and is used for all serious secure communication. It is the default for Australia’s health Secure Message Providers.
The current approach by Best Practice is a great improvement on plain text communication but it is still far weaker. However, it is probably good enough privacy, at least for the time being.
