Create a protocol or API spec on top of HTTPS or something else and use it. I don't know where you ar at but surely the government can just say "hey guys support this secure protocol before 2022 or you're out".
I can log on and read any of my medical records at any time and the information is aggregated from multiple sources. What's the issue?
If you use fax you won't even be able to see some kind of central audit log for your data. That's pretty crazy.
> Create a protocol or API spec on top of HTTPS or something else and use it.
This is basically what they've done with EDI/X12 over AS2, which was also mandated by HIPAA. The problem is that EDI is a pain to work with as a data format and hooking up to other trading partners can take weeks of coordination between IT teams (sending "implementation guidelines" back and forth). When EDI is the alternative it's not hard to see how the fax machine survives.
I can log on and read any of my medical records at any time and the information is aggregated from multiple sources. What's the issue?
If you use fax you won't even be able to see some kind of central audit log for your data. That's pretty crazy.