At OnPage, we have long rallied against pagers, highlighting the problems they cause when used as a form of communication between doctors. In many blogs and whitepapers, we have described how:
Our goal, in persistently extending this message is to encourage physicians and hospital staff to use secure, HIPAA compliant communications instead of pagers. But little that we write could be as powerful as the art instillation created by Brannon Dorsey called Holypager.
One man’s pager is another man’s art
We read about Dorsey’s exhibit in an article that was forwarded to us. His exhibit, Holypager is designed to intercept all POCSAG pager messages sent in the city of Chicago. Once intercepted, the messages are all anonymized and then printed out at the exhibit on one of three rolls of receipt paper. The display makes for a large paper pile-up for gallery visitors to view.
While this might not be everyone’s definition of art, Holypager does none-the-less seem to always elicit a reaction. People seem genuinely surprised that pagers’ messages are so easily hacked. Perhaps, they think, patient information should be held to a higher level of security.
An artist’s message of privacy
Perhaps as surprising as the ease with which the pages are hacked is the source of the messages. Almost all of the messages are sent between doctors and hospital staff. According to Brannon, messages almost all contain:
I’m sure visitors to the exhibit expressed thoughts such as ‘Isn’t that sort of information supposed to be protected’? Shouldn’t there be some form of encryption on that information?
Yes, pieces of information like name and diagnosis are clearly PHI. Exchanging the information in a manner which is so easily hacked is a clear HIPAA violation. Doctors are violating HIPAA norms when they exchange this information over pagers rather than using HIPAA compliant messaging.
According to HIPAA Standard 164.306 “doctors must ensure the confidentiality of all electronic PHI they transmit and protect against any reasonably anticipated threats or hazards to the security or integrity of such information”. As the Holypager exhibit demonstrates the standard of confidentiality is far from maintained.
According to Brannon,
Given the severity of the HIPPA Privacy Act, one would assume that appropriate measures would be taken to prevent this information from being publicly accessible to the general public.
The seemingly obvious answer to Brannon’s assumption is that appropriate measures are not being taken. Brannon hopes to show his results to the hospitals whose pages he has intercepted and let them know they need to embrace more secure messaging methods.
Conclusion
The artist believes that his project is meant to serve as a reminder that as the complexity of digital systems increases, humans don’t always develop a corresponding level of literacy about the systems.
Maybe.
But what I think is easy to get across here is that pagers are a technology whose ship has long ago sailed. Perhaps we’d all be much better off if we recognized the need for our physicians to use and maintain HIPAA compliant communications.
Gartner’s Magic Quadrant for CC&C recognized OnPage for its practical, purpose-built solutions that streamline critical…
Site Reliability Engineer’s Guide to Black Friday It’s gotten to the point where Black Friday…
Cloud engineers have become a vital part of many organizations – orchestrating cloud services to…
Organizations across the globe are seeing rapid growth in the technologies they use every day.…
How Effective Are Your Alerting Rules? Recently, I came across this Reddit post highlighting the…
What Are Large Language Models? Large language models are algorithms designed to understand, generate, and…