I love that too. You definitely don't see as many of them these days. By 2006 they were kind of a punchline (cf the TV series "30 Rock" and their portrayal as a goofy dead-end tech for weirdos, sold by Dennis Duffy).
This might or might not be an interesting digression (apologies if it's the latter!) but many medical professionals still carry beepers or pagers of some kind. Not like "an app on their phone that will ring your phone at you even through Do-Not-Disturb" (I have one of those), but something that is very recognizably an old school beeper. They often have a SIM card in them, and the newer ones sometimes have wifi as well for redundancy.
My wife is a nurse at a cancer treatment center, she coordinates care for extremely sick people who are getting very specialized treatments and she's kind of the front-line person for dealing with them and project managing emergency situations, so she and all the doctors she work with carry them. I thought it was actually pretty cool :)
I asked her about it once, and apparently the hospital system looked at the more modern app-based paging stuff and decided that while it was cheaper, the reliability hit wasn't worth it to them. The physical hardware for these things is outrageously sturdy, they have a lifespan of like a decade, they're extremely easy to replace. Sure, your wifi might be out or your telephony might be down, but that's a problem your app has to deal with too. Apps are easier to provision, but it's an extra layer of stuff that can go wrong (your phone is getting an update or out of battery, you left it in your car because you were playing music with it and forgot to take it out of the console, it got stolen because phones are recognizably valuable) so they just stuck with the old familiar form factor that does one thing, extremely reliably.
This isn't a criticism of the app-based paging systems or anything; they're quite reliable in my experience. I just thought it was a neat additional data point about the considerations that go in to the thought process about provisioning an alarm for your employees when the alarm almost always means either "I have a time-sensitive question about a patient's ongoing medical emergency" or "your patient is about to die".
Hospitals in my area of the US still use POCSAG pagers, totally unencrypted. They do mention patient information, but I guess the obscurity makes it ok.
> Hospitals in my area of the US still use POCSAG pagers, totally unencrypted. They do mention patient information, but I guess the obscurity makes it ok.
Nope, the obscurity doesn't make it okay. If it takes place over the phone lines, it is arguably exempt from encryption requirements under HIPAA (much like a fax).
Otherwise, they're just turning a blind eye and hoping nobody notices (which is surprisingly common when it comes to HIPAA).
The good news (for them, not for patients) is that, even if they get caught, the maximum fine is $2 million per calendar year per category of violation, so if they're flush enough they don't even need to bother being compliant in this area.
It's over the air, not even phone lines. PDW, SDRSharp, and an rtl-sdr dongle is all that's needed.
And yes, there is a lot of patient info in that traffic. It's not illegal for the hospital to broadcast this, and it's not illegal to listen in and decode the signals, but it is very much illegal to do anything with the information gathered.
> It's over the air, not even phone lines. PDW, SDRSharp, and an rtl-sdr dongle is all that's needed. And yes, there is a lot of patient info in that traffic. It's not illegal for the hospital to broadcast this, and it's not illegal to listen in and decode the signals, but it is very much illegal to do anything with the information gathered.
I'm not familiar with this particular technology, which is why I didn't make a definitive claim in my previous comment. But I am quite intimately familiar with HIPAA and related regulations, and I am extremely skeptical of the third sentence you wrote.
Maybe it uses particular spectrum that is considered illegal to tamper with, just like analog cell phone signals, and HIPAA (inappropriately IMHO) leans on that to explain away an exemption from encryption?
I don't think I have any logs of these any more, but when I was listening on the local hospital's pager traffic, I seem to recall messages that were along the lines of [last name][room number][sexually transmitted disease test is complete].
Surprised me at the time too because I used to do work dealing with processing CDA documents into fhir data and I know how crazy HIPAA can be with PHI/PII, but at the same time these legal frameworks often have carveouts or super serious adoption deadlines that keep getting pushed to next year (and then next year, and then next year).
At least twice, I've accidentally set my iOS devices to the Do Not Disturb focus mode. First time made me miss a job interview calendar reminder, leading to me (1) learn there's no way to disable this 'feature', the 'do not disturb' focus cannot be deleted, and (2) setting the DnD-focus-mode-specific wallpaper to something radically different from normal just so I'd spot it faster next time. It did happen again, but the second time I knew what was up even on the lock screen and turned the focus back to normal before it did any harm.
