Doctors who share clinical information over file sharing apps and websites may be breaching their ethical obligations, the Medical Defence Union (MDU) has warned.
The UK’s leading medical defence organisation issued the warning in response to a number of reports from its doctor members that they are increasingly making use of apps to share clinical information. A recent report highlighted doctors’ use of Snapchat to send patient scans to one another, which it branded as ‘insecure’ and ‘risky’, and writing in the Guardian one doctor highlighted how messenger apps were used to communicate within teams during emergency situations.
Beverley Ward, MDU medico-legal adviser, said: “It’s understandable that doctors are using the same technology they find useful in their personal lives to communicate with colleagues professionally. However, they may not be aware that in sharing patient information this way, they run the risk of data getting into the wrong hands.
“If doctors are using their own mobile phone to share personal information, there is the potential for it to be lost or stolen, or for the information to be accidentally sent to the wrong recipient. Doctors have an ethical duty, set out in GMC guidance and a legal duty under the Data Protection Act to make sure personal information is protected from improper access, disclosure or loss at all times. In addition, doctors could be in breach of their contract, risking disciplinary action by their employer.
“For these reasons, a personal computer, tablet or mobile device shouldn’t be used to capture and store patient data, even if the data is later transferred to the patient record system and deleted from the device.”
MDU advice to doctors on sharing clinical images includes:
- images should ideally only be taken on a dedicated clinical camera, which would need to be kept secure at all times, such as in a locked room or cabinet
- the image of a patient should quickly be downloaded onto the clinical record system and then deleted from the camera
- get the patients’ consent to take the image and to share it with a colleague for a second opinion, and record this discussion with the patient
- ensure the picture is transmitted and stored securely using official secure IT systems, such as NHS mail, to communicate within the team
- try to make sure the patient cannot be identified in the image if possible. Along with removing obvious identifiers such as names and locations, consider whether the photograph could include a feature allowing the patient or someone else to be identified.