Get smart

As trainees increasingly make use of smartphones at work, it’s vital that patient confidentiality is not compromised

WHEN was the last time you used your smartphone to make a call or send a text/picture message regarding a patient’s care? Or perhaps you use an app to assist in diagnosis or dosage calculations?

Chances are you are among the growing number of trainee doctors who make regular use of their phones at work.

A recent survey in the Postgraduate Medical Journal questioned 108 F1 trainees, and 102 of them said they owned a smartphone. Of those, on at least a daily basis for the purposes of work, 83 per cent said they made/received phone calls, 87 per cent sent/received text and 41 per cent sent/received emails on their phone. what’s more, 53 per cent had used their smartphone to take a work-related picture, in most cases to get advice about a wound or for research purposes.

Apps are also commonly used by trainees, with popular ones provided by the British National Formulary, MIMS, SIGN and NICE.

But do you think about the security of patient data and issues of confidentiality when using your phone?

The PMJ research concluded: “There is a need for guidance on how patient information can be safely secured and transmitted using smartphones, their appropriate use, and any restrictions on the use of these devices in certain clinical settings.”

It called for improved hospital policies on mobile and smartphone usage to avoid confidentiality breaches.

There are a number of key points to keep in mind when using your phone at work.

Before considering whether to take a photograph of a patient on a mobile phone, you should be aware of your local organisation’s policy and seek approval to do so from your employing or contracting body, a Caldicott Guardian (the person responsible for ensuring data security) or equivalent. Robust arrangements must be in place to transfer the image to the medical records and to ensure that the image is kept securely and protected from unauthorised viewing.

The General Medical Council has investigated a number of doctors in recent years relating to patient photographs, often where the doctor’s intentions have been wholly appropriate.

Be sure to comply with GMC guidance Making and using visual and audio recordings of patients which states: “You must get the patient’s consent to make a recording that forms part of the investigation or treatment of a condition, or contributes to the patient’s care... You should explain to the patient why a recording would assist their care, what form the recording will take, and that it will be stored securely.”

The guidance goes on to explain that doctors should, where practicable, explain any possible secondary uses of the recording in an anonymised or coded form and that key elements of the discussion should be recorded in the patient’s notes.

In situations where an adult patient lacks capacity, you must get consent from someone who has legal authority to make a decision on their behalf. where no one with authority is available or immediate treatment is required, photographs may still be taken where they form an integral part of an investigation or treatment.

The GMC’s Confidentiality guidance makes it clear that any personal patient information that you hold or control must be “effectively protected at all times against improper disclosure”.

It adds: “You must make sure that anyone you disclose personal information to understands that you are giving it to them in confidence, which they must respect.”

The GMC acknowledges that many breaches of confidentiality are unintentional and advises against discussing identifiable patient information where you can be overheard, whether in a public place or in an internet chat forum.

Doctors should not share passwords or leave patient records (on paper or on a screen) unattended or where they can be seen by others. Other basic precautions are advised, such as ensuring your device has its passcode lock activated with a limit set on the number of failed attempts allowed.

Many NHS policies on mobile phone use by doctors relate more to practical aspects of phone maintenance and fair usage rather than issues of confidentiality, but some do go into more detail.

Rotherham CCG, for example, has a smartphone and tablet policy which states: “ where the processing of NHS patient information is proposed on smartphone or tablet devices, additional authorisation must be obtained from the organisation’s Caldicott Guardian and the device must use encryption software.

“Sensitive data, including that relating to patients, should not routinely be stored on an NHS device and where necessary should be kept to the minimum required for its effective business use in order to minimise the risks and impacts should a breach occur.”

If you use your smartphone for personal messages or emails, then take extra care to ensure any patient-related correspondence is kept separate and that patient details or images are not stored on the device.

While smartphone use by doctors is becoming increasingly common, you should always first seek advice from your employing/contracting body and be sure to comply with GMC guidance. Even doctors with the best of intentions can find themselves in professional difficulties if they do not take a cautious, informed approach to using their device at work.

Joanne Curran is an associate editor of FYi