With almost all doctors now owing a smartphone and their technological capabilities ever increasing, it is inevitable that clinicians will use their personal devices to assist them in aspects of their professional life. We have previously advised on some pitfalls of using smartphones for clinical messaging or sharing images of patients and we will revisit the key points relating to these issues as well as considering some other potential problems.
When it comes to professionalism and the use of mobile phones there are aspects to consider that relate to most professions. For example not having an offensive ringtone; not taking non-urgent private calls when dealing with clients/patients; turning off the ringer ahead of meetings; and not allowing excessive use of the phone, for non-work related purposes, during work time to negatively impact your productivity or focus.
An infection control risk
The importance of hand hygiene is well established in clinical environments. Various studies have been done to investigate what bacteria are found on healthcare workers’ mobile phones and the infection risk these could pose to the health of the owner, patients and colleagues. This concern has become particularly acute during the COVID-19 pandemic.
Not only have environmental and commensal organisms been found on hospital staff’s mobile phones but also potential pathogens such as MRSA, E. coli and epidemic viruses.
The way mobile phones are used means they are ubiquitous in our society, and therefore we need to be aware of their impact on infection control.
If you do plan to use your phone at work at all, then it is important to be aware of the hygiene implications of having good hand hygiene but then regularly touching an object that goes from the community to the hospital, from ward to ward, bedside to bedside, and then back home at the end of the day.
You may wish to invest in a cover that allows for appropriate cleaning and check with the infection control team at any of your placements what their policies are with regard to mobile phones in clinical areas and cleaning requirements.
Bring your own device
If you plan to use your phone for work related purposes, you will need to ensure that in doing so you comply with the relevant Trust’s policies regarding this. NHS digital have guidance on bring your own device (BYOD) which sets out how data can be protected when staff may use their own devices at work. While this may be more applicable to qualified doctors and employees of the Trust it would be prudent to liaise with the Information Governance team during hospital placements before using your smartphone or tablet for work related purposes.
NHS England’s stance has changed in recent years about the use of web-based messaging apps. While initially advising healthcare professionals against using commercial messaging apps, following their use during the WannaCry ransomware attack and terrorism incidents, NHS Digital released further guidance on the use of instant messaging software
In light of the ongoing COVID-19 pandemic, new information governance advice has recently been issued by NHSX, a joint unit of organisations including, the Department of Health and Social Care and NHS England.
This states it is fine to use commercial mobile messaging apps to communicate with colleagues or patients, provided there is no alternative and the benefits outweigh the risks.
Smartphones can be invaluable to healthcare workers in many ways including allowing them to research and exchange learning with peers; accessing relevant information; and communicating efficiently with colleagues.
The guidance highlights the importance of considering what type of information is being shared and with whom as well as limiting the communication of confidential patient information as far as possible.
By way of further reassurance, the Information Commissioner's Office (ICO) has recognised the need for healthcare professionals to be able to communicate directly with people while dealing with the pandemic. Therefore, the ICO has assured NHSX that it cannot imagine a situation where it would take action against a healthcare professional trying to deliver care.
The guidance from NHS Digital suggests further safeguards, including the importance of:
- balancing the privacy risks of using instant messaging versus the potential benefits in specific situations
- minimising the extent of patient identifiable information sent over instant messaging
- recording advice provided in the notes – instant messaging threads are no substitute for comprehensive, legible medical records
- double checking the message is going to the correct intended recipient(s) before hitting send
- ensuring messages cannot be read on your device's lock-screen.
Another point to consider is whether messages to your smartphone also go to a linked tablet where someone else might read them.
Closed messaging groups
We have previously advised on the dangers of assuming that doctor or student only online forums are secure places to vent or discuss clinical cases. The same principles apply to conduct on closed messaging groups. Some of the key points about posting comments or pictures in such groups include:
- Many of these closed groups have numerous members, the wider the audience the higher the risk that your messages may be leaked outside of the intended group.
- Despite some professional messaging groups requiring prospective members to provide some form of confirmation that they are doctors or students or inclusion being by invite only, it is entirely possible not everyone on these sites is a medical professional.
- Even among colleagues and fellow students there will be variations in opinion on what is humorous and what is unprofessional.
- Be mindful of how a patient may be identified even if their name is not given, and how posting may unintentionally breach their confidentiality.
- Similarly, when sharing copies of letters written by colleagues or others, just redacting the identifiers on the letter may not be enough to protect the patient or sender's identity.
- Consider how the individual the post relates to would feel if they read your comments. Patients go to doctors with the expectation of confidentiality.
Confidentiality and photos taken or shared by smartphone
The GMC says that you must only take photographs if the patient gives their consent.
Taking photographs or making audio or video recordings for a purpose other than direct patient care is classified as making the recordings for secondary purposes. Secondary purposes include teaching, research and assessments. Before taking such photographs you should tell patients:
- the purpose of the image and how it will be used; you should explain what WhatsApp is and who has access to it if the intention is to share it via this app.
- how long the image will be kept and how it will be stored. You should be aware of the possibility that images shared by various apps to other smartphones might inadvertently be stored in the recipients’ photograph albums on their individual devices and be backed up to cloud storage.
- that they can withdraw consent at any time and that this will not affect their clinical care.
You should not use the photograph beyond the scope of the original consent without further consent.
If the patient has consented to only anonymised images being shared with other students, you should be aware that it is not enough to simply ensure their face, or identifiers if the photo is of imaging or test results, is cropped. The identity of the patient may be determined by piecing other information together, for example if the condition that the patient suffers from is extremely unusual, if the photograph also contains other features such as tattoos or jewellery. That information might be pieced together to identify the particular patient.
Tips for using your smartphone safely at work
As outlined above, smartphones can be invaluable to healthcare workers in many ways including allowing them to research and exchange learning with peers; accessing relevant information; and communicating efficiently with colleagues. However, there are potential pitfalls with their use to be aware of and it is important that before using them for anything related to the clinical care of patients that you have considered your ethical obligations and follow any relevant local policies with regard to data protection and infection control.