Whatsapp and the NHS

The recent cyber attack that left the NHS virtually crippled has had many of us question how well protected is our confidential personal information held by the NHS.  The latest information provided to the BBC appears to show our concerns are well founded and recent events could just be the tip of the iceberg.

Use of internet-based messaging apps to send patient information is banned under current NHS guidelines, however, doctors and nurses are using WhatsApp and Snapchat to share information about patients “across the NHS”, health professionals have told the BBC.

GP Alisdair MacNair said he was aware of a number of medical groups using WhatsApp to discuss patients. “I have also seen chat on Facebook groups that sails pretty close to the wind in terms of discussing medical information. I’ve definitely seen stuff which is one step away from being patient identifying. I’m very wary of going near anything like that because of the risk of breaching data laws, but it would appear others don’t seem to be aware of the risks.”

Georgie Gould, a junior doctor who last year conducted her own study of how doctors were communicating, found 30% of surgeons at St Peter’s Hospital in Chertsey, Surrey, were using WhatsApp as part of their day-to-day communication. It bears out similar findings published in the British Medical Journal, which found that of 2,000 doctors across five hospitals, a third were using web-based apps to send clinical information.

According to NHS England’s guidelines, the use of WhatsApp or similar app is strictly banned for the purposes of sending patient data. However, the NHS does not provide an alternative digital sharing system, which is compliant. Instead, doctors are required to contact each other by pager or fax. “The process is lengthy,” said Dr Gould.

Dr Felix Jackson, who runs MedCrowd, a digital messaging service for health workers, told the BBC he saw use of WhatsApp while he was working as an anaesthetist. “Such platforms are used extensively, but it is against the law,” he said. Anonymising data meant doctors might “just about get away with it”, he added, but that would not continue forever. “No major error has come to light yet, but it is only a matter of time before a senior doctor leaves his or her phone on the train and someone gets hold of the all the conversations about patients and suddenly someone’s HIV status is made public,” he said.

Dr Gould continued to say that clearer guidelines could solve the problem. She said: “Most doctors know that it is not OK to use full names, but are initials OK? Is it OK to say, ‘The lady in Bed 2 is running a temperature’?” It needs a separate app for medical conversations, with its own password,” she added.

Obviously, we are ambassadors for digital communication here at ThinkinCircles but, as with all things, it has to be done correctly and appropriately. When social usage crosses the legal line and compromises personal data protection then things need to be addressed. If you need to find out more about whether social media is being used appropriately in your business why not have a chat to our MD James?


Posted in