Instant messaging apps have become essential tools in our daily lives \u2013 their convenience, reliability and sheer ubiquity have transformed how most people communicate, both socially and professionally. At the height of the pandemic, their value within the healthcare sector became even more pronounced, as they enabled rapid information-sharing to help medical professionals learn how to deal with a hitherto unknown virus.<\/p>\n
In these circumstances, medical staff came to appreciate the benefits of being able to share details about individual patient cases, including photographs and other sensitive medical data. It facilitated timely and seamless collaboration, without which many more lives would have been lost.<\/p>\n
The benefits of \u2018off-the-shelf\u2019 messaging apps, however, don\u2019t come without risks. Within the medical sphere in particular, a mistaken message could put patient confidentiality and data protection in jeopardy, while threatening one of the most fundamental aspects of healthcare ethics.<\/p>\n
Since instant messaging apps are clearly of value within the health and social care sectors, a solution is needed to overcome data protection issues. In fact, this challenge was understood some time ago, and was a key influence behind the development of specialist healthcare apps such as Siilo, which places data security and medical compliance at the heart of its development.<\/p>\n
Designed specifically for healthcare professionals, Siilo undertook the task of preserving the usability that people expect from the technology, while simultaneously ensuring that patient data could be exchanged safely and compliantly.<\/p>\n
Paul Cowley, Chief Information Officer at St. John & St. Elizabeth Hospital (HJE) in St. John\u2019s Wood, London, recognised the importance of adopting a messenger service which has been tailored to the healthcare sector\u2019s unique challenges. \u201cTimely, effective and safe patient care often requires rapid communication with multiple clinicians and sometimes offsite. A secure, easy-to-use app is needed to facilitate this level of care.<\/p>\n
\u201cWhile temporary guidance was issued during the pandemic that allowed the use of well-known commercial messenger services to help reduce the risk of patient care being compromised, as a hospital we recognised that such services increase risk both in terms of patient data security and patient care, particularly because of the need to anonymise communications wherever practical.\u201d<\/p>\n
Unfortunately, many health and social care professionals and organisations are unacquainted with these issues. Indeed, a survey by the European Heart Rhythm Association (EHRA) revealed that 88.3 per cent of its members regularly use commercial instant messaging apps, like WhatsApp, for sharing clinical information with medical colleagues, yet 29.3 per cent admitted they were unaware of EU data protection regulations. A further 46.7 per cent indicated there are no regulations in place at their institution regarding the sharing of clinical data via instant messaging.<\/p>\n
Given that specialist tools have been developed, why are they not mandated among healthcare professionals? The problem is that many health and social care providers still don\u2019t understand the risks involved with off-the-shelf messaging apps because of a simple failure to differentiate between security and compliance.<\/p>\n
The basic promise of \u2018end-to-end\u2019 encryption, which is offered by the best-known messaging apps, certainly provides a strong element of security. It means the servers of the vendor cannot decrypt the message data even if they wanted to because they don\u2019t have access to the encryption keys that belong to this encrypted data. However, this only applies to data while it is \u2018in transit\u2019 from one phone to another. What happens when the data is \u2018at rest\u2019, i.e. delivered to a phone or other device?<\/p>\n
After a phone receives a message, several synchronisations take place with common messaging apps;photos and videos are synced automatically to the photo library of the phone, where the media is not encrypted; all conversations are backed-up by default and automatically go onto the cloud services of the phone provider \u2013 where message data is also stored unencrypted. As such, all these unencrypted conversations are exposed to unauthorized third parties.<\/p>\n
Importantly, the professional who makes the decision to share information about their patient is always held responsible for protecting the patient\u2019s confidential data. On a messenger app, this remains the same \u2013 the sender is always responsible and therefore needs to have control of what happens with the information on the receiving end of that communication. This control is often not possible and means many conversations taking place over common messenger apps are not compliant with medical confidentiality laws.<\/p>\n
This is a huge problem because it becomes impossible for any healthcare professional sending an instant message on most services to be able to guarantee patient confidentiality. A way which is often used to get around this is to anonymise patient information within communications, but this also brings problems.<\/p>\n
As recognised early on by Paul and his team at HJE, if healthcare teams cannot clearly identify which patient they are communicating about, it will almost certainly lead to confusion and mistakes. Since all healthcare professionals have sworn an oath to \u201cdo no harm\u201d, this risk is often one not worth taking.<\/p>\n
For staff at HJE, Siilo has become a key tool in improving communication and collaboration between staff, and therefore improving patient care. A good example of this can be highlighted via its use in supporting the hospital\u2019s Urgent Care Clinic (UCC), which is also helping to drive adoption in other departments.<\/p>\n
\u201cIf a UCC doctor feels the need for input from a specialist consultant or the patient needs onward referral to a consultant, the UCC doctor can now use Siilo to contact a relevant specialist consultant rapidly and securely wherever they are.\u201d<\/p>\n
It is also proving to be an invaluable component in the day-to-day running of its medical team. \u201cSiilo is now the \u2018go to\u2019 for some of our multi-disciplinary team meetings (MDTs). It solved a problem with a desire to increase the frequency of our MDT meetings without placing undue burden on the clinicians that contribute.<\/p>\n
\u201cIt also allows ad-hoc MDT meetings where clinical circumstances dictate a patient\u2019s case needs a review ahead of the next scheduled meeting. The messenger app allows clinicians to collaborate securely and contribute from whatever location they are working, regardless of their diary commitments.<\/p>\n
We know the opportunities for the app are vast and since adoption, we are already seeing options becoming wider and wider, with more exciting use-cases being frequently put forward by staff.\u201d<\/p>\n
A growing number of healthcare organisations in the UK are recognising the tremendous benefits offered by digitalisation to the healthcare sector. While this is encouraging, it is essential that tools and technologies are truly fit to meet the standards expected. For communications technologies, this means applying absolute rigour to ensure patient confidentiality.<\/p>\n
Joost Bruggeman is a former surgery resident at Amsterdam University Medical Centre and now CEO and co-founder of Siilo. For more information, please visit www.siilo.com<\/a>.<\/strong><\/p>\n