NHS guidelines on mobile messaging 'are flawed', expert claims

Joost Bruggeman, chief executive of Siilo, discusses the limitations of recent government guidelines regulating the use of mobile messaging services such as WhatsApp by NHS staff

New guidelines cover the use of mobile messaging solutions, such as Siilo (pictured), by healthcare staff

Experts have called into question new NHS guidelines on the use of mobile messaging channels such as WhatsApp by healthcare staff.

NHS England, NHS Digital, Public Health England, and the Department of Health and Social Care have developed a set of guidelines warning health trusts to use only apps and other messaging tools that meet NHS encryption standards, and to make sure staff only use their own devices and prevent other people from borrowing them.

In the guide, staff are also advised to disable message notifications on their lock screens so that patient confidentiality is protected, to keep clinical records separate from personal files, and to delete the original messaging notes once they have been transcribed and migrated to the official patient medical record.

There are a number of fundamental inadequacies in the guidelines that need to be addressed if we are to improve collaborative communication in the NHS and ultimately provide better patient care

But experts are warning the guidelines are likely to make NHS staff believe that using applications like WhatsApp and Telegram as work messaging apps are safe, secure and compliant - a view critics describe as ‘seriously short sighted’.

A poor prescription

Joost Bruggeman, chief executive of Siilo, told BBH: “There are a number of fundamental inadequacies in the guidelines that need to be addressed if we are to improve collaborative communication in the NHS and ultimately provide better patient care.

“For instance, there is a total lack of clarity.

“The guidelines are designed to set out clear information governance considerations for staff on the use of instant messaging software in acute clinical settings. However, the document fails to define what an acute clinical setting is, which could lead to inappropriate use of mobile messengers.”

For example, he said, a resident in general surgery may see an acute patient in A&E. This patient needs immediate attention from their consultant and they message that person instead of calling.

“This is an acute clinical setting where the use of messengers could be considered dangerous as it might cause delays, and a statement like this from the NHS could be interpreted that messaging can be legitimately used in this situation,” said Bruggeman.

He added: “Another example could be where a consultant in interventional radiology sees something during a procedure on a patient that they do not understand, but they know they can save this person if someone can diagnose the problem.

Joost Bruggeman is concerned the guidelines do not do enough to enable communication while protecting patients

“To get some clarity, they broadcast the patient's images on Twitter and, as a result, save the life of my patient because they made the decision to prioritise the patient over their privacy.

“In this instance, and in cases of mass casualties or level one trauma events, would doctors be wise to prioritise privacy over patients’ lives? The guidelines need to make clearer statements on this.”

And he advises: “If the guide is designed to educate NHS staff on how to judge if a messenger is suitable for sharing patient data, shouldn’t they do more than focus on five features and recognise these as mandatory functions?

There are too many compounding factors and risk for human error that could result in sensitive patient data getting into the wrong hands

“Well, in the list they mention five criteria, but in the table they drop ‘end-user verification’; perhaps the most important one.

“Are they assuming that the features listed make them ‘compliant’, simply because they have stated this on their websites, privacy statements, and end user agreements?

“What about transparency of the security measures? What about a processor agreement between the medical professional) and the software provider? If so, they have missed the fundamental requirements of GDPR.

“To be GDPR compliant, security-by-design is the rule, not the exception.

“The guidelines expect all users to disable certain features that are ‘on by default’ to force compliance, but by relying on their good nature you can never guarantee that the receiving end – which is most important to you as the data sharer – has also got their settings right.

“There are too many compounding factors and risk for human error that could result in sensitive patient data getting into the wrong hands.”

Great expectations

The guidelines conclude that users should ‘separate social groups on instant messaging from any groups that share clinical or operational information’, putting the onus firmly on the users with great expectations for them to transcribe and delete messages and protect patient confidentiality.

In order to address this, users must therefore have another app installed alongside their personal choice, ignoring the fact that certain apps lack the option to create different chat types.

We can only hope that on reflection, they acknowledge the shortcomings in the guide and consider the array of options available to them

Bruggeman said: “The authors of the guide chose not to include applications that are specifically designed to cater for clinical professionals, which by design separate the personal and professional aspects of users’ lives.

“What is apparent is that the governing bodies involved in the guide missed the opportunity to set a precedent by moving away from mainstream options and advocating the use of clinically-proven alternatives that are really changing the NHS for the better.

“We can only hope that on reflection, they acknowledge the shortcomings in the guide and consider the array of options available to them.”

But the guidelines have been defended by NHS chiefs, who said the use of such communication systems have proven vital, particularly during major incidents such as the London terror attacks and Grenfell Tower fire.

Dr Helgi Johannsson, a consultant in anaesthesia at Imperial College Healthcare NHS Trust, told the Telegraph the guidelines were welcome, adding: “Fully encrypted instant messaging services can be a particularly useful communication tool in delivering care to people during a major incident.

“From the Westminster attack we learnt it was important not to overload the emergency care co-ordinators with offers of help, so with Grenfell we used instant messaging to help co-ordinate which staff should come in, who was needed where, and to plan the service for later on that day which vastly improved the care we were able to provide.

"These sensible guidelines will make the care of our patients safer through better communication by NHS staff."

And the NHS’s chief clinical information officer for health and care, Dr Simon Eccles, added: “Helping people during a crisis like the Grenfell fire demands a quick response and instant messaging services can be a vital part of the NHS toolkit.

"Health service staff are always responsible about how they use patients' personal details and these new guidelines will help our doctors and nurses to make safe and effective use of technology under the most intense pressure."

Companies