Report: NHS Doctors Sending Patient Scans via SnapChat

Report: NHS Doctors Sending Patient Scans via SnapChat

NHS clinicians are being forced to use insecure and non-auditable technologies because of a dearth of digital innovation in the Health Service, even using SnapChat to send scans to each other, according to a new report.

The DeepMind Health Independent Review Panel Annual Report is a detailed appraisal of the project the Google company is currently undertaking with the Royal Free Hospital, and was established last year by DeepMind itself.

The deal was heavily criticized by the ICO earlier in the week, with the privacy watchdog claiming the London hospital had broken the Data Protection Act by failing to safeguard patient data.

This report admits that there was a “lack of clarity” in the initial info-sharing agreement, but maintains that this has been corrected and commends the AI firm for “overall high level of data security, reaching industry best practice in many areas.”

However, the Health Service doesn’t come off so lightly.

The report claims that “the digital revolution has largely bypassed the NHS”, and that even in 2017 it still retains “the dubious title” of the world’s largest purchaser of fax machines.

It continues:

“Many records are insecure paper based systems which are unwieldy and difficult to use. Seeing the difference that technology makes in their own lives, clinicians are already manufacturing their own technical fixes. They may use SnapChat to send scans from one clinician to another or camera apps to record particular details of patient information in a convenient format. It is difficult to criticise these individuals, given that this makes their job possible. However, this is clearly an insecure, risky, and nonauditable way of operating, and cannot continue.”

Andrew Barratt, managing principal at consultancy, Coalfire, claimed the ICO would take a dim view of doctors using SnapChat to send sensitive patient details.

“Both individual doctors and NHS trusts could face fines and additional penalties. Having worked with the healthcare industry for more than 10 years, I know that the NHS IT infrastructure can be an issue for some,” he added.

“While the UK government did take steps to improve IT security by issuing the NHS Information Governance Toolkit, further help is needed.”

Source: Information Security Magazine