Two-Fifths of NHS Staff Break Policy Via WhatsApp Use: Report

Two-Fifths of NHS Staff Break Policy Via WhatsApp Use: Report

An estimated half a million NHS staff rely on consumer-grade IM apps like WhatsApp at work, potentially exposing their employer and patients to privacy and security risks, according to a new report from CommonTime.

The enterprise applications firm quizzed over 800 clinical and non-clinical Health Service staff to compile its latest research, Instant Messaging in the NHS.

It claimed that 43% of staff – around 500,000 – rely on IM apps like WhatsApp and Facebook Messenger and 32% use only these consumer-grade tools to send instant messages at work.

The numbers are even higher among frontline workers. Over half (59%) of doctors and nurses polled said they use consumer IM apps at least once a week, even though three-quarters of users questioned in the report expressed confidentiality concerns.

NHS Trust policies do not permit the use of consumer IM apps, which explains why over one in 50 staff have faced disciplinary action for using consumer IM – that’s the equivalent of around 29,000 NHS England employees, according to the report.

Over a third (39%) of staff questioned weren’t even aware of their organization’s official guidance on data protection, and one in five had not been offered or received data protection training.

Despite this, over a fifth (21%) were able to confirm that colleagues had used IM in ways that breached data security policies. In addition, 11% said they were aware of colleagues with patient content on their device.

The report cites numerous anonymous examples given by respondents of patient data being sent to the wrong person, sometimes outside of the NHS, as well as “sharing [patient] addresses and phone numbers,” “complaining about patients,” and “unauthorized access to patient details.”

At the heart of the challenge is that healthcare professionals value the usability of IM apps, while Trust-approved technologies seem to put a block on productivity.

“We need standards based, cheap as chips, ubiquitous instant messaging for the NHS, and for this to integrate well with the clinical records,” said Andy Hadley, head of IT development at NHS Dorset Clinical Commissioning Group. “The NHS needs to step up to enable secure use of technology to empower staff, and this needs to extend to social care and others involved in providing multi-agency health and care.”

Martin Wilson, clinical lead for IT at The Walton Centre NHS Foundation Trust, added that clinicians really value the group chat function in such apps, which “reflects the clinical reality that we work in teams, and often make decisions as teams.

“Phone and pager systems of working, [as well as] email, just don’t support that clinical workflow particularly if you need a rapid response from multiple team members,” he added.

A report from CommonTime last year claimed the NHS is responsible for 10% of the world’s pager usage, costing over £6m annually.

Source: Information Security Magazine