Communication in Emergency: The Impact of Consumer Instant Messengers on Healthcare
16 Apr 2020
Effective communication between healthcare workers is essential not only in the times of pandemic.
It is integral at all times.
Without such communication, workers would experience difficulties delivering a high standard of care for those who need it. Taking into account the overwhelming workload on medical specialists in 2020, and the stress levels that come with it, we should also think about their day-to-day processes that keep the medical systems from collapsing.
Work in such an environment is bound to create a lot of issues, one of which concerns the adaptation of consumer instant messengers to streamline the workflow.
Data or Patient Security? Another Tough Choice To Make
A significant number of staff members are increasing the usage of communication tools that were designed to make conversations and data exchange easier and more convenient, not safer.
In 2017 The British Medical Journal discovered that 97% of doctors routinely sent patient data via instant messengers. The results presented in the study were gathered following the anonymous survey that was designed to bring the necessary attention to the issue and to find viable solutions that would work both for frontline staff and for governance teams.
The findings from another report, Instant Messaging In The NHS, unveiled that the use of WhatsApp and Facebook Messenger is much more prevalent than the public was led to believe, and that the disciplinary actions for incidents related to instant messenger communication, such as a message sent to the wrong recipient, are few and far in between.
Another key outtake from the report underlines that overreliance on instant messengers made medical workers more lax to the policies designed to enforce data protection.
While communication in instant messengers can certainly be used for in-house organizational tasks like shift handovers, it also has proven to be very convenient for communicating with patients directly, or even storing patient content and documents on mobile devices.
The mass adoption of convenient instant messengers can be easily understood when we gaze over alternative channels of communications, that stall the progress of workers, and as claimed by some, put patient care in jeopardy.
The influx of new entrants to the workforce and legacy solutions that overstayed their welcome result in a setting where confidentiality of data is not getting the proper coverage.
The More Recent IM News for the Healthcare Sector
Reports provided above certainly prove that there’s a demand for healthcare-oriented instant messengers.
While the aforementioned research concerns only the British healthcare entities, we can assume that the same use of instant messengers is present in the United States, where the privacy acts were loosened considerably amidst the pandemic.
As stated by the HHS in its Notification of Enforcement Discretion for Telehealth Remote Communications:
"During the COVID-19 national emergency, which also constitutes a nationwide public health emergency, covered health care providers subject to the HIPAA Rules may seek to communicate with patients, and provide telehealth services, through remote communications technologies."
Potential violations of HIPAA will be waived, so we can say that the COVID-19 national emergency is changing the laws on data privacy, making unsecure messenger services a norm. Or we can state that HHS is granting people permission to use messengers freely, as they wouldn’t be able to control their use anyway. Perhaps more importantly, the HHS “Rules of Behavior for the Use of HHS Information and IT Resources Policy” were last reviewed on June 7, 2019.
Nobody is prepared for the pandemic, its effect on the work of healthcare staff, or its impact on the privacy of patient data.
At the end of the day, when people would have to choose between WhatsApp and Facetime or a HIPAA-compliant service like Zoom for Healthcare, the choice would be made in the favor of the more popular apps. And perhaps that’s for the better, because Zoom did not handle the wave of new users well, being caught in one privacy fiasco after another, one of which was centered around the lack of end-to-end encryption.
With Zoom’s integrity taking a huge hit, medical professionals should really consider other communication platforms and seek to maintain a professional approach to data handling, as challenging as it is.
What Should an Instant Messenger Offer to Healthcare Professionals and Patients?
Medical professionals working under pressure would have their reasons to keep using time-proven but less secure applications, but in the ideal world, they shouldn’t have been put in this position in the first place.
The healthcare sector needs an established and secure solution. Staff deserves to have a reliable, and user friendly application. But sadly, despite the best efforts of several vendors, you can’t please both sides and deliver a product that would be well-approved both by the compliance sector and the actual workforce.
For example, on March 9th of this year, Hopsify became the first clinical messaging app to be made available on the NHS Apps Library.
The app was subjected to thorough testing and passed the requirements drawn out by various NHS organisations and regulatory bodies. Hospify highlights that it doesn’t collect background data, that it has a built-in password functionality, and that it masks email and phone numbers. In the app you can create groups, share photos, and collaborate on cases.
“Hospify messages are sent using secure end-to-end encryption, are accessed using a 6-digit pin-code, and are automatically deleted from our servers after delivery and your phone after 30 days.”
While Hospify seems to address important on-field issues, it does not seem to be consistent or fluent enough to replace the more established messengers, at least for now. And as practice shows, our lives, and our privacy through secondary factors, are left for medical’s professional’s sound judgement.
There’s a lot of responsibility on the shoulders of these people already, so putting even more weight on them would be inhuman. With all that being said, let’s revise some of the barebone requirements instant messengers for medical workers should follow:
- Mobile data and confidential medical information has to be encrypted both in rest and in transit.
- Photos and media files like patient charts, X-rays, and scan images also have to be encrypted.
- Past messages and communication media must be reliably archived and backed up.
- Personally identifiable information or test results should not be displayed in push notifications, nor be available without providing authentication factors.
- Protection from unauthorized entry should be in place, in case the device is stolen or lost.
These are only the roughest guidelines that we could bring up, but at the time when the use of instant messengers in healthcare is self-administered, every little piece of information counts.
Instant messengers have become indispensable, and healthcare sorely needs a solution that would satisfy every side involved. Venors, healthcare professionals and policymakers must come to an agreement to find a way of moving forward
Until then, the privacy and confidentiality of the patients, just like their lives, are in the hands of medical practitioners, quite literally.
StealthTalk app may not be tailored for the first-need of healthcare professionals, but we still care about data security of patients, and job security of people who sacrifice themselves for the greater good.