A recent journal article (paywall) had the lead-in line of:
“Patient privacy and confidentiality are being
overlooked in the burgeoning use of smartphones to take medical photos”.
I argue the opposite: that ease of access to medical images
has been overlooked in the concerns over privacy and confidentiality.
So is privacy an issue for the patients? Of course, but
privacy of what? This is where the Privacy Rights
Clearinghouse comes in. This very comprehensive and easy to use website has
categorised records of thousands of data breaches in the US involving over 500
million records (including non-medical areas). A search of “Unintended
Disclosure” in “Healthcare” from 2005 to 2011 inclusive, revealed 67 breaches
involving 1,331,879 health records. They cover everything from a lost laptop to major firewall lapses. Interestingly, many of the cases were due to incorrect mailings. The
information was both medical and personal (social security number, name and
even credit card details) and there were several associated lawsuits, but none
of the breaches referred to transmission of images by smartphone.
Despite this, the restrictions placed on viewing X-rays on
line, in the name of security and privacy, are such that many specialists
cannot see the films, or can, but couldn’t be bothered with the elaborate
process of ID tokens, multiple passwords, computer incompatibility, updating
passwords, and the need for a dedicated desktop (making it non-mobile). It is
easier just to have the hospital doctor take a photo and message it. Done. Near
instant access anywhere, anytime.
When we started our digital X-ray system many years ago, I
could log in with my smartphone and view the films. That was before concerns
over privacy trumped ease of access.
I have been involved in many hospital investigations prior
to digital imaging, for mistakes made because a specialist doctor could not access
the X-ray films. The solution was always the same: to bring in a digital X-ray
system. Now we have such a system, but none of the doctors in my unit use it
outside the hospital. Then the smartphone came along and solved the problem for
us.
The bottom line
I would like to see some balance. I can quote many
cases of harm from lack of access to medical images, yet I know of no cases of
harm from unwanted transmission of such images. The authors of the paper write:
“People will only
take this issue seriously if there is litigation”
They are correct. The fact that there has never been
litigation over this commonplace event doesn’t seem to strike them. Even if
there was a case, what harm would they be claiming, and would it offset the
harms from having such tight restrictions to access? Haven’t we more important
things to worry about than having our photo taken or our X-rays viewed? Are we
that special?
I could not agree more. I am unaware of any attempt by any unauthorized person to view images of patients. We too have elaborate security measures which deter most docs from looking at their patients' images. It's a sad state of affairs.
ReplyDeleteThanks. I thought you would appreciate this one.
DeleteAnd I agree: criminals are after your credit card details, not your chest X-ray.
Well said.
ReplyDeleteThe tardiness of IT administrators to allocate logins and passwords to new registrars or locum staff presents another problem: either the required images can't get viewed (a medical safety disaster waiting to happen), or (more commonly) a generic password gets issued... which is then written on tape applied to the top of computer screen for all to see and use. Surely this presents more of a privacy concern, as unlike MMS messages the access and transmission can not be traced.
Thanks.
DeleteFrom those comments, I think you must work at my hospital.