Using social media safely in general practice
GP and social media consultant Dr Aisha Malik outlines the regulatory issues around messaging apps and platforms, and advises on how to use them safely in general practice
The NHS recently hit the headlines as the world’s biggest purchaser of fax machines. That’s really quite impressive considering that nearly all other organisations ditched this archaic technology in the early 2000s.
Yet at the same time we are seeing widespread use of social media messaging apps to exchange patient information across hospital trusts and in primary care.
These seemingly paradoxical behaviours represent how far behind the NHS is lagging when it comes to embracing the digital age, with frustrated healthcare professionals having to bypass old communication systems and use unsanctioned social media apps in their stead.
So what’s the issue?
The use of social media apps like WhatsApp in medicine is coming under scrutiny because it is an increasingly popular means of communication between colleagues, including for the exchange of results and discussion of patient cases.
It is also difficult for trusts and CCGs to regulate use, especially given that most doctors report using their own personal devices to exchange information between colleagues.
The concern is, given that consumer based social media apps are not designed for healthcare, we cannot assume that they take in to account the nuances of NHS information governance guidelines and law. With the recent well publicised misuse of consumer data by social media giants such as Facebook, it can also be strongly argued therefore that the NHS is not wrong to be cautious on the uptake of digital tech that does not honour the strict privacy necessary around handling healthcare data.
Social media in context
Sharing of patient information is of course, not new. It is important to see social media and social media messaging apps as merely another conduit for patient discussion and communication between colleagues. And it is also key to remember that the duty to share patient information can be as important as the duty to protect patient confidentiality in the context of patient care.
The challenge is that we are some way off having an app which is appropriate for the context of the healthcare profession. There are a number of healthcare specific apps under development to rival WhatsApp and other consumer based products, but it may take years to establish a system with watertight information governance that will leave us feeling as warm and fuzzy as the trusted fax machine.
Why use social media at all in general practice?
Facebook groups and WhatsApp groups are popular amongst GPs and doctors for peer support, clinical case discussion and CPD. With the currently stretched workforce and an increasing proportion of sessional GPs, such groups are important and key for professional support that GPs may otherwise not have access to.
Social media also has a role when it comes to connecting doctors with patients, having the ability to empower communities and nurture relationships between service providers and users. For example, a Facebook page may be used as a noticeboard, to share practice news, broadcast health advice and encourage patient engagement.
Given that as an industry we are playing catch-up with uptake of social media and lack bespoke social media apps fit for the purpose for healthcare, it’s tricky to know what to do. And we will probably be operating from within this grey area for a while. In the meantime, here are some tips to follow when using social media.
When interacting with patients
- Educate, don’t consult
- Redirect questions that may regard personal health of the patient to the appropriate place (for example, offline and a face-to-face appointment)
- If approached via your personal profile on any social media platform, redirect the patient to your business profile or to the practice.
When discussing clinical cases peer-to-peer
When sharing patient data on social media, you should apply the same principles as when handling patient data in any form.
- Anonymise data. With the exception of cases where not sharing the patients’ identifiers could result in risk to the patient, data should always be anonymised.
- If not identifying the patient could cause risk to the patient – for example, if the receiver is involved in the direct care of the patient – then written consent should be sought where possible, and data exchange via commercial social media platforms is unsuitable.
- Where the receiver is not directly involved with the patient’s care, as long as the data has been suitably anonymised so that re-identification is not a possibility, this is not considered protected health information and the data can be shared. Examples would include clinical case discussion online via CPD groups, or when seeking advice on a case from peers via instant messaging.
- If re-identification is a possibility, written consent from the patient must be obtained and ideally the social media platform must follow suitable privacy guidelines. That means you should avoid using a commercial social media platform.
Social media and instant messaging apps are excellent tools for streamlining communication between colleagues, service providers and users. But until we have a bespoke app that can handle the complexities of healthcare data management, the onus will be on us as individuals, not trusts or CCGs, should there be data breaches.
Until then, it looks like the NHS will remain the world’s largest purchaser of fax machines for a while.
Dr Aisha Malik is a sessional GP in Manchester. You can follow her on Twitter @DocAishaMalik