7 online safety tips for doctors

Online safety tips for doctors

Image: pixabay.com

It is good to see that social media and eHealth are becoming mainstream topics at national health conferences. At the recent GP Education & Training Conference in Perth (GPET13) I attended two workshops about our professional online presence.

The first one was about the benefits of social media and was attended by GP supervisors, registrars and students. The second one, sponsored by a medical defence organisation, warned about the dangers of the online world, and interestingly there were mainly GP supervisors in the room.

Before I continue I must declare that I was one of the presenters at the first workshop. But it was good to be reminded by professor Stephen Trumble about what can go wrong. His excellent presentation created a lively discussion. Here are seven random points I took home from the workshop:

Tip #1

Doctors should be careful when looking up patients online, eg via Google. In general this is only acceptable if doctors are acting in the interest of patients, for example when trying to find contact information in an emergency.

Tip #2

Privacy settings of Facebook and other social media tools may change or fail, therefore: do not trust these settings. Assume that everything posted online, even in private networks, is public. I have blogged about the elevator test, which is one way to check if something is suitable before posting.

Tip #3

Taking pictures of patients or their body parts is fine as long as the patient has been made aware of the purpose and who will see the picture, has given consent prior to taking the picture and has been de-identified. When doctors publish the picture online, consent must be noted within the publication. If the picture is later used for other purposes, the patient must again give consent.

Tip #4

When doctors collect patient information on their mobile devices, eg when taking a picture with a smart phone or when using a transcription service, these devices must be protected from misuse, unauthorised access, alteration or disclosure. The 4-digit simple passcode on iPhones is generally deemed insecure (but can be made more secure in the phone settings). If patient information is stored overseas on cloud systems, local security laws apply and they may not meet Australian standards.

Tip #5

Old smart phones, even if factory settings have been restored and the data erased, still contain information. This is of course also true for USB sticks, practice computers, photocopiers with a hard disc etc.

Tip #6

I have blogged about the issues with Skype in patient care, and I was pleased to read in the handout: “Skype is not recommended for telehealth consultations but has not been deemed ‘unsuitable’. There are privacy, confidentiality and quality issues and many doctors who start with Skype end up upgrading to commercial systems.”

Tip #7

Last but not least: good old email is not suitable to transfer patient information. Encrypted email is the preferred option.

It is sad that the eHealth practice incentive payments (PIP) by the government are only paid to practices taking part in the PCEHR. As a result costly software, system and security upgrades will not be a budget priority for many practices.

Sources:

  • Online communication for education: risks, responsibilities and rewards. Workshop by Prof Stephen Trumble, Ms Nicole Harvey. GPET 13 Conference, Perth
  • General professionalism online – handout by MDA National
  • Informed consent and Telehealth – handout by MDA National
  • Telehealth tips – handout by MDA National

3 thoughts on “7 online safety tips for doctors

  1. Hi Edwin. Long time no see. Really enjoy your posts on this blog.

    I’m working as GP in Perth. I’m trying to streamline the way I deal with non-urgent results and results that don’t require face to face consultation to address. I’d like to know your thoughts on using email to communicate with patients. I find phone calls and letters to be rather cumbersome.

    Like

    • Hi Kevin good to hear from you, hope all is well!
      I believe email is (still) acceptable, provided you stay away from gmail etc. However I expect that in the near future encrypted email will become best practice.
      Personally I try to avoid using normal email in patient care as much as I can.
      Talk to the RACGP/your MDO. Hope this helps. Thanks for your response!

      Like

I'd love to hear from you! Please leave a comment:

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s