Governement-ITRegulationSecurity

NHS Doctors Sending Patient Data On Snapchat In Alarming Case Of Shadow IT

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

DeepMind Health report criticises ‘insecure, risky, and non-auditable way of operating’

Doctors at the NHS are frequently using popular mobile app Snapchat to send pictures of patient scans to each other, a panel of experts has revealed.

In a report commissioned by Google-owned DeepMind Health, the lack of true digital transformation at the UK’s health service has been revealed, highlighting how doctors are circumnavigating processes to get their jobs done more efficiently.

In fact, in a damning verdict, the report goes as far as to conclude that the “digital revolution has largely bypassed the NHS”.

NHS

Dr. Snapchat

Perhaps the biggest revelation is that doctors are using smartphone camera apps to quickly record and send patient information, a blase approach to data privacy that will surely leave authorities and members of the public alarmed.

This suggests that, despite attempts by the government to digitise the NHS, it so far appears to be falling short.

“The digital revolution has largely bypassed the NHS, which, in 2017, still retains the dubious title of being the world’s largest purchaser of fax machines,” said the panel’s chair, former Liberal Democrat MP Dr Julian Huppert.

“Many records are insecure, paper-based systems which are unwieldy and difficult to use. Seeing the difference that technology makes in their own lives, clinicians are already manufacturing their own technical fixes.

“They may use Snapchat to send scans from one clinician to another or camera apps to record particular details of patient information in a convenient format. It is difficult to criticise these individuals, given that this makes their job possible. However, this is clearly an insecure, risky, and non-auditable way of operating, and cannot continue.”

Criticism was also leveled at the NHS and DeepMind partnership, which has been condemned in some parts due to the amount of confidential patient data that DeepMind is able to access.

This issue eventually resulted in the Information Commissioner’s Office (ICO) ruling that the data sharing deal agreed to by the Royal Free NHS Trust was illegal, with Dr Huppert adding that this broken trust “will be difficult to overcome and has the potential to delay or undermine work that could be of great potential benefit to patients”.

Cyber security is also an contentious topic. The NHS is currently being plagued by ransomware attacks, yet is still putting patient data at risk by using outdated Windows XP software across many sites.

How much do you know about privacy? Try our quiz!