Maintaining robust medical imaging and patient imagery systems is vital for good quality medical care, not only for record-keeping and education but also for continuity of care and efficacy.
Imagery of a patient’s private health condition is among the most sensitive and personal information available - and central to collecting it must be trust. A patient must be able to trust their doctor is handling their sensitive medical information with care, and their dignity - and have the peace of mind their privacy is protected.
However, with the advent of smart devices, offsite insecure storage platforms, and search engines, patient imagery often ends up sitting on multiple mobile and desktop devices, many of which may not be secure, and potentially handled by multiple people before ending up in a patient’s file - if it ends up in the file at all. This could leave a practice exposed to privacy breaches - and possible litigation.
This is why it’s critical now, more than ever, to understand the moral, legal and ethical implications of storing, sharing and managing medical imaging and patient imagery - to protect the interests of the practice, the practitioner and the patient. Let's take a look at critical mistakes to avoid when it comes to managing medical imaging and patient imagery.
1. Overlooking privacy regulations and consent obligations
The importance of privacy in healthcare cannot be overstated. The Office of the Australian Information Commissioner has set out a number of guidelines for best practice when it comes to use of patient imagery within medical practice.
Appropriate consent must be gained to collect and use or disclose the image, with some exceptions, such as in an emergency situation. When seeking consent, a health service provider should make sure the patient has made an informed decision, which includes information about how the image might be used and disclosed in the future.
2. Underestimating the importance of managing de-identified patient data
According to the Office of the Australian Information Commissioner, if the patient is identifiable in the image, then that image is subject to the Privacy Act and is considered ‘sensitive information’ under the Act.
De-identified information is not considered to be ‘personal information’ under the Privacy Act. Therefore, before the image is used or disclosed, a health service provider should carefully consider whether it sufficiently de-identifies the patient.
However, while deidentified imagery is preferable for privacy reasons, if an image is deidentified, it may also be easily lost or attached to the wrong patient, particularly when it is handled by multiple people. This is why having a secure image uploading and storage system is critical, to ensure patient data is de-identified, but can also be adequately traced back to the patient while adhering to privacy regulations.
3. Storing patient imagery on the ‘photo album’ of mobile phones
Smart devices with good quality cameras means practitioners will often use their personal phones to take images. Storing patient imagery on the ‘photo album’ of your mobile phone is particularly dangerous if the device gets lost, goes missing or is misused by a third party.
Even if the imagery is downloaded into a storage platform and deleted from the device, many free storage platforms are not secure, and do not handle privacy considerations for the jurisdiction in which the doctor is operating his or her practice.
The Office of the Australian Information Commissioner reports health service providers must take reasonable steps to protect the personal information they hold from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
“A health service provider who stores personal information on a mobile phone or tablet will need to make sure their security settings are adequate to protect the information, and any platform used for storage has a robust privacy policy relevant to Australia, to understand how the images will be used, disclosed and stored,” the report states.
4. Sharing of patient imagery using unsecure communication platforms
In today’s fast-based digital clinical environment, patient imagery often ends up being handled by multiple people across multiple devices and platforms. For example, a doctor may take an image with their phone, then send it using WhatsApp or Slack to their admin staff, who then download it onto a desktop device and then upload it into a patient file, which is stored in a dropbox.
From here, it may be sent to a colleague for a second opinion, or to a referral, at which point the image has been shared and downloaded onto multiple devices, platforms, and hard drives. Once an image has been sent in this way to numerous people it is almost impossible to completely control and delete.
5. Manually time-intensive management of medical imaging and patient imagery
Practitioners are time-poor, and often don’t have time within consultations to take a photo, download it, attach it to a file and then delete it. This is even more so with sketched imagery, which must be scanned and attached to the correct file.
All this adds up to not only risks of files going missing or privacy breaches, but hours of time wasted on manual processes.
Similarly, imagery can be lost or not uploaded into the patient file in a timely fashion, meaning when a doctor opens a patient file they could well be operating from old information.
All these common issues can be daunting, but they are also easily fixable using secure cloud technology and digital healthcare.
Boost patient imagery privacy with cloud health software
Clinic to Cloud’s cloud-based platform has been designed to solve all these concerns easily and securely.
Doctor App, downloadable to any smart device, means practitioners can securely and legally take photos, which are then immediately attached to that patient’s file and stored securely on Clinic to Cloud’s clinical and practice management platform.
This has a number of significant advantages, the first being privacy and security. The imagery is attached to the patient file automatically and does not need to be handled by multiple people. Referrers or colleagues can access the image within the file, and no longer need to be sent it.
The image is stored securely in the cloud according to strict Australian privacy regulations, and not on offsite servers or overseas drives. It is also uploaded immediately to the file, so practitioners are always operating from the latest information. The app also automatically scans sketches and documents into the patient file.
With the thousands of images doctors handle every year, the ability to take a photo or scan a document and have it located in the file immediately is a huge time saver.
Orthopaedic Surgeon, Dr T.A. Sudhahar reports: “I can easily see anytime any patient's record without a paper copy. I can record the operation notes, record pictures and even send the discharge letter from the clinic straight away, and that's it - all my work is done.”
For more information on how Clinic to Cloud and help change your practice click here or contact us today.
