Information Governor, Senior Information Risk Owner and Caldicott Guardian were all titles that were unheard of in the NHS 15 years ago but are pivotal in patient care today. Information Governance in the NHS was born following serious losses of personal information, including the loss in 2007 of computer disks containing the names, addresses and bank details of 25 million child benefit claimants.
There are reports of thousands of patients being affected by data breaches involving NHS organisations that range from community services to large teaching hospitals. In 2010 alone over 17,000 USB memory sticks were left at dry cleaners!
Today, Information Governance ensures necessary safeguards for, and appropriate use of, patient and personal information. Everyone working for the NHS who records, handles, stores or comes across information that could identify a patient has a Common Law Duty of Confidence to that patient and to the Trust they work for. They have signed a contract of employment that includes a statement of the need to maintain absolute confidentiality of personal information and have strict training on systems to prevent a breach of information.
However, one major failing in information governance and the NHS’s attempts to protect the patient is the use of mobile phone cameras. It seems that at the drop of a hat medical staff produce their mobile phone to record an interesting condition, unusual tattoo or trauma without any informed consent or adherence to hospital policy. Rather like the law for driving and using mobile phones, the edict is largely ignored and perhaps unenforceable in a large hospital.
In June this year, a new app called ‘figure 1’ has been released to share medical images with the medical community. Reviewed as the “Instagram of Medicine” the software reassures that “you needn’t worry when your doctor whips out his or her iPhone and starts snapping photos of your medical mysteries. The app automatically blocks out faces, and identifying marks like tattoos can be painted over to further protect one’s privacy”
Although this app appears to be a disaster waiting to happen and represents a serious breach of patient information and confidentiality there are only local Trusts policies in place, many of which are simply vague.
‘Use of digital cameras that are the personal property of staff are discouraged’
Even the NHS choices web site advises, ‘if your phone has a camera, it’s unlikely that you’ll be allowed to take photographs’
Following the relaxation of the rules for using mobile phones for calls in hospitals, this problem is exacerbated with staff and other patients on the ward being recorded by the inpatient, often for nefarious reasons. In the course of her job as a clinical photographer, a member of MIUK staff was recently photographing a young dental patient in the studio and became aware of the mother of the child taking pictures of the whole process; for what reason who knows? There are examples where staff have been prosecuted for taking improper images during the course of their work, but these are not largely publicised; consequently the problem continues.
Clinical photographs are unique among patient records as being instantly recognisable and understandable by the overwhelming majority of the population and for this reason the importance of the duty of care to ensure that proper consent and confidentiality procedures are in place and complied with are heightened. Professional clinical photographers make it their business to ensure the complete safety of the photographic records they produce. MIUK recommends that any medical professional requiring photography of a patient’s condition should contact their local medical photography department or call MIUK Ltd.