Messenger apps and patient confidentiality: what every healthcare professional should know

Three years after GDPR rules were launched, many healthcare professionals are still failing to comply when sharing clinical data via instant messaging. Privacy, security and data compliance should be at the forefront of every healthcare professional’s mind when sharing patient notes, photos and sensitive data via messenger apps. Unfortunately, many of the most commonly used apps are not compliant. 

However, the global pandemic has provided a catalyst for the adoption of specialist digital communications tools which enable secure information sharing and faster decision-making. Siilo – Europe’s largest medical messenger app – experienced a 202% increase in app downloads in the last 18 months alone.

Here Siilo’s CEO and founder Joost Bruggeman, highlights the five key security features every healthcare professional should look for in their choice of messenger app.

1. Fingerprint/​Facial Recognition & PIN code security

Facial and fingerprint recognition is a convenient way of accessing your apps securely. Including the additional layer of a personalised PIN code gives you much greater security over the sensitive information on your phone, from photos to confidential patient information. These security locks ensure your private messages are protected, helping to prevent other people from accessing them without permission.

An additional step taken by some messaging apps is the use of end-to-end encryption, the gold-standard for protecting communications, where data exchanged is protected throughout the chat process, encrypted when you send it and decrypted when it arrives with the receiver. 

2. Image-editing features

Allowing images to be edited prior to being sent gives the user the opportunity to blur out any personal details, names, faces and birth dates allowing images to be anonymised further protecting patient data. This is a step taken by Siilo to guarantee patient anonymity, as personal information or identifiers can be removed or blurred by the sender in order to protect a patient’s identity. Alongside this, Siilo have included another editing feature where critical areas of an image can be highlighted using the Arrow tool. This allows for the focus to be on the matter at hand rather than anything else, streamlining the workflow process and saving valuable time. 

3. Processor agreements

Confidentiality is one of the pivotal factors that is required from a company, business or organisation when sharing data. Users must be reassured that the data they provide is kept safe and confidential and that it may only be processed by authorised personnel and that third persons may not access them.

Under Article 28 of the General Data Protection Regulation, a data processing agreement is a legally binding contract that states the rights and obligations of each party concerning the protection of personal data. Essentially this ensures data privacy and security compliance at both an organisational as well as an individual level. Within a messaging app this means that user data should be handled by the host platform securely ensuring data protection. 

4. Identity & medical verification

In the healthcare industry, trust is essential for both patients and practitioners. 

In some instances, apps will ask for verification by uploading an image of your photographic ID. This could be a driving license, passport or an industry related ID such as your medical registration number. This helps to make sure that app users are who they claim to be, ensuring that any potentially sensitive information is being sent and accessed by the intended recipient.

5. Separation between personal/​professional media

Some messaging apps save photos automatically to your mobile phone library, which means that images shared securely within a chat are then easily, and often unknowingly, saved to your personal device. It goes without saying that this is a huge problem when it comes to patient confidentiality. 

This is generally a default option which then needs to be manually disabled by the user, but if the user is unaware of this even happening the distinction between personal and professional files then becomes blurred. 

It is important to check what your messaging app offers and whether these default settings can be turned off to minimise the risk of this happening. 

The Siilo Messenger app is free for individuals and teams. users can exchange messages, documents, image and video files, and make voice or video calls, whilst meeting the highest security and compliance standards in healthcare.