Clinical photos aren't stored or transmitted securely when using the default camera app, or the camera within messaging apps. In most cases, you're risking a $340,000 fine by inadvertently breaking the law, and you're vulnerable to cyber-extortion. Use PicSafe's compliant clinical photography app to protect you and your patients. Download Now - Free ↓
Using the default camera app, or the camera built in to messaging apps, almost always results in a breach of privacy regulations.
Express consent isn't documented
Photos are stored on your phone
Photos are auto-uploaded to iCloud
Photos aren't de-identified properly
Lose your phone, lose patient data
Sent insecurely via email or SMS
Doctors often don't get consent, and when they do, they don't record it properly. A whopping 82% of the time, doctors don't document consent when taking a photo. A study among dermatologists revealed that only 2% obtained written consent! While 46% received verbal consent, they failed to document this.
See the "Can't I just infer consent? FAQ for details.
In a 2016 study, 73% of doctors admitted to storing clinical photos among their private photos, while 26% admitted to accidentally having shown a clinical photograph on their phone to friends or family! That's an instant privacy breach.
Even if a doctor "deletes" a photo, on iOS devices it remains in "deleted items" folder for 40 days, and on Android devices it remains in the "trash" folder for 60 days. See the "How do I delete clinical photos I have stored on my photos FAQ.
There are two ways in which you can inadvertently be sending data overseas:
You should never have patient data on Apple or Google's servers.
Many operate under the assumption that they can merely de-identify the photos by not showing the patients face; however, this is not sufficient. Photos taken on the default camera app (or the camera within messaging apps) contain all sorts of metadata that can be used to identify the patient. See "Am I okay to use the default camera app if I de-identify photos?" in the FAQs for more.
Fortunately, all new iOS and Android phones have some form of a passcode, or facial recognition turned on by default. Unfortunately, between 11% and 15% of iOS devices, and around 33% of Android devices don't have it turned on.
While newer versions of iOS and Android push people into using passcodes, fingerprint scanners or face recognition, sometimes (on some Android devices) these methods are quite easy to "hack". Whether such measures are considered "reasonable" has not been legally tested.
With off-the-shelf data recovery tools, one can recover data on "locked" Android devices reasonably easily.
Sending clinical photos by email, text message, and even WhatsApp is widespread, but it should not be happening!
Email is inherently insecure. Unless you're using a special email encryption service, it's like sending a postcard. Any number of people can view it along the way.
See the Is Sending patient data via email safe? FAQ for more.
Simply put, text messaging is not secure.
See the Is Sending patient data via text message (SMS) safe? FAQ for more.
Anecdotally, many doctors in Australia are using WhatsApp to share patient data.
See the Is Sending patient data via WhatsApp safe? FAQ for more.
The Privacy Amendment Act 2012, which amends the Australian Privacy Act 1988, introduced thirteen "Australian Privacy Principles".
These are legally binding, enforceable laws that apply to the handling of all personal medical information.
Australian Privacy Principles stipulate fines up to $340,000 for individuals ($1.7 million for corporations) per violation.
There's no legal requirement to show patient damages. You don't want a compliancy officer knocking on your door!
Legal Department, Avant Insurance. Published in Avant Physician Issue 10, March 2013 Also see Section 13G and 80W(5) of the Privacy Act.
Cyber-extortion is increasing at a rate of 350% per year with "rich" western doctors being prime targets.
As seen on 60 Minutes, there's an unfixable vulnerability in mobile networks meaning it's easy for hackers to intercept text messages from anywhere in the world. All they need is a phone number.
89% of physicians polled admitted to taking clinical photos on their phones, and the practice of then sending them via text message is rife. A hacker can easily intercept messages and threaten to reveal patient data unless they receive an anonymous Bitcoin payment.
The FBI has issued a warning that hackers are actively trying to access patient data to "intimidate, harass and blackmail". By encrypting photos on your device before sending them, PicSafe® helps protect you from this threat.
"PicSafe® ensures that the collection, use and disclosure of clinical photographs accords with the requirements of the HRA, without compromising efficiency"
Easily add clinical photos into third-party Electronic Medical Record (EMR) and Electronic Health Record (EHR) systems.
Send a report to yourself, decrypt and open it at my.picsafe.com, and import it into any third party tool that can accept JPEGs and PDF's. No complex setup required - no need for help from IT!
Send reports directly to Fast Healthcare Interoperability Resources (FHIR) supported EMR/EHR's. FHIR is the emerging standard for exchanging health information to and from electronic health records.
For more, see "How do I get photos into the medical record?" in the FAQs.
Use of the camera on phones for clinical photography is so widespread, and the benefits so broadly accepted that it can be considered "standard of care". That means you're...
PicSafe® also uses CBC mode, password stretching with PBKDF2, password salting, random IV, and encrypt-then-hash HMAC. There are no known cases of this encryption having ever been "cracked".
PicSafe® has undertaken independent Vulnerability Assessment and Penetration Testing (VAPT). See the PicSafe® Security page for more.