Data Sovereignty is the idea that data are subject to the laws and governance structures within the nation it is collected. Where data are deemed to be collected can become a little murky when you factor in the location of servers that store data. Here we will try and clear this all up concerning sending and storing clinical photos using PicSafe.
There are many ways in which patient data can, inadvertently, end up travelling internationally. The most common of which are:
None of these things needs to be avoided, and indeed they provide valuable services. Depending on how you use then you can, however, fall foul to privacy laws when using them with patient data.
There are over 100 national data privacy laws in effect with a dizzying array of requirements under specific circumstances. As a general rule, we have found that all patient data should not be accessible to those outside of their home legal jurisdiction except where explicit consent is given on a per usage basis. See National Comprehensive Data Protection/Privacy Laws and Bills 2018.
Specifically, in Australia, the Privacy Act has this to say:
"Before [a doctor] discloses personal information about an individual to a person" … "who is not in Australia" … "[you] must take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles."
"In certain circumstances, an act done, or a practice engaged in, by the overseas recipient is taken," … "to have been done, or engaged in, by the APP entity."
Let us go over how you can protect yourself and your patients' data under each scenario.
Don't use the default camera app on your phone for taking patient photos. Further, when you take a photo from within many messaging apps (WhatsApp included), the photo appears in the phone's gallery. To avoid photos from getting uploaded to Google/Apple's servers, you can turn off auto upload, but that is difficult and inconvenient.
PicSafe has been designed in such a way that as soon as you send/store photos, they are removed from your phone. They never appear in your gallery.
There are special encrypted email services, however they often expensive and rely on both parties using the service. There is also the issue of who has access to the keys used to decrypt the email.
PicSafe allows you to attach an encrypted file to an email meaning that no patient data is visible to prying eyes and the email is sent over the Internet. The keys used to encrypt the files are distributed through a "Key Server". PicSafe hosts a "Key Server" that any PicSafe user can use, or an institution can choose to run their own. Either way, the key to decrypt a file is not stored on the same server that stores the email and the data, and then the key to decrypt can't be accessed without permission being granted and access being logged.
Much the same as with photos stored in email, photos stored in messaging apps can be accessed in transit or when being stored. Many services encrypt messages but still about end-to-end encryption is not safe. Further, once photos are viewed on a recipients phone, they are stored on the phone. You have no control over where that phone goes or who has access to it.
PicSafe's solution here is not to embed the photo in a message, instead, have a link to the photo in the message. The link points to a file hosted on My PicSafe. My PicSafe has servers in Australia, Canada, Ireland, the UK, and the USA. This means that for users in these countries, patient data will not leave the country. PicSafe users, therefore, send photos securely.
Each of the four primary third-party storage services is owned by a US company. The issue over who has access to what data is murky. PicSafe supports all four as we feel that each can be used securely. See the relevant FAQs for how to set up each of Box, Dropbox, Google Drive, and OneDrive. Specific discussion around the data sovereignty for each follows.
In November 2106 Box announced "Box Zones in Australia” which enables Australian customers to store their data locally. Box says that by storing customer data in-country, it “can help address Australian Privacy Principles for organisations with data residency concerns and help companies meet the Australian Signals Directorate's strong recommendation that cloud providers handling sensitive data be located in Australia”.
Unfortunately, you must have a Box Enterprise account to use Box Zones. The Box website asks that you contact them to get a quote. Expect to pay around $35 per month for this service.
Box provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Box provides a page called: "Box HIPAA and HITECH Overview and FAQs" to assist with implementation.
This "Is Box HIPAA Compliant?" article gives an excellent summary of what Box does and what you should do to comply.
According to Dropbox's VP of Enterprise Strategy, Ross Piper, "Dropbox stores its Australian customer files in Amazon Web Service's Sydney data centre". This is despite their website saying all data is stored in data centres across the United States. Technically speaking, then, it sounds like you can use Dropbox. However, they state that they hold related metadata in the US, thereby raising the accessibility spectre once again. The fact that this issue is conspicuously not addressed on its website raises some doubt about using Dropbox here in Australia.
If you decide to use Dropbox, the "Dropbox Basic" free plan, may be all you need for a while. That gives you 2GB of storage which should be enough for roughly 400 photos. If you require more storage space, you can upgrade to various paid plans starting at AU$11.60 a month.
Dropbox provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Dropbox provides a help page called: "Dropbox Business and HIPAA / HITECH—an overview" to assist with implementation.
This "Is Dropbox HIPAA Compliant?" article gives an excellent summary of what Dropbox does and what you should do to comply.
Google can’t guarantee is that data will be stored in Australia. However, they claim their approach is more secure than keeping everything in a local data centre.
Google provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. To help HIPAA-covered entities use G Suite and Google Drive correctly, Google has released a "Guide for HIPAA Compliance with G Suite" to assist with implementation.
This "Is Google Drive HIPAA Compliant?" article gives an excellent summary of what Google does and what you should do to comply.
Microsoft stores OneDrive data in data centres in Australia for Australian users.
Microsoft's OneDrive provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Microsoft's Trust Center has a "HIPAA and the HITECH Act" page that states that is it capable of providing HIPAA-compliant secure storage.
This "Is OneDrive HIPAA Compliant?" article gives an excellent summary of what Microsoft does and what you should do to comply.