BAD Advice: UK Guidance on the use of Mobile Photography Devices in Dermatology

August 6, 2019

Other Blog Entries

Like the latest news on PicSafe and Medical/Clinical Photography?

Success!

You've been subscribed to our newsletter.

Bad guidance

Ready for some BAD advice? As in advice from the British Association of Dermatology. We review their guidance. They provide guidance that is of interest, not just for dermatologists, but all doctors that work in the UK.

The working group that assembled the UK Guidance on the use of Mobile Photography Devices in Dermatology document have done an excellent job of bringing together requirements and guidance from various sources. They have attempted to provide clear guidance for the use of mobile devices for capturing patient photos. Unfortunately, much of the advice they have brought in is not always practical.

A Summary

The document breaks the guidance into three standards.

Consent
  • Always seek consent before capturing a patient image.
  • You must give clear information on the risks and benefits of using the image captured.
  • Obtain written consent (recommended).
  • Preferably, use a standardized consent form.
Safe use of Mobile Device
  • Devices used to capture clinical images should have:
    • A secure passcode (6+ characters).
    • Data encryption enabled.
    • Cloud-based backup systems disabled.
  • Ideally, trusts will have dedicated devices.
  • If not using a dedicated device, you should use a "secure clinical image transfer app" (i.e. PicSafe).
Safe Transfer & Storage
  • It's vital to ensure photos arrive securely at the right destination for storage and use. Patient data should not be vulnerable to interception or redirection with protections in line with the Data Protection Act (1998) (DPA). You can achieve this by sending encrypted data as follows:
    • Via email using NHS.net or to NHS.net similar secure NHS systems; 
      or
    • By downloading to a secure (preferably NHS) wifi network or by cable to a PC that acts as a conduit to a secure network server and not as a storage device; 
      or
    • Using a "secure clinical image transfer app" (i.e. PicSafe).
  • Anonymized or pseudonymized data may be a pragmatic solution when a high level of security cannot be guaranteed.
  • Images should be deleted entirely from the mobile device once transferred.
  • The storage system holding PID is encrypted/password-protected, searchable, regularly backed up and contained within England, Scotland or Wales.

Inconsistencies & Impracticalities

We feel there are some inconsistencies and many impracticalities with the guidance provided. We discuss each below.

1. Password protecting apps that capture photos.

The document recommends not storing patient data on your device. They also suggest that your device or any app you use "for capturing" photos should be password protected. Password protection seems unnecessary. If you follow the first bit of advice, there is no data stored on your device. There is, therefore, no need to password-protect any app that captures photos as there is nothing to protect! We agree you should password-protect your device if storing patient data on a device. It is, however, an unnecessary barrier for doctors to overcome if they have to enter a password each time they want to take a photo. We suggest ignoring the requirement that an app that captures patient photos be password protected.

2. Linking Anonymized Photos to Medical Records

The document suggests you should anonymize or pseudonymize photos if you cannot send then securely, or you can't capture consent. They also suggest that all photos should appear in a patients medical record. If you genuinely de-identify a photo, it is practically difficult to link it to the correct patient record. Our advice is to take the approach of always sending patient photos securely so there will be no issues relating to matching photos to patient files.

3. Balancing Risk of Anonymized Photos with the Risk of Sending through Insecure Methods

The document also suggests that you balance the risk of anonymizing photos with the risk of sending via insecure means. The thinking being that if the inherent risks in anonymized or pseudonymized photos are high, then you should use highly secure sending methods. And vice-versa, if the intrinsic risks in anonymized or pseudonymized photos are low then sending via less secure methods may be acceptable. We feel that it is not practical for anyone other than security specialists to be able to make these kinds of subjective assessments. There are efficient and easy-to-use techniques for always sending patient data securely. Use them, and we can avoid the confusion of suggesting some trade-off. PicSafe provides such a practical way of securely sending patient data.

4. Consent Form Too Long

The suggested consent form is to too long to be practical. It is 300+ words and requires the signature of the health professional, the patient, and a witness. The length makes a capture on a mobile device impractical meaning it would best to use a paper form. The paper form could be captured in a photo to make it easy to store alongside the photo; however, it is impractical for a doctor to always have a paper form available. Even if an app displayed the form, the time constraint of completing it will discourage its use. That, in turn, has the potential to reduce patient care.

5. Turning Off Backup is Unwise

The guidance suggests "any cloud-based backup systems" are disabled. This advice prevents photos stored on your phone from being uploaded to locations deemed to be insecure (e.g., iCloud and Google Drive). It is of no benefit if you use a specialized app that does not store photos on the device. Disabling cloud-based backup systems are incredibly inconvenient should you lose your phone, or when you upgrade your phone. Without a backup, considerable time is needed to set up a new phone, and cherished personal photos may be lost forever.

6. Turning Off Bluetooth is Impractical

The guidance suggests disabling Bluetooth. We agree you should avoid Bluetooth for transferring data from your phone. However, your phone uses Bluetooth for many other functions like connecting to wireless headphones (e.g., Air Pods), hands-free kits in cars, and many other accessories. It is not practical to suggest that doctors disable Bluetooth for this reason. If it is not practical, doctors will likely ignore it.

7. Sending Securely

The recommendations for how to send securely involve three methods.

  1. Via email using NHS.net or to NHS.net similar secure NHS systems;
    Unless using a specialized app for image capture, when you attach a photo to an email, the photo will have to come from the gallery on your phone. If stored on your phone, your phone will potentially upload it to backup servers (iCloud or Google Drive). As discussed above, turning off backup is impractical and unwise. We, therefore, feel that it is inappropriate to suggest directly attaching a photo to an email and sending via NHS.net email (or similar).
  2. By downloading to a secure (preferably NHS) wifi network or by cable to a PC that acts as a conduit to a secure network server and not as a storage device;
    Unless using a specialized app, your phone stores captured photos in your gallery. Before you have a chance to remove the photo, your phone may upload it to backup servers (iCloud or Google Drive). Further, attaching a cable to your phone and plugging it into a computer is impractical in many situations. It is time-consuming in all conditions.
  3. Utilizing a secure clinical image transfer app. 
    Using a secure clinical image transfer app seems to be the only practical method. PicSafe, of course, can act as a secure clinical image transfer app.

Overall, we find the document very helpful. We feel, however, a doctors perspective needs more consideration. It is easy for those not in the trenches to cover their backsides and place all sorts of restrictions on the use of mobile devices. If there is a privacy breach, they can then point to unfollowed guidance and clean their hands. What this is in effect doing is discouraging the use of a valuable tool that can help deliver better and more efficient patient care. There are practical ways in which mobile devices can be used to capture and send patient photos securely - through the use of a "secure clinical image transfer app."

Not only is there no better "secure clinical image transfer app" than PicSafe, we believe there is no other "secure clinical image transfer app" that provides doctors with a practical yet secure means of capturing and sending patient photos. PicSafe allows you to comply with the guidance provided in the document (except for password-protecting the app used to capture photos - which is ill-conceived).

Bad guidance

Download the document from the BAD website.