Secure and safe messaging in the UK health market
1 December 2017
Most clinicians, whether in the UK or US, will tell you about the benefits of using instant messaging to coordinate care and self-organise as a team.
At the same time the UK NHS has been trying to rein in the use of WhatsApp and other consumer messaging apps. They are right to place a premium on sharing data in a legal and secure manner, ensuring that information is available to support direct care without jeopardising patient confidentiality. And they are right to warn about the risks of creating new ‘silos’ of information that cannot be recorded as part of the official patient record.
But the horse has truly bolted – as the numerous reports into the widespread use of WhatsApp, carried by the likes of the BMJ (British Medical Journal), HSJ (Health Service Journal), the BBC, national newspapers and specialist technology media, testify. Try persuading a clinician who uses instant messaging to co-ordinate and organise their private life, that they can’t use a consumer messaging app like WhatsApp in their professional life when the alternative is the pager.
So far, there have been no significant fines or reprimands from the regulators – whether it is the Information Commissioner’s Office (in its ruling on the Royal Free and Google DeepMind, for example) or the GMC (in warnings issued following 28 separate investigations), but surely it’s only a matter of time.
What’s the alternative to WhatsApp?
It’s important that the NHS can provide an alternative compliant service and it needs to be prepared to pay for it. It is true that there is no direct cost to the NHS in using WhatsApp – its parent company Facebook’s deep pockets give it the luxury of looking beyond monetary values, to the value of data, for example. But the NHS can’t have it all ways.
There are a growing number of start-ups entering the UK market with secure messaging products and extensive social media conversations about their merits - clear evidence of the communication problem waiting to be solved. Not all of these will be able to gain traction. Those that do will need to meet some important prerequisites and may look to how the US market is evolving.
The essentials: security, scalability and interoperability
Base requirements are a solution that is hosted in the UK, encrypts data at rest and in transit, identifies patients and interoperates with NHS IT systems – in other words, a secure and compliant system specifically designed for health and social care staff, which supports team working and where messages can form part of the health and social care record.
What is also clear is that any secure messaging platform needs to scale – it needs to be cloud-based and resilient, and so ultimately must be provided by organisations that can reliably deliver scalable enterprise health IT.
The real secure messaging traction in the UK is currently coming where additional value is added for clinicians and the NHS. This means interoperability with EPRs and shared care records through open APIs and providing additional care coordination features including patient list management, handover, task management and alerting.
Joining up clinicians and cross-organisational care teams
At the System C & Graphnet Care Alliance, we have built a messaging and care coordination platform called CareFlow. It attaches to either a hospital master patient index or a care community index helping clinicians coordinate care across health economies. The platform includes secure messaging, but adoption is driven by providing key team based clinical workflow. The result is transformational.
Particularly important is the fact that these solutions should not be restricted to hospitals. We are all now looking to Accountable Care Systems to help break down organisational and cultural boundaries and bring staff together to meet an individual’s needs, whether they are in primary care, hospitals, nursing homes, community services or social care.
For the promise of ACS’ to become a reality, we will need joined up team-based communication, operating across wider care communities and where the information is secure and can be incorporated in the patient record.
That is what health and social care agencies should insist on and that is what the market needs to deliver.
Director of clinical information at System C & Graphnet Care Alliance
Hospital doctor and founder of CareFlow Connect
This blog post originally appeared on the healthcare.digital site, December 2017