Minerva Studio - stock.adobe.com

NHS issues guidance for instant messaging use in acute settings

As NHS staff are increasingly turning to messaging apps to communicate with each other, the government issues guidance saying only tools meeting the NHS encryption standard should be used

The government has published guidance telling NHS staff to judge for themselves when it’s safe to use instant messaging apps in acute settings, and to be aware of data privacy and security rules.  

The guidance comes as clinicians are increasingly using apps such as WhatsApp to communicate with each other, including during emergency situations such as recent terrorist attacks, the Grenfell fire and the Croydon tram crash.  

The guidance, issued jointly by NHS England, the Department for Health and Social Care, Public Health England and NHS Digital, recognises the need for instant messaging software, but adds that staff should only use standalone apps such as WhatsApp or Viber when the local NHS organisation doesn’t provide a “suitable alternative”.

NHS chief clinical information officer (CCIO) Simon Eccles said helping people “during a crisis like the Grenfell fire demands a quick response, and instant messaging services can be a vital part of that NHS toolkit”. 

“Health service staff are always responsible about how they use patients’ personal details, and these new guidelines will help our doctors and nurses to make safe and effective use of technology under the most intense pressure,” he said.

The guidance said that instant messaging “can have clinical utility, but remember that the law places obligations on organisations to protect patient confidentiality”.

“If you are a clinician, you may also have to defend yourself against regulatory investigation if you have not taken sufficient steps to safeguard confidentiality,” it said.

The guidance makes it clear that it does not endorse any particular tool, but rather sets out what clinicians should look for when using mobile instant messaging apps.

When choosing an app, staff should check if it meets NHS encryption standards, has user verification, password protection and the ability to remotely wipe the messages, should the device get lost or stolen.

Staff should disable notifications popping up on the locked screen, not to let anyone else use their device, and keep a separate clinical record and delete the messages once the notes have been transcribed in the medical record, the guidance said.

“Instant messaging does not change your responsibility to maintain a comprehensive medical record. Don’t use the instant messaging conversation as the formal medical record. Instead, keep separate clinical records and delete the original messaging notes,” the guidance said.

“Any advice you receive on instant messaging should be transcribed and attributed in the medical record. Remember that instant messaging conversations may be subject to freedom of information requests or subject access requests.”

General surgeon and Royal College of Surgeons Council member, Andrew Miles, said patient safety can be enhanced when staff can “quickly communicate confidential patient information between teams, such as by instant messaging”.

“Doctors have a responsibility to abide by all relevant rules on patient confidentiality and a professional responsibility to ensure they do not breach that confidentiality when using instant messaging tools,” he said.

“This important guidance will keep our patients safer by empowering clinical teams to use the latest and best available technology.”

A recent study by mobile technology supplier CommonTime found that nearly half of all NHS staff rely heavily on apps such as WhatsApp, iMessage and Facebook messenger for work. However, 58% of trusts don’t have any policy in place for use of such apps, and 56% offer no other alternatives. 

Read more about NHS and technology

Read more on Healthcare and NHS IT

Data Center
Data Management