The emergence of mobile technologies has changed the way healthcare professionals interact with their colleagues, and importantly, with their patients. This evolution has led to many questions about privacy law, and the steps that healthcare professionals should take to ensure that they are protecting patient information. To discuss these topics, we sat down with Figure 1’s Director of Legal and Business Strategy, Aliya Ramji and a Gowlings (prominent Canadian Law Firm) Associate, Christopher Oates.
How have mobile technologies changed the way healthcare information is collected and stored?
CO: Healthcare professionals have always collected information about their patients. They’ve been taking pictures of cases, de-identifying them, using them in teaching and research files, and submitting them to journals, among other things. Mobile technology has enabled a much broader collection and storage of information. This content isn’t just sitting in a filing cabinet anymore – it’s searchable, reviewable and mineable. The one thing that hasn’t changed is that privacy legislation applies to health information, no matter if it’s stored on a smartphone or in a filing cabinet.
AR: Mobile technologies are being integrated into the daily workflow of healthcare professionals in very interesting ways. It’s true that they’re collecting and storing more information more broadly, but they’re also using that information to collaborate with and educate their colleagues in real time as they’re seeing interesting cases. What’s even more impressive is that healthcare professionals can learn from others around the world, people who they would otherwise never have the chance to interact with. Doctors and nurses from the United States, Australia, and Canada can exchange ideas and improve patient care together.
How do you think privacy law will change to reflect this new behavior in healthcare?
CO: As I said earlier, Canadian privacy law is applied generally to personal and health information, and isn’t triggered by how it’s collected, used, stored or disclosed. As technology advances, we are left trying to comply with legislation that was drafted before mobile technology was even imagined. For example, federal privacy law is 14 years old, and one provincial law even references the physical location of files. We certainly hope that clauses like that will be updated. However, a cornerstone of privacy law is consent of the individual and the protection of personal information, and I think that will likely remain a key focus as privacy laws are updated.
AR: Law generally is behind the times, and is always in “catch up” mode. A lot of people think that mobile technologies have played a large role in forcing an update, but the same questions and issues have arisen in other sectors too. It’ll be incumbent upon all of us, healthcare professionals included, to make sure that we understand the broader context of the law and the fundamentals that must always be applied. The foundation of privacy law in healthcare is confidentiality and this will not change whether we are considering print or digital media.
In this evolving environment how can healthcare professionals protect patient privacy?
CO: Given the ability to collect, review, and store information so easily, healthcare professionals need to remember that the keystone for privacy law remains individual and informed consent. Healthcare professionals should ensure that their patients understand what the information that’s being collected is being used for, how it may be disclosed, and that they agree to these.
AR: Healthcare professionals should follow not only the letter of the law, but also the spirit. They should understand their own institution’s policies about collecting, sharing, and storing information on mobile devices, be respectful of their patients by focusing on the medical aspects of a case that they’re sharing, and by de-identifying the images.
To connect with healthcare professionals around the world who are viewing, discussing, and sharing medical images, join Figure 1.