Confidentiality underpins the trust between doctors and patients. As far back as the 2nd century BC, the great Indian physician, Charak, had stated: “Nothing that happens in the house of the sick man must be told outside, nor must the patient’s condition be told to anyone who might do harm by that knowledge to the patient or to another” (1).
There is a trend among doctors in India of sharing images of patients or the results of their investigations through WhatsApp chats. In a brief informal survey that I carried out in my medical school’s WhatsApp group, in which 32 out of 69 participants responded, an overwhelming majority of the respondents (24/32; 75%) felt that sharing of data was acceptable as long as the data were not identifiable. Only one respondent stressed the importance of end-to-end encryption. A minority (4/32; 12.5%) was of the opinion that data should never be shared on WhatsApp, while the rest had no reservations about sharing of data even when they were identifiable (4/32; 12.5%).
Technological advancements, including WhatsApp-based communications, can facilitate clinical care (2, 3), but they also introduce new challenges in relation to the confidentiality of the patient. There is a possibility of breach of confidentiality. Also, one cannot ignore the risk associated with the transmission of sensitive data to external servers (4).
The indiscriminate sharing of data on mobiles, particularly on group chats, raises further challenges. Identifiable data might relate to individuals within a group, and the relatives of the members of a group may gain access to their mobile devices, or the devices may get lost or stolen, leading to accidental breaches of confidentiality.
Not all data are personally identifiable. A majority of the respondents in my survey felt that it was acceptable to share unidentifiable data. However, a combination of data may still identify patients even if the individual components of the data are not identifiable. In the traditional setting of print journals, even anonymous case reports describing a constellation of rare findings might reveal the identity of the patient from the authors’ affiliation, which is an indicator of the geographical location. This has led some journals to make consent mandatory even if the reports are anonymised (5). The risk of breach of confidentiality may be greater in the case of sharing of unidentifiable data on WhatsApp chats than in that of accessing case reports in print journals because in the former,individuals must actively seek out information from the journal, whereas WhatsApp posts are unsolicited. Further, data can be unintentionally and accidentally posted in another group. As for identifiable data, indiscriminate sharing of these on smart phones should be considered a very serious breach of confidentiality. Any consent obtained from the patient must be comprehensive.
Doctors should be educated on the potential misuse of data when using mass communication tools. There should be adequate information governance oversight of the process. Smartphone devices could be offered in restricted settings within hospitals, strictly for institutional use, to facilitate the process of sharing data, speed up communication and make for more prompt consults, but these devices should not be made available for personal use.
Abhijit M Bal (firstname.lastname@example.org), Consultant and Clinical Lead, Department of Microbiology, University Hospital Crosshouse, Lister Street, Kilmarnock KA2 0BE, UK