FOI 5780-Messaging solutions used to share patient data

Date: 19 November 2019 to 19 November 2022

How many of your doctors and healthcare professionals are still using SMS, WhatsApp, Facebook Messenger, Signal, Telegram or similar messaging solutions to share patient data?

 

Does your trust have a contract with a digital communications company for inter team communication (e.g. Induction, Hospify, Siilo, Forward, Medic Bleep, Common Time, Ascom, Vocera etc)? Please state which digital communications company.

 

Is this communications solution being used across the whole trust or just in pockets (e.g. wards, units or departments)? If in pockets, which wards, units and departments, and why only in those areas?

 

If your trust does have a contract with a digital communications company, do you have a data sharing agreement and clinical safety assessment in place with this company? Was there any period in the last 3 years when your trust has been using a digital communications solution without a data sharing agreement in place?  How many patients data has been inappropriately shared without this governance? How many patients data is expected to be still shared without the right governance over the next 2 years? NHS England states that each software provider and NHS organisation has to do DCB 0129/0160 before deploying a technology in order to make sure of its clinical safety – did your trust do DCB 0129/0160 before deploying a digital communications solution?

If not, what is your trust doing about it?

 

  • Request ID:
    FOI 5780
  • Category:
    Trust - Equipment
  • Response:
    1. How many of your doctors and healthcare professionals are still using SMS, WhatsApp, Facebook Messenger, Signal, Telegram or similar messaging solutions to share patient data?

    -        Trust staff are primarily encouraged to use the Skype for Business IM solution associated with their NHSmail accounts and managed/provided by NHS Digital for any work based IM requirements.

    -        Forward App has also been used by some clinicians since July 2017.

    -        Restrictions are in place to limit systems used by Trust owned devices, however the Trust does not have the capability to audit/monitor personally owned devices and therefore cannot provide data on this aspect.

     

    1. Does your trust have a contract with a digital communications company for inter team communication (e.g. Induction, Hospify, Siilo, Forward, Medic Bleep, Common Time, Ascom, Vocera etc)? Please state which digital communications company.

    -        Trust staff are primarily encouraged to use the Skype for Business IM solution associated with their NHSmail accounts and managed/provided by NHS Digital.

    -        Forward App has also been used by some clinicians since July 2017

     

    1. Is this communications solution being used across the whole trust or just in pockets (e.g. wards, units or departments)? If in pockets, which wards, units and departments, and why only in those areas?

    -        Skype for Business all NHSmail users

    -        Forward App – Pockets of Doctors and Nurses.

     

    1. If your trust does have a contract with a digital communications company, do you have a data sharing agreement and clinical safety assessment in place with this company?

    -        All NHSmail and associated SfB arrangements are managed centrally by NHSmail, with IT support at the Trust acting as local LOAs.

    -        The use of Forward App was signed off by the Trusts previous CEO and SIRO following assessments from IG, IT Security and Clinical Safety representatives.

    -        As no identifiable information should be used we do not have a sharing agreement with Forwardapp

     

    1. Was there any period in the last 3 years when your trust has been using a digital communications solution without a data sharing agreement in place? 

    -        NHSmail is managed centrally by NHS Digital.

    -        The use of Forward App was signed off by the Trusts previous CEO and SIRO following a review of IT Security, IG and Clinical Safety assessments.

     

    1. How many patients data has been inappropriately shared without this governance? How many patients data is expected to be still shared without the right governance over the next 2 years?

    -        As stated above, the Trusts recommends the use of reviewed and approved solutions for IM.

    -        The Trust has not notified any inappropriate data sharing via other IM solutions.

    -        Restrictions are in place to limit systems used by Trust owned devices, however the Trust does not have the capability to audit/monitor personally owned devices and therefore cannot provide data on this aspect.

     

    1. NHS England states that each software provider and NHS organisation has to do DCB 0129/0160 before deploying a technology in order to make sure of its clinical safety – did your trust do DCB 0129/0160 before deploying a digital communications solution?

    -        For applicable system/software - both the Trust’s Chief Clinical Information Officer and the PMO Quality Manager process DCB0160 requirements.

    DCB0129 activities comes under the software providers responsibilities

     

    1. If not, what is your trust doing about it?

    -        With specific regards to the use of IM solutions, the Trust refers to the specific guidance document issued by NHS Digital available here: https://digital.nhs.uk/binaries/content/assets/website-assets/data-and-information/ig-resources/information-governance-considerations-for-individuals-on-the-use-of-instant-messaging-software-in-acute-clinical-settings.pdf

    -        Whilst SfB is encouraged as the primary method of IM communication, staff are directed to follow the guidance of this documentation prior to the use of any IM solution.