Cloud-based solution for secure mobile clinical photography
It's nine o'clock in the evening and two distraught parents turn up at an emergency room with their 12-month-old baby, who has tipped over a cup of hot tea and scalded herself. Pain relief is the first priority for the resident who examines the child, but the thickness of the burn and the potential for scarring encourage the resident to ask the emergency registrar for his opinion.
The ED registrar, however, is not sure what to do either, so he calls the plastic surgical registrar, who lives an hour's drive away and has only just arrived home from her shift. She asks the emergency registrar to email her a photo of the burn and she'll give her opinion over the phone. Unfortunately, this is not possible. It is hospital policy that photos taken of patients cannot be sent beyond its walls, so the plastics registrar gets back in her car, drives all the way back to the hospital, attends to the patient, and returns home exhausted, to get up early and do it all again.
This may sound like a case of bad policy interfering with quality medical care, but under Australian law, the hospital policy is correct. Under federal privacy laws, clinical photos that can identify a patient cannot be taken without informed consent, cannot be stored on an individual device, should not be distributed by email or an insecure website, and must remain in Australia.
These photos are the property and responsibility of the hospital if taken in the public sector, and they must be stored by the hospital for at least seven years under freedom of information (FOI) laws.
Few clinicians, however, are even aware of these rules. The use of clinical photography is invaluable to the medical profession, particularly for specialties like plastic surgery and dermatology, and can be indispensable tools for health professionals practising in rural settings. Photos are useful not only for comparing a wound before and after a procedure, but for monitoring healing over time, for consulting on a case with colleagues, and for educational purposes.
And the use of clinical photography is destined to grow, particularly with the almost universal use of mobile smart devices handily equipped with a camera with the ability to email or upload photos to the web. But there are many dangers attached to this practice, not the least of which is the potential for costly fines for breaches of the Commonwealth Privacy Act.
David Hunter-Smith is a plastic surgeon based at Victoria's Peninsula Health and an examiner for the Royal Australasian College of Surgeons. Clinical photography is essential to both of these roles, but he and his colleagues have become increasingly concerned over the last few years that general awareness of privacy principles is low, that policy is not aligning with quality, and that no one seems to have come up with an adequate solution.
These concerns were further enhanced by the discovery, revealed under FOI, that in three separate cases last year at one Melbourne hospital, undocumented, identifiable images of patients were found unsecured on residents' phones with no consent from the patient having been obtained.
So Dr Hunter-Smith and a colleague, dermatologist Ted Carner, decided to do something about it. Equipped with some sage advice from friend and public health specialist Tony Stewart, the duo set out to develop a solution that would overcome the numerous ethical and privacy issues confronting the use of clinical photography.
Forming a team with Melbourne brand building, design and app development studio ProjectProject and leading burn-specialist plastic surgeon, Heather Cleland, what they have come up with is a smartphone app called PicSafe Medi, which consists of three discrete modules.
The first is the smartphone app itself, which has been built to be compatible with both iOS and Android platforms. It has been designed to allow the safe capture of patient images, patient consent for the images, and secure transmission of the images to a certified repository.
The second PicSafe module is the repository component, which is hosted on a highly secure, Australian-based server, and stores all transmitted images, with nifty provisions made for tagging, archiving, and rapid retrieval of photos.
The final module of the PicSafe Medi system is the in-built flexibility to design custom interfaces that will allow different health services and institutions to access clinical photos taken by their personnel and seamlessly attach these photos to the appropriate patient’s clinical record.
“It all sounds quite simple but the process of getting there wasn't quite that easy,” Dr Hunter-Smith says. “Ted, Heather and I talked and talked about it, and we quickly realised that we couldn't do this in the back yard. It is quite a big idea. We were very fortunate to find Chris Gillard and his guys from ProjectProject – a seriously smart group of people who are proven, but not medical.
“I think the non-medical thing and being small, innovative and smart have made it fantastic because if we had tried to do this within a big organisation we'd probably just be stuck with a simple ‘terms of reference’ by now – and a complex committee structure.”
Before setting off to develop an app, however, Dr Hunter-Smith and another colleague, Michael Kirk, separately undertook research in the department of surgery at Peninsula Health, with full human research and ethics committee approval. What they wanted to find out was the level of use of cameras on smartphones by doctors, how doctors were using their smartphone cameras in the clinical setting, what their understanding was of the published policies pertaining to clinical photography, and whether or not they were adhering to these policies.
“We found that, of the doctors we surveyed, all had a phone, most with in-built cameras, and almost all of these physicians were connected to the Internet, but only 43 per cent had a lock on their phone,” Dr Hunter-Smith says.
“We found that 65 per cent of our doctors are taking clinical images but only a quarter have obtained appropriate patient consent, and of those, only seven per cent have obtained written consent. Only 23 per cent of these doctors surveyed document in the medical record that an image has been taken of their patient and many keep those clinical images for later use, with 91 per cent sharing images in insecure ways such as email and IM.
“While almost everyone feels that [clinical photography] has a positive effect on patient care, only 40 per cent of respondents knew that there was a prevailing policy regarding clinical photography and of those who do know there was a policy, only five per cent have read it. Sixty per cent incorrectly believe that they, rather than the hospital, own the image.”
He says that last year alone, there were three FOI claims looking for clinical photographs where the images were ultimately found on residents' phones without documentation.
“There is huge risk there," Dr Hunter-Smith says. "We know mobile technology is really good for people and is used a lot, but the policy can't handle it at the moment. We are all in a bit of a spot.”
Secure picture repository
For Chris Gillard and his team at ProjectProject, developing the new system meant understanding all of these complex requirements. His team has come up with a solution that ensures photos taken through the app will not be stored on the phone, and when an authenticated user accesses a photo, they will be provided with a time-limited, dynamically generated link to that photo.
“All information is transmitted over a secure Internet protocol and stored in a secure server on Australian soil,” Mr Gillard says. “This satisfies the problem of trans-border data flow and the Health Privacy Principles Act, enacted by the federal government after the ramifications of the US Patriot Act became clear.”
A significant amount of work has gone into PicSafe Medi's security measures, with all images and documents being checksummed and audited, all watermarked and geo/device-ID tagged, and time/date stamped, Mr Gillard says. Users accessing an image can only do so through secure log in, and to prevent sharing and misuse, all third party access to an image is time limited. An internal logging system also allows for simple audit trails.
“Actual use of the app is rather easy, however,” he says. “A great deal of time has been spent ensuring that normal workflows are maintained while benefiting from the PicSafe system’s added security and privacy layers.”
The nurse or doctor opens the app on their phone with their secure password and takes one or more photos. Tags can then be added, followed by capturing the patient’s signed (finger-screen) or recorded (audio) consent.
Once the image is acquired and consented, the photo is then sent to the securely hosted PicSafe Medi server, which stores the photo and returns a short automated URL. The nurse then sends an SMS or email to the specialist with the attached URL. The specialist then logs in through the website and retrieves the image for quick assessment.
Authorised users who have the PicSafe Medi app can also check their archives for previous patients’ photos, and allow colleagues to do the same under an audited registration and internally logged process that PicSafe Medi will manage.
“One of the key capabilities of the PicSafe Medi product is the ability to custom-develop for an institution or an existing medical network,” Mr Gillard says. “We can create APIs for organisations allowing images captured using PicSafe Medi to automatically appear in their records. As an example, the IT and senior management team at Peninsula Health here in Victoria have been working with us to develop a solution for the government institutional side.
“One requirement is that their users be able to insert the patient’s UR number, allowing direct delivery of captured images into the hospital’s system.
“We recognised the need for this type of flexible development capacity early on and, although we haven't seen all of the systems that are out there, we will be looking to build an API that will help to seamlessly bridge PicSafe Medi with existing institutional and other third-party systems.”
The team also plans to expand into the GP market, Dr Carner says. “We plan to design APIs specifically for general practitioners currently using popular office-based clinical software, as well,” he says. “I use Genie and Argus in my private practice and hope to wed these, and other such systems, with PicSafe Medi and enjoy the resultant synergies. We haven't written the code yet, but it is certainly doable.
“PicSafe Medi is a stand-alone product that works simply, efficiently, and securely without disrupting normal workflows. Just knowing that all of my patients’ pictures are tagged, safely stored, and waiting at my fingertips is really quite comforting. If I can then easily transfer these pictures to my patients’ office records, I’m a very happy doc indeed.”
PicSafe Medi will very shortly be available for iOS on the iTunes App Store and for Android via Google Play. Interested parties are encouraged to register their interest at http://picsafe.com/medi.This story first appeared in the November 2012 issue of Pulse+IT Magazine.
Posted in Australian eHealth