Electronic tools are now being used more widely in medicine than ever before. A majority of physicians in Canada have adopted electronic medical records (EMRs)-75% of physicians use EMRs to enter or retrieve clinical patient notes, and 80% use electronic tools to access laboratory/diagnostic test results. The increased use of point-of-care tools and information repositories has resulted in the mass digitization and storage of clinical information, which provides opportunities for the use of big data analytics.
Big data analytics may come to be understood as the process of examining clinical data in EMRs cross-referenced with other administrative, demographic and behavioural data sources to reveal determinants of patient health and patterns in clinical practice. Its increased use may provide opportunities to develop and enhance clinical practice tools and to improve health outcomes at both point-of-care and population levels. However, given the nature of EMR use in Canada, these opportunities may be restricted to primary care practice at this time.
Physicians play a central role in finding the right balance between leveraging the advantages of big data analytics and protecting patient privacy. Guiding Principles for the Optimal Use of Data Analytics by Physicians at the Point of Care outlines basic considerations for the use of big data analytics services and highlights key considerations when responding to requests for access to EMR data, including the following:
* Why will data analytics be used? Will the safety and effectiveness of patient care be enhanced? Will the results be used to inform public health measures?
* What are the responsibilities of physicians to respect and protect patient and physician information, provide appropriate information during consent conversations, and review data sharing agreements and consult with EMR vendors to understand how data will be used?
As physicians will encounter big data analytics in a number of ways, this document also outlines the characteristics one should be looking for when assessing the safety and effectiveness of big data analytics services:
* protection of privacy
* clear and detailed data sharing agreement
* physician-owned and -led data collaboratives
* endorsement by a professional or recognized association, medical society or health care organization
* scope of services and functionality/appropriateness of data
While this guidance is not a standalone document-it should be used as a supplemental reference to provincial privacy legislation-it is hoped that it can aid physicians to identify suitable big data analytics services and derive benefits from them.
This document outlines basic considerations for the use of big data analytics services at the point of care or for research approved by a research ethics board. This includes considerations when responding to requests for access to data in electronic medical records (EMRs).
These guiding principles build on the policies of the Canadian Medical Association (CMA) on Data Sharing Agreements: Principles for Electronic Medical Records/Electronic Health Records,1 Principles Concerning Physician Information2 and Principles for the Protection of Patients' Personal Health Information,3 the 2011 clinical vignettes Disclosing Personal Health Information to Third Parties4 and Need to Know and Circle of Care,5 and the Canadian Medical Protective Association's The Impact of Big Data on Healthcare and Medical Practice.6
These guiding principles are for information and reference only and should not be construed as legal or financial advice, nor is this document a substitute for legal or other professional advice. Physicians must always comply with all legislation that applies to big data analytics, including privacy legislation. Big data analytics in the clinical context involves the collection, use and potential disclosure of patient and physician information, both of which could be considered sensitive personal information under privacy legislation.
Big data analytics has the potential to improve health outcomes, both at the point of care and at a population level. Doctors have a key role to play in finding the right balance between leveraging the advantages of big data (enhanced care, service delivery and resource management) and protecting patient privacy.7
A majority of physicians in Canada have adopted EMRs in their practice. The percentage of physicians using EMRs to enter or retrieve clinical patient notes increased from 26% in 2007 to 75% in 2014. Eighty percent of physicians used electronic tools to access laboratory/diagnostic test results in 2014, up from 38% in 2010.8 The increasingly broad collection of information by physicians at the point of care, combined with the growth of information repositories developed by various governmental and intergovernmental bodies, has resulted in the mass digitization and storage of clinical information.
Big data is the term for data sets so large and complex that it is difficult to process them using traditional relational database management systems, desktop statistics and visualization software. What is considered "big" depends on the infrastructure and capabilities of the organization managing the data.9
Analytics is the discovery and communication of meaningful patterns in data. Analytics relies on the simultaneous application of statistics, computer programming and operations research. Analytics often favours data visualization to communicate insight, and insights from data are used to guide decision-making.10
For physicians, big data analytics may come to be understood as the process of examining the clinical data in EMRs cross-referenced with other administrative, demographic and behavioural data sources to reveal determinants of patient health and patterns in clinical practice. This information can be used to assist clinical decision-making or for research approved by a research ethics board.
There are four types of big data analytics physicians may encounter in the provision of patient care. They are generally performed in the following sequence, in a continuous cycle11,12,13,14:
1. Population health analytics: Health trends are identified in the aggregate within a community, a region or a national population. The data can be derived from biomedical and/or administrative data.
2. Risk-based cost analysis: Populations are segmented into groups according to the level of risk to the patient's health and/or cost to the health system.
3. Care management: Clinicians are enabled to manage patient care according to defined care pathways and clinical protocols informed by population health analytics and risk-based cost analysis. Care management includes the following:
o Clinical decision support: Outcomes are predicted and/or alternative treatments are recommended to clinicians and patients at the point of care.
o Personalized/precision care: Personalized data sets, such as genomic DNA sequences for at-risk patients, are leveraged to highlight best practice treatments for patients and practitioners. These solutions may offer early detection and diagnosis before a patient develops disease symptoms.
o Clinical operations: Workflow management is performed, such as wait-times management, mining historical and unstructured data for patterns to predict events that may affect care.
o Continuing education and professional development: Longitudinal performance data are combined across institutions, classes, cohorts or programs with correlating patient outcomes to assess models of education and/or develop new programs.
4. Performance analytics: Metrics for quality and efficiency of patient care are cross-referenced with clinical decision-making and performance data to assess clinical performance.
This cycle is also sometimes understood as a component of "meaningful" or "enhanced" use of EMRs.
How might physicians encounter big data analytics?
Many EMRs run analytics both visibly (e.g., as a function that can be activated at appropriate junctures in the care pathway) and invisibly (e.g., as tools that run seamlessly in the background of an EMR). Physicians may or may not be aware when data are being collected, analyzed, tailored or presented by big data analytics services. However, many jurisdictions are strengthening their laws and standards, and best practices are gradually emerging.15
Physicians may have entered into a data sharing agreement with their EMR vendor when they procured an EMR for their practice. Such agreements may include provisions to share de-identified (i.e., anonymized) and/or aggregate data with the EMR vendor for specified or unspecified purposes.
Physicians may also receive requests from third parties to share their EMR data. These requests may come from various sources:
* provincial governments
* intergovernmental agencies
* national and provincial associations, including medical associations
* non-profit organizations
* independent researchers
* EMR vendors, service providers and other private corporations
National Physician Survey results indicate that in 2014, 10% of physicians had shared data from their EMRs for the purposes of research, 10% for chronic disease surveillance and 8% for care improvement. Family physicians were more likely than other specialists to share with public health agencies (22% v. 11%) and electronic record vendors (13% v. 2%). Specialists were more likely than family physicians to share with researchers (59% v. 37%), hospital departments (47% v. 20%) and university departments (28% v. 15%).
There is significant variability across the provinces with regard to what proportion of physicians are sharing information from their EMRs, which is affected by the presence of research initiatives, research objectives defined by the approval of a research ethics board, the adoption rates of EMRs among physicians in the province and the functionality of those EMRs.16
For example, there are family practitioners across Canada who provide data to the Canadian Primary Care Sentinel Surveillance Network (CPCSSN). The CPCSSN is a multi-disease EMR surveillance and research system that allows family physicians, epidemiologists and researchers to understand and manage chronic care conditions for patients. Health information is collected from EMRs in the offices of participating family physicians, specifically information about Canadians suffering from chronic and mental health conditions and three neurologic conditions, including Alzheimer's and related dementias.17
In another example, the Canadian Partnership Against Cancer's Surgical Synoptic Reporting Initiative captures standardized information about surgery at the point of care and transmits the surgical report to other health care personnel. Surgeons can use the captured information, which gives them the ability to assess adherence to the clinical evidence and safety procedures embedded in the reporting templates, to track their own practices and those of their community.18 The concept of synoptic reporting-whereby a physician provides anonymized data about their practice in return for an aggregate report summarizing the practice of others -can be expanded to any area in which an appropriate number of physicians are willing to participate.
Guiding principles for the use of big data analytics
These guiding principles are designed to give physicians a starting point as they consider the use of big data analytics in their practices:
* The objective of using big data analytics must be to enhance the safety and/or effectiveness of patient care or for the purpose of health promotion.
* Should a physician use big data analytics, it is the responsibility of the physician to do so in a way that adheres to their legislative, regulatory and/or professional obligations.
* Physicians are responsible for the privacy of their individual patients. Physicians may wish to refer to the CMA's policy on Principles for the Protection of Patients' Personal Health Information.19
* Physicians are responsible for respecting and protecting the privacy of other physicians' information. Physicians may wish to refer to the CMA's policy on Principles Concerning Physician Information.20
* When physicians enter into and document a broad consent discussion with their patient, which can include the electronic management of health information, this agreement should convey information to cover the elements common to big data analytics services.
* Physicians may also wish to consider the potential for big data analytics to inform public health measures and enhance health system efficiency and take this into account when responding to requests for access to data in an EMR.
* Many EMR vendors provide cloud-based storage to their clients, so information entered into an EMR may be available to the EMR vendor in a de-identified and/or aggregate state. Physicians should carefully read their data sharing agreement with their EMR vendor to understand how and why the data that is entered into an EMR is used, and/or they should refer to the CMA's policy on the matter, Data Sharing Agreements: Principles for Electronic Medical Records/Electronic Health Records.21
* Given the dynamic nature of this emerging tool, physicians are encouraged to share information about their experiences with big data analytics and its applications with colleagues.
Characteristics of safe and effective big data analytics services
1. Protection of privacy
Privacy and security concerns present a challenge in linking big data in EMRs. As data are linked, it becomes increasingly difficult to de-identify individual patients.22
As care is increasingly provided in interconnected, digital environments, physicians are having to take on the role of data stewardship. To that end, physicians may wish to employ conservative risk assessment practices-"should we" as opposed to "can we" when linking data sources-and obtain express patient consent, employing a "permission-based" approach to the collection and stewardship of data.
2. A clear and detailed data sharing agreement
Physicians entering into a contract with an EMR vendor or other third party for provision of services should understand how and when they are contributing to the collection of data for the purposes of big data analytics services. There are template data sharing agreements available, which include the basic components of safe and effective data sharing, such as the model provided by the Information and Privacy Commissioner of Ontario.23
Data sharing agreements may include general use and project-specific use, both of which physicians should assess before entering into the agreement. When EMR access is being provided to a ministry of health and/or regional health authority, the data sharing agreement should distinguish between access to administrative data and access to clinical data.
Physicians may wish to refer to the CMA's policy on Data Sharing Agreements: Principles for Electronic Medical Records/Electronic Health Records.24
3. Physician-owned and -led data collaboratives
In some provinces there may exist opportunities to share clinical data in physician-owned and -led networks to reflect on and improve patient care. One example is the Physicians Data Collaborative in British Columbia, a not-for-profit organization open to divisions of family practice.25 Collaboratives such as this one are governed by physicians and driven by a desire to protect the privacy and safety of patients while producing meaningful results for physicians in daily practice.
Participation in physician-owned data collaboratives may ensure that patient data continue to be managed by physicians, which may lead to an appropriate prioritization of physicians' obligations to balance patient-centred care and patient privacy.
4. Endorsement by a professional or other recognized association or medical society or health care organization
When considering use of big data analytics services, it is best to select services created or endorsed by a professional or other recognized association or medical society. Some health care organizations, such as hospitals, may also develop or endorse services for use in their clinical environments. Without such endorsement, physicians are advised to proceed with additional caution.
5. Scope of services and functionality/appropriateness of data
Physicians may wish to seek out information from EMR vendors and service providers about how big data analytics services complement the process of diagnosis and about the range of data sources from which these services draw. While big data analytics promises insight into population health and practice trends, if it is not drawing from an appropriate level of cross-referenced sources it may present a skewed picture of both.26 Ultimately, the physician must decide if the sources are appropriately diverse.
Physicians should expect EMR vendors and service providers to make clear how and why they draw the information they do in the provision of analytics services. Ideally, analytics services should integrate population health analytics, risk-based cost analysis, care management services (such as point-of-care decision support tools) and performance analytics.
Physicians should expect EMR vendors to allocate sufficient health informatics resources to information management, technical infrastructure, data protection and response to breaches in privacy, and data extraction and analysis.27,28
Physicians may also wish to consider the appropriateness of data analytics services in the context of their practices. Not all data will be useful for some medical specialties, such as those treating conditions that are relatively rare in the overall population. The potential for new or enhanced clinical practice tools informed by big data analytics may be restricted to primary care practice at this time.29
Finally, predictive analytics often make treatment recommendations that are designed to improve the health outcomes in a population, and these recommendations may conflict with physicians' ethical obligations to act in the best interests of individual patients and respect patients' autonomous decision-making).30
1 Canadian Medical Association. Data sharing agreements: principles for electronic medical records/electronic health records [CMA policy]. Ottawa: The Association; 2009. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD09-01.pdf
2 Canadian Medical Association. Principles concerning physician information [CMA policy]. CMAJ 2002 167(4):393-4. Available: http://policybase.cma.ca/dbtw-wpd/PolicyPDF/PD02-09.pdf
3 Canadian Medical Association. Principles for the protection of patients' personal health information [CMA policy]. Ottawa: The Association; 2010. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD11-03.pdf
4 Canadian Medical Association. Disclosing personal health information to third parties. Ottawa: The Association; 2011. Available: www.cma.ca/Assets/assets-library/document/en/advocacy/CMA_Disclosure_third_parties-e.pdf
5 Canadian Medical Association. Need to know and circle of care. Ottawa: The Association; 2011. Available: www.cma.ca/Assets/assets-library/document/en/advocacy/CMA_Need_to_know_circle_care-e.pdf
6 Canadian Medical Protective Association. The impact of big data on healthcare and medical practice. Ottawa: The Association; no date. Available: https://oplfrpd5.cmpa-acpm.ca/documents/10179/301372750/com_14_big_data_design-e.pdf
7 Kayyali B, Knott D, Van Kuiken S. The 'big data' revolution in US health care: accelerating value and innovation. New York: McKinsey & Company; 2013. p. 1.
8 College of Family Physicians of Canada, Canadian Medical Association, Royal College of Physicians and Surgeons of Canada. National physician survey, 2014. National results by FP/GP or other specialist, sex, age and all physicians. Q7. Ottawa: The Colleges and Association; 2014. Available: http://nationalphysiciansurvey.ca/wp-content/uploads/2014/08/2014-National-EN-Q7.pdf
9 Anonymous. Data, data everywhere. The Economist 2010 Feb 27. Available: www.economist.com/node/15557443
10 Anonymous. Data, data everywhere. The Economist 2010 Feb 27. Available: www.economist.com/node/15557443
11 Canada Health Infoway. Big data analytics in health. Toronto: Canada Health Infoway; 2013. Available: www.infoway-inforoute.ca/index.php/resources/technical-documents/emerging-technology/doc_download/1419-big-data-analytics-in-health-white-paper-full-report (accessed 2014 May 16).
12 Ellaway RH, Pusic MV, Galbraith RM, Cameron T. 2014 Developing the role of big data and analytics in health professional education. Med Teach 2014;36(3):216-222.
13 Marino DJ. Using business intelligence to reduce the cost of care. Healthc Financ Manage 2014;68(3):42-44, 46.
14 Porter ME, Lee TH. The strategy that will fix health care. Harv Bus Rev 2013;91(10):50-70.
15 Baggaley C. Data protection in a world of big data: Canadian Medical Protective Association information session [presentation]. 2014 Aug 20. Available: https://oplfrpd5.cmpa-acpm.ca/documents/10179/301372750/com_2014_carmen_baggaley-e.pdf
16 College of Family Physicians of Canada, Canadian Medical Association, Royal College of Physicians and Surgeons of Canada. National physician survey, 2014. National results by FP/GP or other specialist, sex, age and all physicians. Q10. Ottawa: The Colleges and Association; 2014. Available: http://nationalphysiciansurvey.ca/wp-content/uploads/2014/08/2014-National-EN-Q10.pdf
17 Canadian Primary Care Sentinel Surveillance Network. Available: http://cpcssn.ca/ (accessed 2014 Nov 15).
18 Canadian Partnership Against Cancer. Sustaining action toward a shared vision: 2012-2017 strategic plan. Toronto: The Partnership; no date. Available: www.partnershipagainstcancer.ca/wp-content/uploads/sites/5/2015/03/Sustaining-Action-Toward-a-Shared-Vision_accessible.pdf
19 Canadian Medical Association. Principles for the protection of patients' personal health information [CMA policy]. Ottawa: The Association; 2011. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD11-03.pdf
20 Canadian Medical Association. Principles for the protection of patients' personal health information [CMA policy]. Ottawa: The Association; 2011. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD11-03.pdf
21 Canadian Medical Association. Data sharing agreements: principles for electronic medical records/electronic health records [CMA policy]. Ottawa: The Association; 2009. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD09-01.pdf
22 Weber G, Mandl KD, Kohane IS. Finding the missing link for big biomedical data . JAMA 2014;311(24):2479-2480. doi:10.1001/jama.2014.4228.
23 Information and Privacy Commissioner of Ontario. Model data sharing agreement. Toronto: The Commissioner; 1995. Available: www.ipc.on.ca/images/Resources/model-data-ag.pdf
24 Canadian Medical Association. Data sharing agreements: principles for electronic medical records/electronic health records [CMA policy]. Ottawa: The Association; 2009. Available: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD09-01.pdf
25 Physicians Data Collaborative. Overview. Available: www.divisionsbc.ca/datacollaborative/home
26 Cohen IG, Amarasingham R, Shah A, Xie B, Lo B. The legal and ethical concerns that arise from using complex predictive analytics in health care. Health Aff 2014;33(7):1139-1147.
27 Rhoads J, Ferrara L. Transforming healthcare through better use of data. Electron Healthc 2012;11(1):e27.
28 Canadian Medical Protective Association. The impact of big data and healthcare and medical practice. Ottawa: The Association; no date. Available: https://oplfrpd5.cmpa-acpm.ca/documents/10179/301372750/com_14_big_data_design-e.pdf
29 Genta RM, Sonnenberg A. Big data in gastroenterology research. Nat Rev Gastroenterol Hepatol 2014;11(6):386-390.
30 Cohen IG, Amarasingham R, Shah A, Xie B, Lo B. The legal and ethical concerns that arise from using complex predictive analytics in health care. Health Aff 2014;33(7):1139-1147.
Clinical photography is a valuable tool for physicians. Smartphones, as well as other devices supporting network connectivity, offer a convenient, efficient method to take and share images. However, due to the private nature of the information contained in clinical photographs there are concerns as to the appropriate storage, dissemination, and documentation of clinical images. Confidentiality of image data must be considered and the dissemination of these images onto servers must respect the privacy and rights of the patient. Importantly, patient information should be considered as any information deriving from a patient, and the concepts outlined therefore apply to any media that can be collected on, or transmitted with, a smart-device.
Clinical photography can aid in documenting form and function, in tracking conditions and wound healing, in planning surgical operations, and in clinical decision-making. Additionally, clinical photographs can provide physicians with a valuable tool for patient communication and education. Due to the convenience of this type of technology it is not appropriate to expect physicians to forego their use in providing their patients with the best care available.
The technology and software required for secure transfer, communication, and storage of clinical media is presently available, but many devices have non-secure storage/dissemination options enabled and lack user-control for permanently deleting digital files. In addition, data uploaded onto server systems commonly cross legal jurisdictions. Many physicians are not comfortable with the practice, citing security, privacy, and confidentiality concerns as well as uncertainty in regards to regional regulations governing this practice.1 Due to concern for patient privacy and confidentiality it is therefore incredibly important to limit the unsecure or undocumented acquisition or dissemination of clinical photographs.
To assess the current state of this topic, Heyns et al. have reviewed the accessibility and completeness of provincial and territorial medical regulatory college guidelines.2 Categories identified as vital and explored in this review included: Consent; Storage; Retention; Audit; Transmission; and Breach. While each regulatory body has addressed limited aspects of the overall issue, the authors found a general lack of available information and call for a unified document outlining pertinent instructions for conducting clinical photography using a smartphone and the electronic transmission of patient information.2
The discussion of this topic will need to be ongoing and it is important that physicians are aware of applicable regulations, both at the federal and provincial levels, and how these regulations may impact the use of personal devices. The best practices supported here aim to provide physicians and healthcare providers with an understanding of the scope and gravity of the current environment, as well as the information needed to ensure patient privacy and confidentiality is assessed and protected while physicians utilize accessible clinical photography to advance patient care. Importantly, this document only focusses on medical use (clinical, academic, and educational) of clinical photography and, while discussing many core concepts of patient privacy and confidentiality of information, should not be perceived as a complete or binding framework. Additionally, it is recommended that physicians understand the core competencies of clinical photography, which are not described here.
The Canadian Medical Association (CMA) suggests that the following recommendations be implemented, as thoroughly as possible, to best align with the CMA policy on the Principles for the Protection of Patient Privacy (CMA Policy PD2018-02). These key recommendations represent a non-exhaustive set of best practices - physicians should seek additional information as needed to gain a thorough understanding and to stay current in this rapidly changing field.
* Informed consent must be obtained, preferably prior, to photography with a mobile device. This applies for each and any such encounter and the purpose made clear (i.e. clinical, research, education, publication, etc.). Patients should also be made aware that they may request a copy of a picture or for a picture to be deleted.
* A patient's consent to use electronic transmission does not relieve a physician of their duty to protect the confidentiality of patient information. Also, a patient's consent cannot override other jurisdictionally mandated security requirements.
* All patient consents (including verbal) should be documented. The acquisition and recording of patient consent for medical photography/dissemination may be held to a high standard of accountability due to the patient privacy and confidentiality issues inherent in the use of this technology. Written and signed consent is encouraged.
* Consent should be considered as necessary for any and all photography involving a patient, whether or not that patient can be directly recognized, due to the possibility of linked information and the potential for breach of privacy. The definition of non-identifiable photos must be carefully considered. Current technologies such as face recognition and pattern matching (e.g. skin markers, physical structure, etc.), especially in combination with identifying information, have the potential to create a privacy breach.
* Unsecure text and email messaging requires explicit patient consent and should not be used unless the current gold standards of security are not accessible. For a patient-initiated unsecure transmission, consent should be clarified and not assumed.
* Transmission of photos and patient information should be encrypted as per current-day gold standards (presently, end-to-end encryption (E2EE)) and use only secure servers that are subject to Canadian laws. Explicit, informed consent is required otherwise due to privacy concerns or standards for servers in other jurisdictions. Generally, free internet-based communication services and public internet access are unsecure technologies and often operate on servers outside of Canadian jurisdiction.
* Efforts should be made to use the most secure transmission method possible. For data security purposes, identifying information should never be included in the image, any frame of a video, the file name, or linked messages.
* The sender should always ensure that each recipient is intended and appropriate and, if possible, receipt of transmission should be confirmed by the recipient.
* Storing images and data on a smart-device should be limited as much as possible for data protection purposes.
* Clinical photos, as well as messages or other patient-related information, should be completely segregated from the device's personal storage. This can be accomplished by using an app that creates a secure, password-protected folder on the device.
* All information stored (on internal memory or cloud) must be strongly encrypted and password protected. The security measures must be more substantial than the general password unlock feature on mobile devices.
* Efforts should be made to dissociate identifying information from images when images are exported from a secure server. Media should not be uploaded to platforms without an option for securely deleting information without consent from the patient, and only if there are no better options. Automatic back-up of photos to unsecure cloud servers should be deactivated. Further, other back-up or syncing options that could lead to unsecure server involvement should be ascertained and the risks mitigated.
4. Cloud storage should be on a Canadian and SOCII certified server. Explicit, informed consent is required otherwise due to privacy concerns for servers in other jurisdictions.
5. AUDIT & RETENTION
* It is important to create an audit trail for the purposes of transparency and medical best practice. Key information includes patient and health information, consent type and details, pertinent information regarding the photography (date, circumstance, photographer), and any other important facts such as access granted/deletion requests.
* Access to the stored information must be by the authorized physician or health care provider and for the intended purpose, as per the consent given. Records should be stored such that it is possible to print/transfer as necessary.
* Original photos should be retained and not overwritten.
* All photos and associated messages may be considered part of the patient's clinical records and should be maintained for at least 10 years or 10 years after the age of majority, whichever is longer. When possible, patient information (including photos and message histories between health professionals) should be retained and amalgamated with a patient's medical record. Provincial regulations regarding retention of clinical records may vary and other regulations may apply to other entities - e.g. 90 years from date of birth applies to records at the federal level.
* It may not be allowable to erase a picture if it is integral to a clinical decision or provincial, federal, or other applicable regulations require their retention.
* Any breach should be taken seriously and should be reviewed. All reasonable efforts must be made to prevent a breach before one occurs. A breach occurs when personal information, communication, or photos of patients are stolen, lost, or mistakenly disclosed. This includes loss or theft of one's mobile device, texting to the wrong number or emailing/messaging to the wrong person(s), or accidentally showing a clinical photo that exists in the phone's personal photo album.
* It should be noted that non-identifying information, when combined with other available information (e.g. a text message with identifiers or another image with identifiers), can lead to highly accurate re-identification.
* At present, apps downloaded to a smart-device for personal use may be capable of collecting and sharing information - the rapidly changing nature of this technology and the inherent privacy concerns requires regular attention. Use of specialized apps designed for health-information sharing that help safeguard patient information in this context is worth careful consideration.
* Having remote wipe (i.e. device reformatting) capabilities is an asset and can help contain a breach. However, inappropriate access may take place before reformatting occurs.
* If a smartphone is strongly encrypted and has no clinical photos stored locally then its loss may not be considered a breach.
* In the event of a breach any patient potentially involved must be notified as soon as possible. The CMPA, the organization/hospital, and the Provincial licensing College should also be contacted immediately. Provincial regulations regarding notification of breach may vary.
Approved by the CMA Board of Directors March 2018
i Heyns M†, Steve A‡, Dumestre DO‡, Fraulin FO‡, Yeung JK‡
† University of Calgary, Canada
‡ Section of Plastic Surgery, Department of Surgery, University of Calgary, Canada
1 Chan N, Charette J, Dumestre DO, Fraulin FO. Should 'smart phones' be used for patient photography? Plast Surg (Oakv). 2016;24(1):32-4.
2 Unpublished - Heyns M, Steve A, Dumestre DO, Fraulin FO, Yeung J. Canadian Guidelines on Smartphone Clinical Photography.