Clinical photography is a valuable tool for physicians. Smartphones, as well as other devices supporting network connectivity, offer a convenient, efficient method to take and share images. However, due to the private nature of the information contained in clinical photographs there are concerns as to the appropriate storage, dissemination, and documentation of clinical images. Confidentiality of image data must be considered and the dissemination of these images onto servers must respect the privacy and rights of the patient. Importantly, patient information should be considered as any information deriving from a patient, and the concepts outlined therefore apply to any media that can be collected on, or transmitted with, a smart-device.
Clinical photography can aid in documenting form and function, in tracking conditions and wound healing, in planning surgical operations, and in clinical decision-making. Additionally, clinical photographs can provide physicians with a valuable tool for patient communication and education. Due to the convenience of this type of technology it is not appropriate to expect physicians to forego their use in providing their patients with the best care available.
The technology and software required for secure transfer, communication, and storage of clinical media is presently available, but many devices have non-secure storage/dissemination options enabled and lack user-control for permanently deleting digital files. In addition, data uploaded onto server systems commonly cross legal jurisdictions. Many physicians are not comfortable with the practice, citing security, privacy, and confidentiality concerns as well as uncertainty in regards to regional regulations governing this practice.1 Due to concern for patient privacy and confidentiality it is therefore incredibly important to limit the unsecure or undocumented acquisition or dissemination of clinical photographs.
To assess the current state of this topic, Heyns et al. have reviewed the accessibility and completeness of provincial and territorial medical regulatory college guidelines.2 Categories identified as vital and explored in this review included: Consent; Storage; Retention; Audit; Transmission; and Breach. While each regulatory body has addressed limited aspects of the overall issue, the authors found a general lack of available information and call for a unified document outlining pertinent instructions for conducting clinical photography using a smartphone and the electronic transmission of patient information.2
The discussion of this topic will need to be ongoing and it is important that physicians are aware of applicable regulations, both at the federal and provincial levels, and how these regulations may impact the use of personal devices. The best practices supported here aim to provide physicians and healthcare providers with an understanding of the scope and gravity of the current environment, as well as the information needed to ensure patient privacy and confidentiality is assessed and protected while physicians utilize accessible clinical photography to advance patient care. Importantly, this document only focusses on medical use (clinical, academic, and educational) of clinical photography and, while discussing many core concepts of patient privacy and confidentiality of information, should not be perceived as a complete or binding framework. Additionally, it is recommended that physicians understand the core competencies of clinical photography, which are not described here.
The Canadian Medical Association (CMA) suggests that the following recommendations be implemented, as thoroughly as possible, to best align with the CMA policy on the Principles for the Protection of Patient Privacy (CMA Policy PD2018-02). These key recommendations represent a non-exhaustive set of best practices - physicians should seek additional information as needed to gain a thorough understanding and to stay current in this rapidly changing field.
* Informed consent must be obtained, preferably prior, to photography with a mobile device. This applies for each and any such encounter and the purpose made clear (i.e. clinical, research, education, publication, etc.). Patients should also be made aware that they may request a copy of a picture or for a picture to be deleted.
* A patient's consent to use electronic transmission does not relieve a physician of their duty to protect the confidentiality of patient information. Also, a patient's consent cannot override other jurisdictionally mandated security requirements.
* All patient consents (including verbal) should be documented. The acquisition and recording of patient consent for medical photography/dissemination may be held to a high standard of accountability due to the patient privacy and confidentiality issues inherent in the use of this technology. Written and signed consent is encouraged.
* Consent should be considered as necessary for any and all photography involving a patient, whether or not that patient can be directly recognized, due to the possibility of linked information and the potential for breach of privacy. The definition of non-identifiable photos must be carefully considered. Current technologies such as face recognition and pattern matching (e.g. skin markers, physical structure, etc.), especially in combination with identifying information, have the potential to create a privacy breach.
* Unsecure text and email messaging requires explicit patient consent and should not be used unless the current gold standards of security are not accessible. For a patient-initiated unsecure transmission, consent should be clarified and not assumed.
* Transmission of photos and patient information should be encrypted as per current-day gold standards (presently, end-to-end encryption (E2EE)) and use only secure servers that are subject to Canadian laws. Explicit, informed consent is required otherwise due to privacy concerns or standards for servers in other jurisdictions. Generally, free internet-based communication services and public internet access are unsecure technologies and often operate on servers outside of Canadian jurisdiction.
* Efforts should be made to use the most secure transmission method possible. For data security purposes, identifying information should never be included in the image, any frame of a video, the file name, or linked messages.
* The sender should always ensure that each recipient is intended and appropriate and, if possible, receipt of transmission should be confirmed by the recipient.
* Storing images and data on a smart-device should be limited as much as possible for data protection purposes.
* Clinical photos, as well as messages or other patient-related information, should be completely segregated from the device's personal storage. This can be accomplished by using an app that creates a secure, password-protected folder on the device.
* All information stored (on internal memory or cloud) must be strongly encrypted and password protected. The security measures must be more substantial than the general password unlock feature on mobile devices.
* Efforts should be made to dissociate identifying information from images when images are exported from a secure server. Media should not be uploaded to platforms without an option for securely deleting information without consent from the patient, and only if there are no better options. Automatic back-up of photos to unsecure cloud servers should be deactivated. Further, other back-up or syncing options that could lead to unsecure server involvement should be ascertained and the risks mitigated.
4. Cloud storage should be on a Canadian and SOCII certified server. Explicit, informed consent is required otherwise due to privacy concerns for servers in other jurisdictions.
5. AUDIT & RETENTION
* It is important to create an audit trail for the purposes of transparency and medical best practice. Key information includes patient and health information, consent type and details, pertinent information regarding the photography (date, circumstance, photographer), and any other important facts such as access granted/deletion requests.
* Access to the stored information must be by the authorized physician or health care provider and for the intended purpose, as per the consent given. Records should be stored such that it is possible to print/transfer as necessary.
* Original photos should be retained and not overwritten.
* All photos and associated messages may be considered part of the patient's clinical records and should be maintained for at least 10 years or 10 years after the age of majority, whichever is longer. When possible, patient information (including photos and message histories between health professionals) should be retained and amalgamated with a patient's medical record. Provincial regulations regarding retention of clinical records may vary and other regulations may apply to other entities - e.g. 90 years from date of birth applies to records at the federal level.
* It may not be allowable to erase a picture if it is integral to a clinical decision or provincial, federal, or other applicable regulations require their retention.
* Any breach should be taken seriously and should be reviewed. All reasonable efforts must be made to prevent a breach before one occurs. A breach occurs when personal information, communication, or photos of patients are stolen, lost, or mistakenly disclosed. This includes loss or theft of one's mobile device, texting to the wrong number or emailing/messaging to the wrong person(s), or accidentally showing a clinical photo that exists in the phone's personal photo album.
* It should be noted that non-identifying information, when combined with other available information (e.g. a text message with identifiers or another image with identifiers), can lead to highly accurate re-identification.
* At present, apps downloaded to a smart-device for personal use may be capable of collecting and sharing information - the rapidly changing nature of this technology and the inherent privacy concerns requires regular attention. Use of specialized apps designed for health-information sharing that help safeguard patient information in this context is worth careful consideration.
* Having remote wipe (i.e. device reformatting) capabilities is an asset and can help contain a breach. However, inappropriate access may take place before reformatting occurs.
* If a smartphone is strongly encrypted and has no clinical photos stored locally then its loss may not be considered a breach.
* In the event of a breach any patient potentially involved must be notified as soon as possible. The CMPA, the organization/hospital, and the Provincial licensing College should also be contacted immediately. Provincial regulations regarding notification of breach may vary.
Approved by the CMA Board of Directors March 2018
i Heyns M†, Steve A‡, Dumestre DO‡, Fraulin FO‡, Yeung JK‡
† University of Calgary, Canada
‡ Section of Plastic Surgery, Department of Surgery, University of Calgary, Canada
1 Chan N, Charette J, Dumestre DO, Fraulin FO. Should 'smart phones' be used for patient photography? Plast Surg (Oakv). 2016;24(1):32-4.
2 Unpublished - Heyns M, Steve A, Dumestre DO, Fraulin FO, Yeung J. Canadian Guidelines on Smartphone Clinical Photography.
These Guidelines constitute an implementation tool of seven recommendations and are informed by Guidelines for CMA’s Activities and Relationships with Other Parties (aka CMA’s Corporate Relationships Policy) and CMA’s Advertising and Sponsorship Policy.
These Guidelines apply to the Canadian Medical Association (and not to its subsidiaries). As these are Guidelines, exceptions may be necessary from time to time wherein staff may use their discretion and judgment.
Endorsement is an umbrella term encompassing “policy endorsement”, “sponsorship1” and “branding”.
Policy endorsement includes:
(a) CMA considering upon request, non-pecuniary public approval, which may include the use of
CMA’s name and/or logo, of an organization’s written policy, on an issue that aligns with CMA policy, where there is no immediate expectation of return; or,
(b) CMA adopting the policy of another organization as our policy; or
(c) CMA asking another organization to publicly support our policy.
(a) Criteria: For policy endorsement requests from another organization to endorse their policy2 the following criteria shall be applied:
i) we have a policy on the subject-matter and
ii) we are actively working on advancing that policy position and
iii) the organization has a follow-up action plan associated with its request.
(b) Approval: Where policy exists, approval requires a policy staff member (with portfolio responsibility) and the VP of Medical Professionalism, or the policy staff member (with portfolio responsibility) and the Chief Policy Advisor. Where no policy exists, approval of the Board of Directors is required.
(c) Annual confirmation: Where CMA adopts the policy of another organization3, CMA staff shall confirm annually, or more frequently if circumstances dictate, that the policy has not been altered by the other organization.
(d) Requests: Pursuit of personal endorsement requests are not appropriate. Wherever possible, requests should come from an organization and not an individual.
(a) Where CMA adopts the policy of another organization, the adopted policy shall become CMA policy, and will include a notation on the document as being an adopted policy of [organization].
(b) All adopted policies will be housed in an accessible searchable database.
(c) All requests by organizations for CMA to endorse their policy will be tracked in a central location, along with any response.
1 Sponsorship means, to consider upon request, pecuniary public approval, which may include the use of CMA’s name and/or logo, of an organization’s event (eg., conference), on an issue that is supported by CMA policy or that promotes CMA brand awareness, where there is an immediate expectation of return.
2 That is, part (a) of the definition in Section 2.
3 That is, part (b) of the definition in Section 2.
GUIDELINES FOR PHYSICIANS IN INTERACTIONS WITH INDUSTRY
The history of health care delivery in Canada has included interaction between physicians and the pharmaceutical and health supply industries; this interaction has extended to research as well as to education. Physicians understand that they have a responsibility to ensure that their participation in such collaborative efforts is in keeping with their primary obligation to their patients and duties to society, and to avoid situations of conflict of interest where possible and appropriately manage these situations when necessary. They understand as well the need for the profession to lead by example by promoting physician-developed guidelines.
The following guidelines have been developed by the CMA to serve as a resource tool for physicians in helping them to determine what type of relationship with industry is appropriate. They are not intended to prohibit or dissuade appropriate interactions of this type, which have the potential to benefit both patients and physicians.
Although directed primarily to individual physicians, including residents, and medical students, the guidelines also apply to relationships between industry and medical organizations.
1. The primary objective of professional interactions between physicians and industry should be the advancement of the health of Canadians.
2. Relationships between physicians and industry are guided by the CMA's
Code of Ethics and by this document.
3. The practising physician's primary obligation is to the patient. Relationships with industry are inappropriate if they negatively affect the fiduciary nature of the patient-physician relationship.
4. Physicians should resolve any conflict of interest between themselves and their patients resulting from interactions with industry in favour of their patients. In particular, they must avoid any self-interest in their prescribing and referral practices.
5. Except for physicians who are employees of industry, in relations with industry the physician should always maintain professional autonomy and independence. All physicians should remain committed to scientific methodology.
6. Those physicians with ties to industry have an obligation to disclose those ties in any situation where they could reasonably be perceived as having the potential to influence their judgment.
7. A prerequisite for physician participation in all research activities is that these activities are ethically defensible, socially responsible and scientifically valid. The physician's primary responsibility is the well-being of the patient.
8. The participation of physicians in industry sponsored research activities must always be preceded by formal approval of the project by an appropriate ethics review body. Such research must be conducted according to the appropriate current standards and procedures.
9. Patient enrolment and participation in research studies must occur only with the full, informed, competent and voluntary consent of the patient or his or her proxy, unless the research ethics board authorizes an exemption to the requirement for consent. In particular, the enrolling physician must inform the potential research subject, or proxy, about the purpose of the study, its source of funding, the nature and relative probability of harms and benefits, and the nature of the physician's participation and must advise prospective subjects that they have the right to decline to participate or to withdraw from the study at any time, without prejudice to their ongoing care.
10. The physician who enrolls a patient in a research study has an obligation to ensure the protection of the patient's privacy, in accordance with the provisions of applicable national or provincial legislation and CMA's Health Information Privacy Code. If this protection cannot be guaranteed, the physician must disclose this as part of the informed consent process.
11. Practising physicians should not participate in clinical trials unless the study will be registered prior to its commencement in a publicly accessible research registry.
12. Because of the potential to influence judgment, remuneration to physicians for participating in research studies should not constitute enticement. It may cover reasonable time and expenses and should be approved by the relevant research ethics board. Research subjects must be informed if their physician will receive a fee for their participation and by whom the fee will be paid.
13. Finder's fees, whereby the sole activity performed by the physician is to submit the names of potential research subjects, should not be paid. Submission of patient information without their consent would be a breach of confidentiality. Physicians who meet with patients, discuss the study and obtain informed consent for submission of patient information may be remunerated for this activity.
14. Incremental costs (additional costs that are directly related to the research study) must not be paid by health care institutions or provincial or other insurance agencies regardless of whether these costs involve diagnostic procedures or patient services. Instead, they must be assumed by the industry sponsor or its agent.
15. When submitting articles to medical journals, physicians must state any relationship they have to companies providing funding for the studies or that make the products that are the subject of the study whether or not the journals require such disclosure. Funding sources for the study should also be disclosed.
16. Physicians should only be included as an author of a published article reporting the results of an industry sponsored trial if they have contributed substantively to the study or the composition of the article.
17. Physicians should not enter into agreements that limit their right to publish or disclose results of the study or report adverse events which occur during the course of the study. Reasonable limitations which do not endanger patient health or safety may be permissible.
Industry-Sponsored Surveillance Studies
18. Physicians should participate only in post-marketing surveillance studies that are scientifically appropriate for drugs or devices relevant to their area of practice and where the study may contribute substantially to knowledge about the drug or device. Studies that are clearly intended for marketing or other purposes should be avoided.
19. Such studies must be reviewed and approved by an appropriate research ethics board. The National Council on Ethics in Human Research is an additional source of advice.
20. The physician still has an obligation to report adverse events to the appropriate body or authority while participating in such a study.
Continuing Medical Education / Continuing Professional Development (CME/CPD)
21. This section of the Guidelines is understood to address primarily medical education initiatives designed for practicing physicians. However, the same principles will also apply for educational events (such as noon-hour rounds and journal clubs) which are held as part of medical or residency training.
22. The primary purpose of CME/CPD activities is to address the educational needs of physicians and other health care providers in order to improve the health care of patients. Activities that are primarily promotional in nature, such as satellite symposia, should be identified as such to faculty and attendees and should not be considered as CME/CPD.
23. The ultimate decision on the organization, content and choice of CME/CPD activities for physicians shall be made by the physician-organizers.
24. CME/CPD organizers and individual physician presenters are responsible for ensuring the scientific validity, objectivity and completeness of CME/CPD activities. Organizers and individual presenters must disclose to the participants at their CME/CPD events any financial affiliations with manufacturers of products mentioned at the event or with manufacturers of competing products. There should be a procedure available to manage conflicts once they are disclosed.
25. The ultimate decision on funding arrangements for CME/CPD activities is the responsibility of the physician-organizers. Although the CME/CPD publicity and written materials may acknowledge the financial or other aid received, they must not identify the products of the company(ies) that fund the activities.
26. All funds from a commercial source should be in the form of an unrestricted educational grant payable to the institution or organization sponsoring the CME/CPD activity.
27. Industry representatives should not be members of CME content planning committees. They may be involved in providing logistical support.
28. Generic names should be used in addition to trade names in the course of CME/CPD activities.
29. Physicians should not engage in peer selling. Peer selling occurs when a pharmaceutical or medical device manufacturer or service provider engages a physician to conduct a seminar or similar event that focuses on its own products and is designed to enhance the sale of those products. This also applies to third party contracting on behalf of industry. This form of participation would reasonably be seen as being in contravention of the CMA's Code of Ethics, which prohibits endorsement of a specific product.
30. If specific products or services are mentioned, there should be a balanced presentation of the prevailing body of scientific information on the product or service and of reasonable, alternative treatment options. If unapproved uses of a product or service are discussed, presenters must inform the audience of this fact.
31. Negotiations for promotional displays at CME/CPD functions should not be influenced by industry sponsorship of the activity. Promotional displays should not be in the same room as the educational activity.
32. Travel and accommodation arrangements, social events and venues for industry sponsored CME/CPD activities should be in keeping with the arrangements that would normally be made without industry sponsorship. For example, the industry sponsor should not pay for travel or lodging costs or for other personal expenses of physicians attending a CME/CPD event. Subsidies for hospitality should not be accepted outside of modest meals or social events that are held as part of a conference or meeting. Hospitality and other arrangements should not be subsidized by sponsors for personal guests of attendees or faculty, including spouses or family members.
33. Faculty at CME/CPD events may accept reasonable honoraria and reimbursement for travel, lodging and meal expenses. All attendees at an event cannot be designated faculty. Faculty indicates a presenter who prepares and presents a substantive educational session in an area where they are a recognized expert or authority.
Electronic Continuing Professional Development (eCPD)
34. The same general principles which apply to "live, in person" CPD events, as outlined above, also apply to eCPD (or any other written curriculum-based CPD) modules. The term "eCPD" generally refers to accredited on-line or internet-based CPD content or modules. However, the following principles can also apply to any type of written curriculum based CPD.
35. Authors of eCPD modules are ultimately responsible for ensuring the content and validity of these modules and should ensure that they are both designed and delivered at arms'-length of any industry sponsors.
36. Authors of eCPD modules should be physicians with a special expertise in the relevant clinical area and must declare any relationships with the sponsors of the module or any competing companies.
37. There should be no direct links to an industry or product website on any web page which contains eCPD material.
38. Information related to any activity carried out by the eCPD participant should only be collected, used, displayed or disseminated with the express informed consent of that participant.
39. The methodologies of studies cited in the eCPD module should be available to participants to allow them to evaluate the quality of the evidence discussed. Simply presenting abstracts that preclude the participant from evaluating the quality of evidence should be avoided. When the methods of cited studies are not available in the abstracts, they should be described in the body of the eCPD module.
40. If the content of eCPD modules is changed, re-accreditation is required.
41. Physicians may be approached by industry representatives and asked to become members of advisory or consultation boards, or to serve as individual advisors or consultants. Physicians should be mindful of the potential for this relationship to influence their clinical decision making. While there is a legitimate role for physicians to play in these capacities, the following principles should be observed:
A. The exact deliverables of the arrangement should be clearly set out and put in writing in the form of a contractual agreement. The purpose of the arrangement should be exclusively for the physician to impart specialized medical knowledge that could not otherwise be acquired by the hiring company, and should not include any promotional or educational activities on the part of the company itself.
B. Remuneration of the physician should be reasonable and take into account the extent and complexity of the physician's involvement.
C. Whenever possible, meetings should be held in the geographic locale of
the physician or as part of a meeting which he/she would normally attend. When these arrangements are not feasible, basic travel and accommodation expenses may be reimbursed to the physician advisor or consultant. Meetings should not be held outside of Canada, with the exception of international boards.
Clinical Evaluation Packages (Samples)
42. The distribution of samples should not involve any form of material gain for the physician or for the practice with which he or she is associated.
43. Physicians who accept samples or other health care products are responsible for recording the type and amount of medication or product dispensed. They are also responsible for ensuring their age-related quality and security and their proper disposal.
44. Practising physicians should not accept personal gifts of any significant monetary or other value from industry. Physicians should be aware that acceptance of gifts of any value has been shown to have the potential to influence clinical decision making.
45. These guidelines apply to relationships between physicians and all commercial organizations, including but not limited to manufacturers of medical devices, nutritional products and health care products as well as service suppliers.
46. Physicians should not dispense pharmaceuticals or other products unless they can demonstrate that these cannot be provided by an appropriate other party, and then only on a cost-recovery basis.
47. Physicians should not invest in industries or related undertakings if this might inappropriately affect the manner of their practice or their prescribing behaviour.
48. Practising physicians affiliated with pharmaceutical companies should not allow their affiliation to influence their medical practice inappropriately.
49. Practising physicians should not accept a fee or equivalent consideration from pharmaceutical manufacturers or distributors in exchange for seeing them in a promotional or similar capacity.
50. Practising physicians may accept patient teaching aids appropriate to their area of practice provided these aids carry at most the logo of the donor company and do not refer to specific therapeutic agents, services or other products.
Medical Students and Residents
51. The principles in these guidelines apply to physicians-in training as well as to practising physicians.
52. Medical curricula should deal explicitly with the guidelines by including educational sessions on conflict of interest and physician-industry interactions.