NHS publishes guidance on use of Instant Messengers

person using smartphone

Instant messaging services that protect confidential information are gaining more ground inside hospitals and clinics.

Their high importance to facilitate quick and efficient communication among healthcare professionals at emergencies, such as major accidents and terrorist attacks, is receiving more recognition with time. And the NHS now acknowledges that this cannot be done efficiently via traditional methods or devices and tools meant to be used for personal purposes.

The new guidance, published jointly by NHS England, NHS Digital, Public Health England and the Department of Health and Social Care, sets the regulatory foundations for a secure and compliant use of instant messaging platforms, to ensure data confidentiality is being respected while delivering the best care to the patients. The app of choice should comply with a list of core standards:

  • Encryption - Does the encryption meet the AES 256 standard?
  • End-user verification - Are users the people they claim to be?
  • Password protection – Can the app be password protected?
  • Remote wipe – Can access to confidential information be removed remotely if the device is lost, stolen or redeployed?
  • Message retention – Can confidential information be automatically deleted after a certain period of time?

Dawn Monaghan, the Director of the Information Governance Alliance acknowledged the significance of instant messaging and the value of the guidance for the NHS. However, she pointed out that such platforms should not substitute medical records which should remain fully updated at all times.

Apart from instant messaging technologies, the new regulations also govern video conferencing services and the use of ‘Bring Your Own Devices’ such as mobiles, cameras and tablets, supporting heath and care professionals around the world to join the conversation remotely, whenever this is necessary, at no time or major cost.

We are delighted that the NHS is taking these important steps to embrace technologies that can ensure every patient receives the best care, while protecting their confidential information to the required standards.

By Asimina Pantazi