Radiologists must be aware, vigilant with mobile devices

2016 03 02 10 37 58 952 Ecr 2016 Bug 200

VIENNA - Mobile devices can be used in a variety of applications in radiology, but it's vital to understand the technology's limitations and security issues when reading images or sharing cases with colleagues, according to a Wednesday morning refresher course at ECR 2016.

Based on the literature, it's appropriate to read imaging studies on a smartphone or tablet, said Dr. Emanuele Neri of the University of Pisa in Italy. There are several caveats, however.

For example, these mobile devices should not be used in daily practice, Neri said. Image reading also requires an appropriate display with at least 3-megapixel resolution and a screen size of 9 inches. What's more, mobile devices should only be used for CT or MRI studies, he said.

The clinical setting also matters.

"In radiology, on the basis of the actual literature evidence, the unique proven clinical situation is reporting in emergency head CT, pulmonary embolism, and gastrointestinal bleeding," he said.

Outside of radiology, the use of mobile devices for image viewing can offer value in surgical guidance.

Other applications for viewing studies on a smartphone or tablet include reviewing DICOM images for teaching purposes and for multidisciplinary discussions such as tumor boards, Neri said.

Image sharing

With mobile devices, medical specialists can quickly access and exchange patient information and medical images, often using social media applications such as WhatsApp for this task, said Dr. Erik Ranschaert, PhD, of Jeroen Bosch Hospital in Den Bosch, the Netherlands.

"One of the principal reasons for doing this is the need for advice regarding a diagnosis or a treatment, and this could even be in an acute situation," Ranschaert said.

Young physicians, especially, are embracing the digital revolution and want to share complex or interesting cases with healthcare professionals such as other residents, he said. However, transmitting patient information through social media has several implications from an ethical and security-related standpoint.

Mobile devices do have security risks: They are vulnerable to loss or theft, potentially exposing patient data stored on these devices, he said. In addition, public cloud storage services such as Dropbox and Google Drive are being used to share or store medical images, but these types of services are not designed for this purpose.

"Patient privacy is not sufficiently protected," Ranschaert said.

WhatsApp popularity

A recent study at Albert Schweitzer Hospital in Dordrecht, the Netherlands, found that 40% of doctors use WhatsApp for clinical purposes. In 33% of their interactions on WhatsApp, the patient's name was mentioned, and the patient's picture was included 62% of the time. This percentage may even be higher among residents, he said.

"Although social media are used in this context for the benefit of patient care, most specialists are not aware of the lack of privacy," Ranschaert said.

A 2015 study from the Royal Dutch Medical Association (KNMG) found that 44% of 702 doctors in the Netherlands use WhatsApp for professional purposes. This level of utilization highlights the need for digital image exchange, according to Ranschaert.

This type of sharing and collaboration can even save a life. A Dutch radiologist who specializes in cerebral stroke recently reported that he consulted on an angiogram via WhatsApp in which he was able to diagnose a thrombosis of the basilar artery with a rare anatomic variant. After he passed this advice on to his colleague, the patient -- who had been in a coma and was near death -- was able to receive quick treatment and then return home.

However, WhatsApp utilizes the public cloud, and opinions vary on the security of information sent via the application. Last year, WhatsApp added end-to-end encryption capability through a program called TextSecure. Recently, though, a Dutch developer has released WhatsSpy, a public application that purports to be able to circumnavigate several privacy settings on WhatsApp, Ranschaert said.

"Security in a digital age can never be taken for granted," he said.

Related legislation

Publishing patient-identifiable information without the patient's consent is a violation of confidentiality, Ranschaert noted.

"Although it's not often the intention of doctors to violate professional secrecy, it's not permissible for doctors to share identifiable information in places where it can be collected by third parties, which is the case with most social media," he said. "Although individual pieces of a patient do not necessarily lead to the identification of the patient, bringing together these pieces can also lead to such identification."

The Dutch Data Protection Authority said in late February that WhatsApp does not meet the standards for sharing medical data, Ranschaert said. Individual doctors and/or the institution may receive a fine for breaching the protection of personal data.

As a result, medical doctors should find alternatives for this type of image sharing. One such app is Kanta, which is currently being tested at several Dutch hospitals as a way for radiologists to share images. Other options include MDLinking.com and the popular medical image sharing app Figure 1.

Healthcare professionals should ensure that their patients understand -- and agree with -- how their information is used and how it may be disclosed, Ranschaert said.

"Healthcare professionals should also understand their own institution's policies about collecting, sharing, and storing information on mobile devices," he said.

New EU directive

Ensuring patient privacy will soon be a much easier task, thanks to an upcoming European Union (EU) directive that will create a single privacy regulation for the EU, replacing the existing patchwork of national laws, Ranschaert said.

Under the directive, a cloud provider will become the "data processor," which must protect the information it handles and stores on behalf of a "data controller," such as a hospital, for example. In addition to implementing policies and procedures, data controllers will need to demonstrate they have taken appropriate security measures to protect the personal data of customers or patients, Ranschaert said.

If data belonging to EU citizens is stored outside of the EU via a cloud provider -- as is the case with WhatsApp, for example -- the transfer of data needs to be secured with data protection requirements at the other end that are at least as strong as those in the EU, Ranschaert said.

"Transfers of personal data outside of Europe will be allowed where the [European Commission] has issued an adequacy decision regarding the level of data protection," Ranschaert said.

Radiologist's responsibilities

It's the radiologist's responsibility to securely and effectively utilize mobile technology in the best interests of patient care, Ranschaert concluded.

Upcoming EU legislation should be respected, and additional guidelines and training will be needed to facilitate this process and protect patient privacy and security, he said.

Ranschaert noted that effective implementation of security settings on mobile devices and within the enterprise can maximize the effect of this new, disruptive technology.

"Solutions must be sought to securely transmit data with mobile devices and to optimally integrate dedicated apps with the existing IT infrastructure of the organization -- for example, the hospital," Ranschaert said. "Embracement of secured cloud-based solutions for sharing medical information could improve communication in healthcare and increase the quality of care."

Page 1 of 131
Next Page