Friday, July 18, 2008

Getting our knickers in a twist?

I am still thinking about the whole issue of confidentiality and blogging, especially in the context of health practice. And I am wondering if some people are getting their knickers in too much of a twist? Are health professional really incapable to blogging in a way that is professional and protects the privacy of the people they work with? Yes, I know of a few instances where health professionals including students have been less than careful about what they write, but is it really as much of a problem as some people seem to think? Is there really a need for blogging guidelines?

What's the evidence?
To be honest, I do not know if there has been an analysis of the content of blogs belonging to health professionals. So I do not know how much the concerns about blogging and confidentially are based in fact or general impressions.

Detecting the risk to security and confidentiality
With two colleagues of mine, Liam Caffrey and Anthony Smith, I looked at the content of emails sent between health professionals who are involved my PhD e-mentoring research. I was concerned that the emails should be kept in a secure, closed email system so that confidentiality could be maintained. But Liam questioned the need to do this - he asked if the health professionals did actually write about things that could cause confidentiality problems?

Developing a risk assessment tool
Liam and I developed an assessment tool by which we were able to anylise the risk to security and confidentiality ranging from 1 — breach of patient confidentiality — indicating a high need for security and privacy of the email’s content, to a score of 8 which had no need for either security or privacy.
  1. Email contains patient identifiable content where the confidentiality of the patient is breached by identifying medical condition or treatment eg "Mr Smith has liver disease"
  2. Email contains patient identifiable information but does not disclose medical condition or treatment eg “Mr Smith is a nice man.”
  3. Email identifies staff member involved in a practice that places them or other staff member at professional risk eg “I accidentally gave a patient an overdose.”
  4. Email identifies staff member and divulges possible stigmatizing information about themselves or other staff member eg “I am on medication for depression.”
  5. Email identifies staff member and divulges information that could embarrass themselves or other staff member eg“My supervisor is hopeless.”
  6. Email identifies staff member and describes a clinical event or professional event eg“I have a patient who is having triplets.”
  7. Email identifies staff member and divulges personal information about themselves or other staff member eg“I am going for a job interview next week”
  8. None of the above

The analysis showed that there were no emails that had a score of 1 or 2 ie no emails disclosed patient information. We concluded that there was no need to be concerned about security or confidentiality in this context. But there was an email that scored 3 ie the author disclosed an action that could put her at professional risk so we agreed that there was still a need for caution about what one writes in emails and other electronic forums.

Future research
I must admit that this assessment tool is rather crude and it could probably be refined. But it would be interesting to carry out a similar exercise looking at the blogs of health professionals. This might give us a better idea about what health professional disclose online and whether there is a risk of breaching confidentiality. This in turn could help inform decisions made about the development of guidelines.

Caffery, L; Stewart, S; Smith, A. (2007). An analysis of the security and privacy of email messages used in e-mentoring. Journal of Telemedicine and Telecare, Vol. 13, Supp. 3, Dec. 2007 , pp. 24-26(3)

Image: 'A blue lock for George' Darwin Bell


Bill Perry said...

Last year there was a case in the US of a pediatrician whose blog was used against him in a malpractice suit( While not common, it set a precedent that should make healthcare professionals pause before turning thoughts into electrons that might show up at an unexpected moment!


Sarah Stewart said...

Crikey, Bill, that's scary. What a salutatory thought!

Angela said...

Hi Sarah
Thanks once again for such a thought provoking post - I have linked it through to our blog too to try to get some thoughts from the UK going on this.
I agree with you that as health professionals the majority of us can be trusted to maintain our professional standards of behaviour. I personally don't think that the blogger is any more vulnerable that those that keep reflective logs, use peer support systems or choose to "let off steam" in their personal support circles. There will always be those practitioners who naively (or occasionally intentionally for misguided reasons) breach levels of confidentiality - they don't need to be blogging to do that. I guess that due to blogging being a relatively new tool for many - it is about recognising that they really are in a public arena.

Sarah Stewart said...

Look forward to seeing what people say on your blog, Angela.