The widespread use of personal smartphone use by junior doctors has “great consequences for patient data safety breaches and burnout,” a study has found.
The study also found that poor digital hygiene practices appeared common, resulting in staff personal information being widely available, as well as inappropriate communication with off-duty staff.
The study author from St Vincent’s Hospital in Fairview, Dublin pointed out that with increasing smartphone use both personally and professionally, this raises concerns around the overlap of these spheres.
“There are blurred boundaries between personal and professional use of mobile phones as a communication tool in healthcare settings. Non-consultant hospital doctors (NCHDs) or junior doctors become more instantly available to all members of a multidisciplinary team, this presents challenges in relation to the data of employees themselves.
“More importantly, communication of patient data on a doctor’s personal phone presents a grave concern over security of patient data and good clinical practice.”
No work phone
The study found that 94 per cent of the junior doctors surgery said they were not provided with a work mobile phone and reported use of personal smartphones which are protected by either password, thumbprint, or facial recognition features.
While 96.97 per cent reported that their employer contributed nothing toward the expenses incurred from using personal phone for work purposes, and 81.82 per cent reported that their personal phone number was listed in a work directory list.
Almost all of those surveyed, 96.8 per cent, reported being contacted by a colleague in relation to a work matter outside of working hours while more than half were of the opinion that every junior doctor should be provided with a work phone by their respective employer.
The most common forms of communication via mobile phone were phone calls, WhatsApp messages, SMS messages and WhatsApp calls.
These developments have occurred against the backdrop of the General Data Protection Regulation (GDPR). GDPR was introduced in 2018 and standardised data protection law across all EU member states.
This legislation ensures that professional organisations must handle citizen data in a way that is respectful to their right to privacy. The implication of this legislation has meant that hospitals and healthcare settings must process patient data in a way that is clearly defined, safe and secure; with breaches of this legislation leaving offending bodies open to sanction.
Personal phone number
The study author explained: “Concerningly, over 80 per cent of NCHDs (junior doctors) report that their personal mobile number is available on a public work directory. This is alarming as it raises a clear potential breach of personal privacy and could lead to harassment of doctors by staff or patients.
“The huge majority of NCHDs contacted by staff outside of working hours raises concerns on the ability of doctors to adequately rest and decompress outside of rostered shifts. This is a potential cause of annoyance, reduced work effectiveness and burnout among clinical staff.
“The fact that nearly one in five NCHDs have been contacted out of working hours by a patient or family member is troubling and raises many questions about hospital policies around the proper safeguarding of staff data.”
The study points out that there is a dual benefit to this proposal as it separates personal and professional spheres. By having a personal and work phone, doctors can turn off their work phone outside rostered hours and thereby eliminate inappropriate phone calls and reduce stress.
“This principle was honoured by the Irish government in 2021, when the Right to Disconnect was included in a new code of practice for Irish workers. One of the pillars of this code of practice is the ‘duty to respect another’s right to disconnect – for example not routinely calling or emailing them outside of work hours,’” the author added.
As a comparison, a recent 2019 survey of 500 office workers found that the majority were working on company provided laptops, tablets and smartphones. This evidence shows a desire on behalf of private companies to protect sensitive data breaches, and a recognition on their part of the role that personal phone usage can play in this.
The author continued: “It appears that work practices and employer responsibility have not yet evolved at the same rate. This has led to considerable disconnect between a junior doctor’s day-to-day expenses and privacy, while also identifying a potential data breach of patient details.
“We recommend that employers and hospital groups make providing work phones to junior doctors a priority to improve employee morale and expenses, while also protecting patient data more rigorously.
“We would urge the government in Ireland to provide work phones to all employees handling clinical data in order to protect against breaches. Furthermore, the provision of such equipment would allow staff to appropriately disconnect from work outside working hours, thereby increasing morale, productivity and job satisfaction, while protecting against burnout”.