fbpx
Connect with us

Digital health

Patient care will suffer if new laws end WhatsApp use in NHS, doctors fear

Published

on

UK law changes pose a threat to the security of messaging apps – and therefore their use in the NHS, doctors fear.

Clinicians have warned that patient care will suffer if they can no longer use apps such as WhatsApp and Signal to share information.

In March 2020, in the face of the pandemic, clinicians were officially allowed to use messaging services such as WhatsApp “where the benefits outweigh the risk.”

The move reversed years of caution about their use in patient care – provided the apps used encryption.

The latest NHS England advice continues that policy, advising healthcare workers to use two-step verification and disable message notifications on the lock-screen.

But yet two recent pieces of legislation – one passed and one pending – threaten the use of any end-to-end encrypted messaging in the NHS.

Marcus Baw, an emergency medicine and general practice doctor in Yorkshire, said if WhatsApp were to disappear, “we’d have an NHS wide problem immediately.”

October’s Online Safety Act instructs the UK communications regulator Ofcom to monitor user-to-user apps and software, while an amendment to the Investigatory Powers Act – expected in the spring –prohibits technology companies from introducing new security software or make any significant changes to the security of their existing service without UK government approval.

In effect, this means that the government will have installed surveillance of all encrypted messaging, making it impossible to be sure patient data is secure.

Meanwhile, app providers – such as Meta, owner of WhatsApp and Facebook, Apple and Signal – have warned that the new requirements may force them to withdraw services from the UK if it unduly impacts their ability to innovate and introduce new security features.

Ross Anderson is professor of security engineering at Cambridge University.

He said: “As Signal and WhatsApp upgrade their software a number of times a week to deal with bugs or new threats, the UK would have to be treated like Burma or North Korea and simply avoided rather than wait for GCHQ approval – which could take months.”

Meredith Whittaker, president of Signal Foundation, added: “The combination of the IPA reforms and the online safety Act presents the possibility of a shocking level of state interference.

“If the choice came down to adulterating the security features that allow us to keep the privacy promises we make to the people who rely on Signal in the NHS or leaving, we would leave.”

An Ofcom spokesperson said that it will use its new online safety powers “in a way that is compatible with rights to privacy and freedom of expression” and “won’t be reviewing all harmful online material or be able to read private online messages.”

But Mike Grocott, professor of anaesthesia and critical care medicine at the University of Southampton, argued that tech companies are not prepared to subject their apps to this level of government surveillance.

If encrypted messaging apps withdraw from the UK, patient care would suffer, he said.

Sam Smith from patient privacy group MedConfidential agreed, saying: “Care is better when doctors can talk to each other.

“For a range of situations doctors find themselves in, only a general app like WhatsApp is easy to use.”

For Marcus Baw, the entire problem could have been avoided if the NHS had had the vision to build an end-to-end encrypted NHS approved app linked to NHS mail.

Baw hopes that someone in government is going to realise the electoral foolishness of the two pieces of legislation.

He said: “The tech companies are serious.

“Can you imagine the outcry from the population if WhatsApp withdraws from the UK?

“It would be an act of catastrophic self-harm by any government. Perhaps for once common sense will prevail.”

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending stories