HEALTH professionals’ increasing use of personal mobile phones to take and share clinical photos is creating a patient privacy time bomb that hospitals cannot afford to ignore, experts warn.
Writing in this week’s MJA, Dr Paul Eleftheriou, deputy chief medical officer at Austin Health, together with the hospital’s former chief medical officer, Dr John Ferguson, and graduating medical student Kieran Allen, warned that even when doctors think they have protected patients’ privacy, the images they take may be identifiable.
“The capture of potentially identifiable physical features and metadata, and the unknown factor of how software developments may enable the identification of image subjects, dictate that health care organisations treat every patient image as potentially identifiable,” they wrote.
In January 2017, Austin Health will launch its own medical photo app to reduce some of the risks inherent in health professionals using their personal phones to take clinical photos.
The app will facilitate patient consent prior to photos being taken and will instantly delete the images from the health worker’s phone after automatically transferring them to the patient’s electronic medical record.
Dr Eleftheriou told MJA InSight that Austin Health had prioritised the app because most doctors were using their phones to take patient photos “on an insecure system, but with the best intentions”.
“We know that most of our doctors are responsible by seeking consent from patients, taking de-identified photos and by making every effort to delete photos; however, this practice is fraught with many risks and leaks in the system,” he said.
“Harms to the patient may include non-consensual secondary uses, identification, publication, psychological trauma and financial, occupational and reputational damage,” he warned.
The new tool is “not clunky or onerous” according to Dr Eleftheriou, who said staff were keen to use it to streamline patient care. “Because photos get automatically deleted from the user’s device, it is extremely less likely, compared to the status quo, that users will inappropriately share patient photos.”
Dr Eleftheriou said he hoped that other hospitals and institutions would adopt the same software to enable personal mobile device photography to improve patient care and health outcomes.
Photos taken through the app will only be able to be shared with approved users at the hospital or institution.
It’s a very different proposition to the medical photography app that tens of thousands of Australian health professionals are already using – called Figure 1 – which enables them to share images with one million users worldwide.
Among the collection of images on Figure 1 is a case of severe periodontitis in an older Indigenous woman in remote Australia, and the brain scan of a 30-year-old man concussed during an Australian rules football game. Each is followed by a string of comments – mostly comparable anecdotes from other countries, but also some medical advice.
Dr Joshua Landy, the Canadian clinician who launched the app in 2013, said that it was a mistake to operate as though all medical photos contained protected health information.
“The main consequence of treating all images like protected health information is that it doesn’t seem to fully consider a health care professional’s workflow in a practical setting,” he told MJA InSight.
For instance, getting patient consent wasn’t always achievable in “real life”, such as “in the middle of an operation”, he said.
Figure 1 has consent forms built into the app; however, it is up to the individual users to comply with the rules of their institutions and jurisdictions. Case photos are processed to remove all potentially identifying information, including names, tattoos, unique pieces of jewellery, faces and metadata.
Latest news from doctorportal:
Writing in this week’s MJA, Dr Paul Eleftheriou, deputy chief medical officer at Austin Health, together with the hospital’s former chief medical officer, Dr John Ferguson, and graduating medical student Kieran Allen, warned that even when doctors think they have protected patients’ privacy, the images they take may be identifiable.
“The capture of potentially identifiable physical features and metadata, and the unknown factor of how software developments may enable the identification of image subjects, dictate that health care organisations treat every patient image as potentially identifiable,” they wrote.
In January 2017, Austin Health will launch its own medical photo app to reduce some of the risks inherent in health professionals using their personal phones to take clinical photos.
The app will facilitate patient consent prior to photos being taken and will instantly delete the images from the health worker’s phone after automatically transferring them to the patient’s electronic medical record.
Dr Eleftheriou told MJA InSight that Austin Health had prioritised the app because most doctors were using their phones to take patient photos “on an insecure system, but with the best intentions”.
“We know that most of our doctors are responsible by seeking consent from patients, taking de-identified photos and by making every effort to delete photos; however, this practice is fraught with many risks and leaks in the system,” he said.
“Harms to the patient may include non-consensual secondary uses, identification, publication, psychological trauma and financial, occupational and reputational damage,” he warned.
The new tool is “not clunky or onerous” according to Dr Eleftheriou, who said staff were keen to use it to streamline patient care. “Because photos get automatically deleted from the user’s device, it is extremely less likely, compared to the status quo, that users will inappropriately share patient photos.”
Dr Eleftheriou said he hoped that other hospitals and institutions would adopt the same software to enable personal mobile device photography to improve patient care and health outcomes.
Photos taken through the app will only be able to be shared with approved users at the hospital or institution.
It’s a very different proposition to the medical photography app that tens of thousands of Australian health professionals are already using – called Figure 1 – which enables them to share images with one million users worldwide.
Among the collection of images on Figure 1 is a case of severe periodontitis in an older Indigenous woman in remote Australia, and the brain scan of a 30-year-old man concussed during an Australian rules football game. Each is followed by a string of comments – mostly comparable anecdotes from other countries, but also some medical advice.
Dr Joshua Landy, the Canadian clinician who launched the app in 2013, said that it was a mistake to operate as though all medical photos contained protected health information.
“The main consequence of treating all images like protected health information is that it doesn’t seem to fully consider a health care professional’s workflow in a practical setting,” he told MJA InSight.
For instance, getting patient consent wasn’t always achievable in “real life”, such as “in the middle of an operation”, he said.
Figure 1 has consent forms built into the app; however, it is up to the individual users to comply with the rules of their institutions and jurisdictions. Case photos are processed to remove all potentially identifying information, including names, tattoos, unique pieces of jewellery, faces and metadata.
Latest news from doctorportal:
- Saliva test could predict lung disease
- Obesity gap widens between country, city
- Could a cannabis pill reduce chemotherapy-induced nausea and vomiting? Here’s how we find out
- Health Department admits truth on bulk billing
Loading comments…
More from this week
Health policy
18 May 2026
Budget 2026-27 analysis: urgent care, public dental, Aboriginal and Torres Strait Islander health
Indigenous health
18 May 2026
Trachoma successfully eliminated in Australia through Indigenous-led health care
Newsletters
Subscribe to the InSight+ newsletter
Immediate and free access to the latest articles
No spam, you can unsubscribe anytime you want.
By providing your information, you agree to our Access Terms and our Privacy Policy. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.