March 2021: added link to common definition and tests for a secure app.
March 2020 Update: custom apps are now in the NHS Apps library, and so apps that your staff routinely use for other purposes shouldn’t be used.
November 2018 Update: The below is consistent with the new NHS Digital guidance, but paragraphs in blue below are omissions from that official guidance.
As a clinician or nurse, you should not have to keep up with the latest fluff of the apps you might use for work.
NHS England has put out another attempt at ‘guidance’ on using instant messaging apps. Last year it said WhatsApp was not banned, but failed to provide helpful guidance on what to actually use. It still hasn’t. There is a Do & Don’t list, which is better than nothing, but almost impossible to turn into practice in the real world. If asked, we would suggest something like this:
- If your employer offers an instant messaging solution, use that.
- If you are picking apps to use yourself, you are safest with Signal.
- If you are not picking the apps you use, you will probably have to use WhatsApp or Skype. But be aware that someone will be held responsible when Facebook or Skype change their rules – and it’s probably not going to be the person who picked the app…
- Don’t use Facebook Messenger, Instagram, or Telegram.
Whatever app you use for work, the vast majority of people should avoid having their phone going ding for work purposes while they are not at work. For most apps, a swipe left on the main list of ‘chats’ should show an option to “hide alerts” for some time period – this should ensure that if you do give your personal number to work colleagues, it doesn’t end up driving you to distraction outside work. If someone really wants to get in touch, they can always just call you normally.
The reasoning behind our suggestions
The important step in secure messaging is something called “end-to-end” encryption, which prevents anyone – a third party ‘listening in’, or even the service making the connection – knowing what you said. It’s the equivalent of having a conversation in a private consultation room, rather than doing it standing next to the nurses station, or in a waiting room. But even with Signal, if you are messaging using your personal device, you should treat any conversation as if it were in a lift where another person might be listening.
Signal allows you to decide for how long you will keep messages from any particular person or group, and will automatically delete the stored messages after that. But what happens with the stored message history in other apps? WhatsApp, for example, wants you to give it a full copy of all your messages and send them to its servers as a ‘backup’ (though at some point it will show you ads against them – it is part of Facebook after all).
You may also have set your phone itself to backup to somewhere. Do you know where the backup goes, and what’s in it?
Of course, it is best practice to backup everything on your phone, and most apps assume (probably correctly) that you don’t want to lose every message or photo you receive of your kids. This doesn’t necessarily translate neatly to a clinical setting – anything that must be kept should be recorded elsewhere, so that if you lose your phone, the only thing you won’t have kept was ward chit-chat. WhatsApp wants everything – it doesn’t offer clinical reassurance. And while Snapchat has deletion as a feature, it has other problems akin to Facebook and Skype.
The longer-term security of your messaging is dependent upon who makes the app – and when, and why, they will change the rules on you. We (also) recommend Signal because it is produced by a charitable foundation whose sole mission is to provide secure, usable, communications. One key reason why the NHS England guidance is so terrible is that WhatsApp has lobbyists telling NHS England that it should allow their product; Signal doesn’t.
Since Facebook (the owner of WhatsApp) lies to regulators about its intentions, you clearly cannot rely on the company not to do tomorrow what it denies it will do today. As a consequence of this, any official guidance must in future be kept up to date by NHS Digital. And, as corporate policies change, so must the guidance – removing from the equation NHS England’s fear of the deluge of lobbying that created this mess in the first place.
Clinicians deserve better tools than those that NHS England chooses to recommend, where a national body prioritises its own interests over the needs of those delivering direct care.
(This post will be kept under review as technologies change; it was last updated in March 2020)