Speaking to the world
Communication always involves a speaker and a listener. At its simplest, and sometimes most profound, there is only one of each. A parent telling a story to their child tucked up in bed, partners whispering secrets, a patient and their doctor. Ever since cavepeople decided to invent speech instead of grunting and throwing heavy metal hand signs at each other* we’ve been developing ever more powerful ways of talking to more and more people. Today you can tap on a bit of glass you keep in your pocket and speak to the world.
Which brings me to email. Email is a great solution for busy GPs – quick, efficient, time-stamped messages that archive themselves and can be accessed on-the-go without mess or fuss. But it’s a solution that is also a problem.
An example. When I’m done writing this column, I’ll attach it to an email with a cheery note and hit ‘send’. It will bounce out of my computer, electrons fizzing eagerly along the wires, and ricochet through a handful of routers; I could say I imagine it waving to the other emails as it whizzes past, but I might have pushed my anthropomorphic angle as far as I can. After a few seconds it will drop into my friend Liane’s mailbox with a ‘ping’.
You likely know that email is no more or less secure than a postcard. That’s because, as my email hops through the nodes between here and New Zealand Doctor it can be logged, scanned, viewed. In my case, I don’t mind if someone running a mail router gets a sneak peek at this column. But if you’re using email to provide advice, or seek second opinions, that you wouldn’t be happy putting on a postcard, you need to think carefully.
You might wonder why, at this point, we don’t all just have email that keeps information secure as it travels? We’re well into the 21st century after all; that Christchurch chap invented a jetpack, food pills are probably around the corner. It’s undeniably the future – so why can’t we talk to each other without telling the world?
It’s a fair question, and the answer is that we absolutely can. A Google search for ‘secure email’ pops up 600 million hits. PGP, which provides free and open source encryption that even the NSA can’t break, was invented in 1991. There are plugins, and programs, and apps galore.
But remember about the speaker and the listener; it’s no good saying things securely if no one can hear you. Bluntly, until everyone is using the same secure email, then no one except enthusiasts and whistle-blowers will be interested. To really work, secure communication needs to be easy, even effortless.
Giving people in the health sector a way to talk to each other securely is a big job, and it’s a hard job. There are software issues, hardware issues, standards issues, people issues, organisation issues.
I’m happy to say there are efforts afoot right now to fix the problem, but that doesn’t help you when you’re deciding whether or not to hit ‘send’. And even after we’ve jumped through the hoops of setting up a reasonably secure system for the health system that pipes messages from person to person without exposing them to any unwanted eyes, there’s still the underlying security problem of email, which is that it’s so easy.
When you do easy things a lot, you do them fast and you do them by reflex. If you email a lot you’ve probably had the experience of getting an email, rattling out a reply or a forward and hitting send then pausing for an agonised moment as you tried to remember whether there was anything you should have put more thought into. Or where a personal back-and-forth raised a work issue, which then turned into an email to someone else – with your personal chitchat at the bottom of the email trail.
The simplicity and power of email also means you can send a huge amount of data very fast. Someone wants to know your CPD assessment rates? Slap the data into a spreadsheet, attach it to an email and hit send.
The danger comes from that sense of communication as essentially one-to-one. You might email someone as though you’re talking to them, but the moment it leaves your computer you’re potentially talking to the world, as that unfortunate ACC employee found out a few years back when they sent an email full of other people’s claim data to a complainant.
A secure email system might or might not fix this; my money is on ‘not’, since systems can’t fix people. So instead I’ll suggest some mitigations. All of these are easy, all of these are important, all of these might save you a lengthy and embarrassing Privacy Act complaint.
First: get your email addresses right. Most email clients remember addresses you’ve used before, so when you get a new address from someone you’re going to be corresponding with, get in the habit of flicking them a ‘hello’ email so their reply files their details neatly in the system.
Next, put a delay on sent mail. I don’t have the space to explain it here but a quick Internet search should show you how. This avoids the ‘…oh no!’ of sending the wrong thing to the wrong person by holding onto each email for a minute or two before actually despatching it.
Unless it’s an emergency, don’t use names and addresses in emails. NHI numbers are acceptable in a pinch, though they’re not anonymous.
Finally, if you really truly need to send a lot of identifiable health data, then put it in a document and password protect it. Call the person you’re sending it to and tell them the password over the phone. While this isn’t exactly high security, it is comparable to sending information in an envelope rather than a postcard; a significant improvement.
And after all there’s some attractive irony in using an old-fashioned method of communication, talking, to safeguard one that relies on a sophisticated global network of computers...
*Historical accuracy not guaranteed