Most people have a mobile phone, sometimes more than one. How often would it be useful to take a photograph of a patient’s teeth using your own mobile? However, before you start snapping away, here are some considerations to bear in mind.
When taking a photograph, you must respect the patient’s privacy and dignity, and their right to make or participate in decisions that affect them. The photograph should only be taken with appropriate consent, ensuring that the patient was under no pressure to give their consent. The patient must be aware of the purpose of the image and how it will be used. This consent process should be fully recorded in the patient’s records. The photograph must not be used for purposes beyond the scope of the original consent without consulting the patient. Consent gained for baseline recording of potential pathology, for example, would not support the use of the images to advertise a practice’s services on their website.
Confidentiality is central to trust between clinicians and patients. Without assurances about confidentiality, patients may be reluctant to seek medical attention or to share all the information needed by the clinician in order to provide the most appropriate treatment. However, information sharing by medical and dental teams is essential to the efficient provision of safe, effective care, both for the individual patient and for the wider community of patients. Photographs taken in the course of the patient’s care form part of the clinical record, and should be treated in the same way as written material in terms of security and decisions about disclosures. Therefore, you must follow guidance on confidentiality when taking photographs.
Individual dentists have a duty to safeguard and promote the welfare of children. You should take into account that mobile camera phones are a potential risk, in that inappropriate photographs could be taken either of the child, or of confidential information pertaining to them, and could be disseminated further.
Any image, whether it is anonymised or not, forms part of the dental record and is personal data. As a consequence it must be stored and processed in accordance with the requirements of the General Data Protection Regulation (GDPR) as brought into law by the Data Protection Act 2018. It is therefore not acceptable to carry images of patients on your mobile phone, or to electronically share them with other devices in your possession, as there is clearly a risk of the data being lost or stolen. It is important to recognise that unless cloud-based environments are used, strictly in accordance with a documented policy of appropriate security and organisational measures, these can introduce the potential for data breach risks. This clearly runs counter to the key principles of safety and security underpinning the Data Protection Act. More information on data protection responsibilities in relation to mobile phones and other devices can be found on the website of the Data Protection Commission.
Use a dedicated camera
If there is a clinical need or a desire to take images for diagnosis or education purposes, it is not appropriate to use mobile phones. Agreement from a patient to allow the taking of a photograph does not negate your professional obligations regarding appropriate data handling, or your duty to protect confidentiality. Barring emergencies, there are no circumstances where taking patient images on a personal mobile phone, whether or not you have the patient’s consent, is justified. A dedicated digital camera, linked to the practice computer system storing patient details, offers a more secure method. The practice record-keeping system should already be compliant with data protection requirements and still allows the sharing of images between colleagues, if the patient has given their consent. The unintended risks that might arise if a mobile phone is lost or cloud-sharing software is engaged, will have been eliminated. It also looks more professional.