Why it’s bad to use WhatsApp

Despite the popularity of WhatsApp as a platform to converse with family, friends and even colleagues, there is a huge questionmark around its confidentiality. 

Simon Hemingway examines the implications of using WhatsApp for communicating in a healthcare environment. 

It is no surprise that Facebook/Meta-owned WhatsApp is the world’s most popular messaging application; as of 2022, it has around two billion users.

Over time, the convenience, ubiquity and familiarity of the platform has meant that it is becoming increasingly used in a workplace setting, as a way for colleagues to communicate and share information relating to clients or – in a healthcare environment –patients.

However, using WhatsApp in the healthcare sector is ill-advised. 

In July, the UK’s Information Commissioner called for a Government review into the risks and areas of improvement around the use of private correspondence channels, in light of a year-long investigation into the use of such channels by ministers and officials at the Department of Health and Social Care during the pandemic. 

The investigation revealed that ‘the clear lack of controls and rapid increase in messaging apps and technologies – such as WhatsApp – had the potential to lead to important information around the Government’s response to the pandemic being lost or insecurely handled’.

The rise of WhatsApp among clinical teams

If you search for evidence of WhatsApp being used in a healthcare setting, you would not be hard-pressed to find it, with some articles dating back years. 

In 2015, NHS England addressed the use of WhatsApp in the 21st edition of its Information Govern­ance Bulletin, stating: ‘Whatever the other merits of WhatsApp, it should never be used for the sending of information in the professional healthcare environment. 

‘WhatsApp is a consumer service, which does not have a service- level agreement with users and has no relevant data security certification. There is no valid reason for its use within the NHS. Only apps that have been specifically approved by NHS England should be used.’

Three years later, research published in BMJ Innovations found a widespread use of WhatsApp for communication between healthcare professionals. 

According to the study, 97% of doctors routinely send patient information on instant messenger without consent, despite the fact 68% were concerned about sharing information in this way. 

In 2021, a study entitled ‘WhatsApp in Clinical Practice’ was published, with the aim of reviewing the literature on how clinicians who use WhatsApp in clinical practice keep medical records of the content of WhatsApp messages and how they store messages and/or attachments sent via the platform. 

In the abstract, it highlights how there is a ‘general lack of awareness or concern about flaunting existing privacy and security legislation’.

More than just a privacy issue

Other than the widespread popularity of WhatsApp, it’s not hard to see why medical professionals would choose to use the platform. 

There’s no requirement for a computer, with a possibility of an immediate response being some of the biggest benefits. However, in this case, the cons far outweigh the pros. 

Although standard WhatsApp promises end-to-end encryption, it is nowhere near robust enough for internal comms at work. 

Consumer-grade messaging apps are long-established and relatively easy targets for malware and other cybercrime, putting confidential patient information at risk.

Back-door adoption

A report called ‘WhatsApp in Hospital? An Empirical Investig­ation of Individual and Organis­ational Determinants To Use’ alluded to WhatsApp in a healthcare setting being an ‘extreme case of back-door adoption’, whereby they are used ‘without formal approval or assessment from top managers about the opportunities and risks that these innovations might bring along with them’. 

This can create silos of information known only to members of unofficial and unaccountable messaging groups, with the near impossibility of knowing who is in any given messaging group, as well as the difficulty of ensuring that former staff members have been removed from all groups.

Other dangers include the lack of a coherent audit trail, a lack of integration with wider business systems, the transference of patient-identifying information and the illusion that staff need to be available 24/7. 

Research from Text Anywhere found 73% of employees are contacted by their manager or colleague about work when they are on annual leave, with experts warning this can lead to greater anxiety and stress.

What is the solution?

Hospitals and other healthcare organisations can empower clinicians, accelerate workflows and reduce operational costs by leveraging mobile technology – if design, deployment and implementation are done right. 

WhatsApp, as discussed throughout this article, generates unnecessary risk, so should be avoided in the workplace at all cost. 

There are many other other communications platforms available that are designed to be implemented as part of a carefully planned mobility strategy – often tailored for specific sectors, use cases and devices – which are secure, efficient, compliant with the General Data Protection Reg­ulation and can be integrated with existing software and systems.

A tailor-made platform that offers more value add than just messaging is also a very good productivity investment, while ensuring there are no risks to employees’ physical or mental health, with messages sent outside of office hours, or while on holiday, encouraging them to mix work and pleasure.  

Simon Hemingway (right) is healthcare director at technology solutions integrator The Barcode Warehouse