iPhones in the Operating Room

Did you know your staff - your wound care team, neurology faculty, your dermatology fellows - are all taking photos of patients on their iPhones?

Photos are becoming an increasingly important part of the care and clinical education progress. Professors are taking videos of a Parkinson's patient's tremor progression to better teach their students. Dermatologist are tracking the growth and change of sun spots. Surgeons are recording new, innovative techniques to show at industry conferences. But are the images they're capturing secure?

Without the right guidance and institutional resources, your organization could be at risk for a very serious privacy breach. Here are three important issues you and your staff should understand before snapping those photos:

iPhone Encryption

Password protection is one of the most basic, important requirements for any employee using their iPhone for professional purposes. Most Apple devices encrypt their contents by default, with varied levels of protection. But to protect against someone stealing and accessing the phone's contents, it should also be encrypted with a unique passphrase or code. Your web, integrity and/or legal teams should all be involved in establishing encryption standards for your organization.

Photo Storage and HIPAA

When staff charge their iPhones at night, oftentimes auto-sync'ing to the cloud, HIPAA has been breached. When the dermatologist emails a photo to their patient or texts it to the lab tech for safekeeping, HIPAA has been breached. Your organization should consider investing in unique, secure devices, used only for clinical purposes and/or approved iPhone applications, like Epic Haiku, for safe image storage and exchange. These newer apps allow staff to send their iPhone photos directly through to a patient's electronic health record (EHR), bypassing storage on the device, itself.


When training teams, I often get asked whether photos and video are OK to take on personal, encrypted devices, as they are de-identified: 

"We put a sheet over the patient's face before we photograph them."

"We cover up any identifying tattoos and moles."

"I make sure protected health information isn't out on my desk, when I take the photo."

Unfortunately, unique identifiers are not limited to the physical elements of the photograph. Other unique identifiers, called meta data, are captured automatically with each iPhone photo or video. Meta data includes information like the date and time the photo was taken, its geographic location, including altitude, latitude, longitude. Your iPhone also automatically tags the make and model of your camera, the image resolution, software used to process the image, and more.

Your operating staff likely does not know (nor should they) how to remove meta tags from individual iPhone photos. But they should know how to encrypt and use their devices appropriately and which devices or applications are approved for clinical documentation use at your company. 

Inappropriate and unsafe device use is one of the most serious issues in health care today. You must invest in comprehensive internal education and clinical resources to protect your patients, your employees and your organization.

Click here to learn more about our internal training services.


Jess Columbo

Principal, Med|Ed Digital

Welcome to Med|Ed Digital

We often hear how quickly and dramatically brands are moving towards digital-first or digital-forward communication strategies in order to meet consumers "where they are." 

For healthcare systems and higher ed institutions, this can mean uncomfortable internal reorganization. It can mean big shifts in budget and human capital - a tremendous lift for some of our large, decentralized organizations.

Beyond your "consumer"

We also know disparate work groups, including media relations, human resources and your C-suite, need to increase their social media sophistication level. Your current and prospective students, your faculty and staff and your recruits are looking to engage, to build, to advocate for your organization across the social web.

Does your culture beget this kind of brand loyalty?  Moreover, does your employee-base have the tools and resources they need to use social media safely and effectively?

Evolve or Die

The teams who transition successfully will invest in the process and the people. They'll commit to change management resources, robust internal communications and T-shaped new hires (eg. creative analysts, data content strategists, digital project managers etc.). 

Perhaps more importantly, the teams who will "win this social arms race" will have courage to try and fail in the digital space. Then, they will try again.

They know failure means learning and that the benefits of strategic and authentic social engagement greatly outweigh the risks.

It's just good business

Your supporters, whether legislative or donor-based, community partners or commercial vendors, are all evaluating your brand's digital footprint as an indication of market share and commitment to organizational innovation.

The healthcare and higher ed industries are shifting - grant monies are shrinking - and fostering these online relationships will have real impact on your company's bottom line. I guarantee it.

Join us

The Med|Ed Digital team specializes in social strategy for these highly regulated industries. We bring a passion for creative content and consumer insights, along with deep platform and analytics experience.

If your team is struggling with governance, with community building, with risk management or employee education, we'd love to help. Get in touch.



Jess Columbo

Principal, Med|Ed Digital