Download PDFPDF
WhatsApp Doc?
Compose Response

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Author Information
First or given name, e.g. 'Peter'.
Your last, or family, name, e.g. 'MacMoody'.
Your email address, e.g.
Your role and/or occupation, e.g. 'Orthopedic Surgeon'.
Your organization or institution (if applicable), e.g. 'Royal Free Hospital'.
Statement of Competing Interests


  • A rapid response is a moderated but not peer reviewed online response to a published article in a BMJ journal; it will not receive a DOI and will not be indexed unless it is also republished as a Letter, Correspondence or as other content. Find out more about rapid responses.
  • We intend to post all responses which are approved by the Editor, within 14 days (BMJ Journals) or 24 hours (The BMJ), however timeframes cannot be guaranteed. Responses must comply with our requirements and should contribute substantially to the topic, but it is at our absolute discretion whether we publish a response, and we reserve the right to edit or remove responses before and after publication and also republish some or all in other BMJ publications, including third party local editions in other countries and languages
  • Our requirements are stated in our rapid response terms and conditions and must be read. These include ensuring that: i) you do not include any illustrative content including tables and graphs, ii) you do not include any information that includes specifics about any patients,iii) you do not include any original data, unless it has already been published in a peer reviewed journal and you have included a reference, iv) your response is lawful, not defamatory, original and accurate, v) you declare any competing interests, vi) you understand that your name and other personal details set out in our rapid response terms and conditions will be published with any responses we publish and vii) you understand that once a response is published, we may continue to publish your response and/or edit or remove it in the future.
  • By submitting this rapid response you are agreeing to our terms and conditions for rapid responses and understand that your personal data will be processed in accordance with those terms and our privacy notice.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Vertical Tabs

Other responses

  • Published on:
    Ensuring secure communication in health care:
 A response to O’Sullivan et al on their paper ‘‘WhatsApp Doc?’’

    The high incidence of sensitive patient data exchanged between physicians via Whatsapp and iMessage evidenced in this study demonstrate potential violations of the new General Data Protection Regulation (GDPR) due to come into effect in May 2018. The GDPR outlines specific requirements for the processing and storage of data of which patient data is arguably the most sensitive. Breaches are expected to generate fines of up to 4% of annual turnover or 20 million euro – for authorities such as the NHS and HSE, this is potentially catastrophic.

    Images of Xrays, blood results or wounds, taken via the mobile device in a doctor’s pocket, can be streamed via the famously insecure Apple iCloud in the USA, and suggested for potential upload to social Apps such as Facebook by default. Such material shared via Apps such as Whatsapp are downloaded by default to the image gallery on a smartphone and streamed between all networked devices, whether the recipients open the message or not. Such images can contain EXIF data, such as geographical co-ordinates, date, time, make and model of device etc. Such images are required to be encrypted and stored securely with the patient’s medical notes.

    It cannot be overstated that ‘free’ communications solutions such as iMessage, WhatsApp, Signal, Secure Chat etc. are not free at all - if cash is not being paid for an App, the data of the clinician and patient is the commodity being paid for the functionality. Typically Apps have...

    Show More
    Conflict of Interest:
    None declared.