UK-based app Pando has come under scrutiny for a security breach which saw NHS patients’ photos automatically uploaded onto users’ smartphones.

The clinical communication tool, which has been approved under the NHS Clinical Communication Procurement Framework, is used to send messages, test results, X-Rays and photographs between care teams. It is reportedly used by more than 60,000 NHS staff across 300 UK hospitals.

However the Primary Care Dermatology Society (PCDS) withdrew its endorsement for the app last week, after spotting a data security issue which caused photos taken within the app to be automatically stored on the camera roll of certain smartphones.

The PCDS later said that Pando had resolved the issue by implementing a custom camera solution and it had reinstated support for the app.

An NHSX spokesperson told MobiHealthNews that Pando is currently undergoing the NHS Digital Technology Assessment Criteria (DTAC) assessment and NHSX does not endorse the app.

WHY IT MATTERS

The COVID-19 pandemic has seen a surge in clinical communication tools to allow medical professionals to collaborate securely on patient care.

However, security fears have been raised about the need to protect patients’ privacy and not transfer data rights to system providers.

THE LARGER CONTEXT

This is not the first time Forward Clinical Ltd, which owns Pando, has faced controversy. Earlier this year it was revealed that the firm’s paediatrician app Juno, been operating without Care Quality Commission (CQC) registration for two months after its launch in March.

Meanwhile, Pando is working with the British Army to connect deployed medical staff with their seniors and specialists in the UK, whilst in the field.

Last year Dutch startup Siilo announced a €9.5 million Series A funding round for its clinical communication app, which allows secure staff-wide collaboration.

Other clinical communication apps used in the NHS include Hospify and Medic Bleep.

ON THE RECORD

A Pando spokesperson said: “The team spotted a bug on a recent app update which meant that, on a very small number of Android handsets, photos taken in the Pando app were being saved to the camera roll. This bug was picked up almost immediately, a fix was released, and the issue is now fully resolved. 

“It only affected some Motorola and Nokia phones which were running a specific version of Android, meaning only 0.2% of the Pando user base will have been affected. Nevertheless, the team made sure the issue was resolved as quickly as possible and all users who may have been affected have been contacted to explain the issue and the steps they might need to take to ensure confidentiality is maintained.”

Executive chair of the PCDS, Dr Tim Cunliffe, said: “Following the report that PCDS had withdrawn support for the Pando app, I am pleased to confirm that the company has satisfactorily answered our concerns and we will be reinstating our support and advising our membership of this decision.”