The digital doctor’s bag.

Listen to this as a podcast courtesy of the IFMiL or Catalan Institute of Medical Education and Leadership.

When you think of the traditional image of a doctor outside of the hospital or the consulting room, he or she always carries a bag. Much like Mary Poppin’s carpet bag, it is full of magical instruments. Apart from a stethoscope, this could also have included a sphingometer to measure the blood pressure and maybe a couple of syringes to administer an all curing medication. Times have changed, and today we have different instruments, but their objective remains the same: to be a diagnostic aid at the bedside. This is especially true in rural and remote areas where a transfer to a local hospital may be complicated and time-consuming. However, it is also true for patients with decreased mobility in an urban setting. These are the patients who already receive the home visits instead of coming in to see their GP at the surgery.

The concept of the digital doctor’s bag describes a combination of digital medicine devices linked to a smartphone or tablet. It also includes decision aid apps and even the EHR or electronic health record. The EHR means that the HCP has access to all the patient’s notes and results on the go, even those of other specialists.

Emergency visits, whether by a GP or a prehospital service, also benefit from having a digital doctor’s bag. This may mean the difference between transferring a patient to a hospital or keeping them at home. The obvious example is an ECG being recorded and being sent straight through to the cath lab and cardiologist on call. If the patient doesn’t fulfil cath lab criteria, they may well be transferred to their local hospital instead of being sent further afield. But some of the devices are used by the HCP in situ. The portability and decrease in the cost of hand-held ultrasound machines have made them very much more accessible. Ultrasound does remain operator dependant and rule in not rule out. Traditional stethoscopes are replaced by digital stethoscopes which record and analyse heart sounds to provide a visual representation. Listening then becomes optional. Portable spirometers as an add on to a smartphone which then adds the information to the patient’s own records can reduce clinic visits for chronic patients. They can also empower patients to identify and manage their exacerbations in combination with their HCP at a distance.

Digital dermatoscopes are another welcome addition to the doctor’s bag. Working with high quality augmented images, you can diagnose yourself, send to dermatologist colleague for a second opinion or even let the AI do it for you. In 2018 Haenssle et al. concluded that deep learning convolutional neural networks outperformed even dermatologists when it came to melanoma identification(1) and that all HCP no matter what their level could benefit from this technology.

GDPR and fitness apps.

Do you own a fitness tracker? Or even just activate the steps counter on your phone?

Most of us have used some sort of health or fitness app, whether to go running or record more intimate details. Most of us have also ticked all the terms and conditions automatically. To comply with GDPR, the information should be clear, and the data collection limited to what is needed by the app. Is geolocation and access to your contacts always necessary? How do you feel about your age and gender combined with your fitness level being shared with undisclosed third parties? While medical data for clinical trials usually have to be anonymised, this is not necessarily the case for your data which is then shared with your insurer or your mortgage broker…without you even knowing it. This is when the targeted ads for new running shoes pale into insignificance. Higher health insurance premiums or rejected mortgage applications have a real impact on our life.

As a doctor, you will be the controller of the fitness data of the data subject, who is your patient. In the context of fitness trackers, you need to be sure that you comply with Article 5, being especially mindful that the data you collect is limited to the specific healthcare purpose. As apps can often collect a lot more data than you would imagine, as a doctor and controller, you need to be sure that you don’t end up collecting everything indiscriminately. This same data can make it unexpectedly easy to identify patients even if you remove the distinct identifiers such as name, age and gender.

Personal data is any data that can identify you as an individual and more specifically, health data is anything that refers to your specific health status. Furthermore, this is classed as sensitive data as the consequences of this data becoming more widely known can have more serious implications as previously mentioned.

If you are integrating the information from an app as part of an EHR program you have contracted, this is one of the questions to ask the EHR seller. How do you ensure that only relevant information is brought across? This is something they may not even have thought about.

If you are incorporating the information in a report format generated by the app that the patient has sent you by email for example, then just make sure you have a copy of preferably written consent. It should cover the data being incorporated into their EHR and therefore, everyone else who also has access to the EHR.

Although fitness trackers can be a good way of getting people or your patients to a better state of health, you may want to have a chat about “free” trackers. Some health insurance companies are offering almost free fitness trackers. However, they then access your data and premiums may be affected by how the health company evaluates your fitness and therefore, your risk for future illness. They might not turn out to be so cheap after all.  There are many less expensive if less prestigious fitness trackers on the market. In reality, most people only need an activity monitor and heart rate monitor. The ECG monitoring option has been controversial and may not be relevant to your patient.


GDPR and health data – the questions you need to ask as a doctor.

As a doctor, I have always been very aware of the importance of patient confidentiality. Not only for ethical or legal reasons but also for purely practical purposes. If you don’t have all the information you can’t make the right decisions, and you will only get all the embarrassing information if patients are confident it won’t go any further.

However, from a legal perspective, it is not always that clear, especially when we are talking about health data which now comes from sources other than just the patient. Fitness trackers, for example, give useful information, but how should I store that data?

And if you are looking to buy into some new digital technology, what are the questions you need to ask?

If you are still using paper records or are outside of the EU, this too affects you as all data are covered by articles 2 and 3 of the GDPR.

Historically this has been recognised as a concern as early as 1970 with privacy being covered in the European Convention on Human Rights. Data protection was mentioned in 1981 in the Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data. Therefore the right to data protection is a fundamental right. Now, most people will have heard of the General Data Protection Regulation or GDPR which came into effect in May 2018, if only because of the pop-ups requesting permissions or in the case of certain non-EU websites, refusing access altogether.

For doctors, the essential concepts to understand about data processing or actions on information that can identify their patient are:

  1. Data controller: Person who decides what data is collected, how this data is collected and for which purpose. As a doctor, you or your institution can be a data controller.
  2. Data processor: Person or service who processes the data under the instructions of the controller and as a doctor using #digitaltech this can be the software you are buying storing the data and which needs to be formalised with a contract.
  3. Data subject: Patient or identifiable person.

Article 5 of the GDPR covers data processing, and as a doctor/data controller, you need to be aware that the data you collect should be:

  1. Lawful, fair and transparent.
  2. Limited to purpose – you need to be recording data with a specific, limited and explicit purpose.
  3. Minimised – irrelevant data should not be recorded.
  4. Accurate – doctors are used to keeping treatment changes, for example, and we are all aware of the legal consequences of not keeping legible notes.
  5. Storage limitation – this refers to not keeping the data for longer than required. Health is probably one of the few exceptions where you can argue that the data should be stored for the entire life of a person to give the best care.
  6. Integrity and confidentiality. This refers to the fact that the data must be protected appropriately through technical and organisational means. You need to consider not only loss and damage (accidental or other) but also that it is not accessed inappropriately by different members of staff. This is a core question when being presented with a new medical application or technology for your practice. Larger institutions such as hospitals will have an information security officer, but if you practise in a smaller setting, this responsibility will be yours.

Finally, to process any data, you need to be sure that there are legal grounds for processing the data you have collected. For doctors, the concepts are familiar:

  1. Consent has been given.
  2. It is necessary for a contract to be carried out and specifically, in the health care setting, this includes an agreement to medical treatment either implicitly or explicitly.
  3. You are complying with a legal obligation.
  4. You are protecting the vital interests of a patient.
  5. You are carrying out a task in the public interest or in your capacity as an official authority.
  6. There exists a legitimate interest for processing.

Sensitive data, as health data is, get more privacy protection, and Article 9 covers this specifically. Safeguards used include:

  1. Pseudonymisation: This is removing identifying fields such as name, date of birth and address but in health needs to go even further. A diagnosis of a specific disease and treating hospital plus gender may be enough to identify the patient. With big data and large amounts of patients, it becomes harder to identify individuals, but even there it is important to think about unusual characteristics which may make the patient stand out. Some doctors have fallen foul to this on twitter when making what they thought were generic comments about a type of patient they may have seen during a specific shift. However, at the same time you still have to have the correct data to treat your patient. This means that you need additional information in order to access all the information about your specific patient.
  2. Anonymisation: This means that you strip away all the identifying aspects from the data and can no longer identify the patient. This is a valid technique for research. You can no longer identify the person even if you have the additional information. As mentioned previously, it is very hard to anonymise medical data and there is a chilling report here for al those with any level of data protection responsibility about how supposedly anonymised health data sets were not so anonymous once compared to local newspaper reports. 43% of the individuals were identified.
  3. Encryption: This encoding of the data is very much more a technical aspect.  Most doctors would find it hard to know what questions to ask and then interpret the answers. However, thinking of specific clinical contexts may make the technical team think about uses and deviations which they had not come across.

In general, observing good medical practice will set you on the right road, but the questions come when you want to contract a new software.

  1. What / who is the data processor you use? Are they compliant with GDPR and what sort of guarantees do they offer?
  2. As this is sensitive data, how is it:
    1. Pseudonymised?
    2. Encrypted?
  3. How are you complying with data protection by design and default?

Although most clinicians without any programming or technical knowledge would find it hard to ask specific questions and then understand the answers. However, technicians don’t have the situation-specific understanding of how this data will be used and going through a typical consultation together step by step can help uncover moments when there may be data compliance issues. This is the data protection by default – only the sensitive data needed for the specific process can be processed. For example:

  • How do you lock the screen temporarily while examining a patient when family members may be present?
  • How do you deal with multiple doctors using the same computer?
  • How are blood results transferred between the laboratory and your EHR?
  • Are emails encrypted if you have to do a referral to a colleague?

The company selling you any software should be able to give you clear answers and explanations as to how they are helping you comply with your obligations as a data controller in the clinical setting. Your obligations when contracting a data processor are set out in Article 28, and even if you don’t know the article in detail (!), the people selling you the EHR should.



Insulin pumps and artificial pancreas

As expert patients go, there are few as expert as type 1 diabetics when it come to the latest technology. Patients with diabetes who turn up unwell in the ED with high blood sugars and an insulin pump can get diabetes nurse input before a transfer to ITU. However, ED docs and GPS can use the tech to help them out with some basic knowledge of how it works.

Insulin pumps

No access? Insulin pumps deliver insulin via a sub cut catheter which is changed every 48-72h. This catheter can be used to continue delivering insulin if:

– a blocked catheter is not the cause of the presenting compliant (DKA in it’s extreme)

  • Check for signs of infection around the catheter site
  • Ask when it was last changed – if high BMs have started after a catheter change this may be the cause although most DM patients know themselves to put insert a new one in if high BMs after a change.
  • Does the patient think it might be blocked?

no air bubbles are present in the tubing. Bubbles once identified can be purged and again the best person to ask is the patient themselves.

– the pump insulin is effective

  • Extreme heat and cold can affect the potency of the insulin itself but also the patient requirements themselves. Especially important to bear in mind with unexpected heat waves.
  • The cold chain needs to be maintained from buying to starting to use the insulin. Although once starting to use the insulin, it can be kept in a pump or bag if in an insulin pen, if there has been a break in the cold chain at the time of getting it from the pharmacy to the home fridge it may be a reason for it not being effective. It might be the case that if the patient has various boxes stocked at home they might not even remember this break in the chain.

If the diabetes team have reviewed the catheter and pump, you can ask about the possibilities of delivering ongoing insulin through the pump especially if the main presenting complaint is not specifically related to diabetes. All pumps work delivering a continuous infusion of fast acting insulin with boluses also of fast acting insulin. This is also the reason why insulin pump users are at a higher risk of DKA. They have no long acting insulin in their body should there be a problem with the pump delivery of  said short acting insulin.

DIY pancreas systems involve using the hardware of existing pumps and open source software with differing goals according to the software used. Generally the idea is to automate insulin delivery as much as possible, delivering more if the tendency is for blood glucose levels to increase and to stop basal delivery if levels are decreasing. Some commercial pumps also do this. The important point to remember are that if levels are falling quicker than expected, the pump may not stop in time so low blood sugar levels that need treating may still occur. Meal boluses that have been delivered can also not be taken back should the meal not be eaten or a greater quantity of insulin be delivered than needed according to the carbs eaten. Most of the pumps show active insulin i.e. recent boluses of fast acting insulin which are still active in the body.

CGM / Glucose level sensors

Many patients now have CGM or continuous glucose monitoring in one form or another. Results are sent to receptors which can be phones, smartwatches, insulin pumps and sensor specific receptors. These can avoid constant finger pricks and have the additional advantage of giving trends of blood glucose showing rapid falls or increases, and stability.

All results should be initially checked with finger pricks to ensure they are working properly and significant treatment decisions need finger pricks.

Unexpected results or feelings of hypo or hyper that do not correlate with the sensor reading need to be checked with a finger prick.

Furthermore, as there is a 5-10 minute time lag with the results of finger pricks due to being placed in the interstitial fluid, hypo or low blood sugar levels need finger prick checks.

They usually store 12-24h information within the receptor and weeks or months online which can be invaluable when it comes to finding out when alterations started.


  • Freestyle libre is a 35mm disc which if interrogated by a receiver can tell you the current glucose levels. It will only give you that information if it is interrogated. It may also not update properly especially if consistently at higher levels, so results should always be checked initially and periodically with a finger prick. It cannot be calibrated with a finger prick blood sample.

Freestyle libre

  • Dexcom is a true CGM in the sense that even if you do not interrogate it, it will continue sending the blood glucose levels every 5-10 minutes to the receptor which can be a phone, pump or dexcom receptor. The newer dexcoms don’t need to be calibrated with finger prick but the older ones will need a finger prick 2-3 times a day. Calibrating at times of rapid change will lead to inaccuracies and over calibrating too will affect the sensor algorithm. Having said that they are usually accurate although sensors can fail and inaccuracies can be the first signs of this.


  • Enlite sensors are linked to the Medtronic pumps and send the information directly to the pump every 5-10 minutes, or if using open source apps such as nightscout to a phone or smartwatch. Again these need to be calibrated a couple of times a day and the same points as to not over calibrating and checking against finger pricks is valid.


enlite sensornightscout