Skip to main content

Mobile devices, social media, the internet and digital content, appropriate and acceptable use

Contents

1 Aim

The aim of this standard operating procedure (SOP) is to provide colleagues with clear guidance to support patients including their families, carers and support networks, other professionals, and visitors in the appropriate and acceptable use of mobile devices, social media, the internet, and digital content when receiving services from the trust.

The SOP has been written in accordance with recommendations from the following guidance which support the use of mobile devices in hospital settings with due regard to safety and privacy:

The Department of Health (opens in new window), reflecting on the rapidly developing principles of patient choice in the matter of mobile phone usage has issued a supportive statement superseding all previous guidance relating to the use of mobile phones in hospital.

The working presumption should be that patients will be allowed the widest possible use of mobile phones in hospitals where the NHS trust’s local risk assessment indicates that such use would not represent a threat to:

  • patients’ own safety or that of others
  • the operation of electrically sensitive medical devices in critical care situations
  • the levels of privacy and dignity that must be the hallmark of all NHS care

The trust also recognise that certain vulnerable patient groups would be advantaged if they could use a mobile device to support their understanding or communication needs via mobile devices.

2 Scope

The content of this SOP applies to all colleagues, patients including their families, carers and support networks, other professionals, and visitors across all community and inpatient settings.

Within the section 136 suite we are obligated to progress appropriate clinical assessments of our patients even if they are recording the interactions, without any consent.

3 Link to overarching policy, and or procedure

This SOP is overarched by the trust clinical risk assessment and management policy.

4 Procedure or implementation

Mobile devices play a significant role in people’s lives. These devices enable users to access a wealth of content and stay connected to the people and the world around them offering empowerment and validation, which is important at a time when they may feel isolated.

For many people, their mobile device will enable them to access content that supports their wellbeing from socialisation to relaxation.

However, the ever-present use of mobile devices and faster internet speeds pose a new challenge in terms of the ability to watch, create and share content.

It is important that the use of mobile devices within the trust is managed proactively to ensure that patient’s confidentiality is maintained, and the use of mobile devices is not abused. This is to protect and preserve the privacy, dignity and safeguarding issues of colleagues, patients and visitors.

This is especially so in respect of recording devices where the digital information can be easily manipulated to misinform and mislead others, and where a patient lacks capacity to consent to a recording being made. In these cases, colleagues may need to take action to manage and, in some cases, restrict access to the device to protect a vulnerable person and to safeguard them from the risk of abuse.

The appropriate and acceptable use of digital devices, social media, the internet and digital content also extends to colleagues across the trust, who should lead by example. Colleagues should refer to the information technology (IT) security policy and social media employee usage policy for further guidance.

4.1 Definitions

Definitions
Term Definition
Mobile device Mobile device is used as a catch-all term to describe all mobile devices and wearable technology such as, but not limited to, mobile phones and tablets, smartwatches, and other smart accessories. The term also extends to more traditional analogue devices which may still be in use, such as cameras and audio recording devices
Digital content Digital content is any content that exists in the form of digital data. Digital content is stored on digital media or analogue storage in specific formats. Forms of digital content include information that is digitally broadcast, streamed, or contained in computer files

4.2 Considerations and risks

Whilst there are many positives associated with mobile devices, it is important that colleagues also understand the risks, to ensure they can address these appropriately and consider suitable mitigations and restrictions where clinically indicated.

Below are a series of potential risks for colleagues to consider, however colleagues should be mindful that this list is not exhaustive and due to rapid development in technology and access to the internet, new risks are likely to emerge:

  • devices with audio and video functionality may be disruptive to other patients and the content may be offensive and or upsetting to some
  • devices, the internet, and social media can be used to harass and stalk
  • the patient may place themselves and, or others at risk through inappropriate use of social media. Devices may be used to access inappropriate content that could stimulate risky behaviour or incur financial charges
  • the patient may receive inappropriate communication
  • images and recordings may be taken overtly and covertly, edited and, or shared without consent
  • devices may be stolen, or patients may be pressured to loaning devices to others who may use their airtime or data or make purchases through applications or electronic payment functionality

Patients may also be vulnerable to:

  • financial scams
  • gambling apps or websites
  • grooming
  • mate and hate crime
  • cyberbullying

Live streaming is a relatively new risk in healthcare settings and is a form of entertainment and communication that has rapidly gone from something unheard of to something increasingly popular (Krings 2020 (opens in new window)). Live streaming, or ‘streaming’, involves broadcasting some sort of media in real time, typically while the presenter adds their own commentary, and their audience interacts via typing in a chat room. Live streaming adds a specific risk in terms of safeguarding, as it allows very little scope for intervention by professionals before the content is seen by an audience.

Where someone is observed to be recording, colleagues should articulate clearly if they do not consent and ask the person to stop immediately. Colleagues should then follow the steps outlined in this SOP to ensure appropriate action is taken.

It is recognised that some patients may be more vulnerable than others, some examples, but not limited to are patients with intellectual disability, alcohol related brain injury, and patients who are experiencing dementia.

Colleagues can refer to the safeguarding adults policy for further guidance.

Where colleagues have concerns around a patient accessing the following content, they should consult the prevent policy:

  • films, programmes, and video clips containing negative connotations around race, ethnicity, culture, or religion
  • any content that supports extreme views and could give rise to radicalisation within the context of the PREVENT strategy

Additionally, colleagues may have concerns about patients accessing content that may constitute a criminal offence or illegal activity.

Examples may include:

  • films, programmes, and video clips containing violence or sexual activity involving children or animals

Where colleagues have concerns around safeguarding, PREVENT and, or illegal activity, they should escalate and seek advice from their line manager and the trust safeguarding team (staff access only) (opens in new window) in the first instance. Further investigation may be advised with the incident being reported to the policy or other agencies.

All concerns must be reflected in the patient risk assessment and mitigation and escalations recorded appropriately in the electronic patient record (EPR).

4.3 Admission to hospital

On admission colleagues must discuss with patients the appropriate and acceptable use of digital devices, social media, the internet, and digital content, including the risk of theft, loss, or damage to devices. This conversation should be supported with an information leaflet and posters displayed in communal areas.

For patients who are concerned about their property and want the trust to store it on their behalf, colleagues should refer to the trust’s patients’ monies and property procedure.

Colleagues should consider risks associated with digital devices and their accessories (for example chargers) as part of the patients personalised risk assessment in line with the trust clinical risk assessment and management policy. However, colleagues may also need to consider wider risks from the ward environment, including the risk of a device or accessory being obtained by another patient and being used in an inappropriate way.

4.4 Community

At the initial appointment, colleagues must discuss with patients their families, carers and support networks the appropriate and acceptable use of digital devices, social media and digital content.

Community teams should display posters in communal areas detailing the acceptable use of digital devices, the internet, social media and digital content.

Where these terms are breached, colleagues should refer to section 4.6 of this SOP.

4.5 Restricting access

Where there are concerns regarding a patient’s use of a mobile device, internet, social media or digital content, colleagues may recommend limiting or restricting certain access.

Any restrictions must be discussed with the patient and reviewed by the multidisciplinary team (MDT). The reasons for the restrictions must be detailed in the patient’s risk assessment and personalised care plan and reviewed at regular intervals.

Any patient mobile devices handed over or removed must be managed in line with the trusts patients’ monies and property procedure. When storing a mobile device colleagues should turn the device off.

Where there are concerns relating to the patient’s capacity to consent to any restrictions being considered a capacity assessment must be undertaken and evidenced on a Mental Capacity Act (MCA 1) form. Where the patient lacks capacity to consent and there is a risk posed, a best interest decision should be made and evidenced on a MCA 2 form.

Colleagues should seek further guidance from the trust’s MCA Mental Capacity Act 2005 policy.

Where there are specific concerns about the patient’s capacity around use of social media and the internet, a separate assessment of capacity should be undertaken.

The assessment should take into account two linked judgments, Re A (Capacity, Social Media and Internet Use, Best Interests) (2019) EWCOP 2 and Re B (Capacity: Social Media: Care and Contact) (2019) EWCOP 3, where Justice Cobb outlined the relevant, and irrelevant information for purposes of deciding whether a person has capacity to make decisions about internet and social media use, which includes:

  • that information and images shared could be shared more widely without them knowing
  • that it is possible to limit the sharing of personal information by setting privacy and security settings
  • that material or images which are offensive may upset or offend other people
  • people they communicate with online may not be who they say they are, a “friend” may not be friendly
  • some people they don’t know may pose a risk, lie, exploit, take advantage of them sexually, financially and, or physically or may want to cause harm
  • they may get into trouble if they share or look at explicit images, messages or videos online

If a patient who is not detained under the Mental Health Act (MHA) is assessed as lacking capacity to make the decision about the use of digital devices, social media, the internet and digital content, then a decision can be made to restrict use under the MCA in the persons best interests in the duration that this risk exists. This should be clearly outlined within their care plan and be reviewed at least weekly during the MDT.

However, there needs to be evidence that the restriction is necessary in line with an appropriate risk assessment and that the restriction is a proportionate measure to prevent harm.

Services providing inpatient care to patients who are not detained under the MHA can negotiate restrictions with patients with mental capacity if these are risk assessed and care planned. The patient must agree to these restrictions and can revoke that agreement. Staff can offer to look after the patient’s devices but cannot confiscate the device.

Where a patient is detained under the Mental Health Act (1983) and objects, capacity to consent to the use of digital devices, social media, the internet and digital content should still be assessed. Where there are doubts around the patient’s capacity, the principles in the paragraph above should be followed. Where the detained patient has capacity to consent to the use of digital devices, social media, the internet and digital content and declines, the MDT must review the decision and determine options such as overriding withdrawal of consent, or any additional or alternative action required to support the patient.

Removal of any devices could result in a breach of the patients’ rights under article 8 of the Human Rights Act 1998 (opens in new window) and therefore requires careful consideration as to how the person can maintain social contacts and deal with issues for which they would normally use their devices. If the patient lacks capacity and is objecting, then an application will need to be made to the Court of Protection to decide what is in the persons best interests.

Any restriction needs to be proportionate and implemented in pursuit of a legitimate aim to protect the health and safety of the patient and, or others. Alternative options must be considered and valid reasons for restrictions demonstrated in the EPR.

4.6 Breaches to appropriate and acceptable use

If a patient is witnessed or suspected of using a device inappropriately colleagues must address this as a matter of urgency.

Wherever possible, the patient should be reminded of the appropriate and acceptable use of their device, the internet, social media, and digital content. However, where there have been multiple breaches or the patient does not recognise their action to be inappropriate, or agree to stop, colleagues may have to consider removing the mobile device (as removal of the device will most likely mitigate other risks through removing access to the internet and content).

If the patient refuses to relinquish the device for safekeeping, the nurse in charge must devise an interim plan to ensure the safety of patients and colleagues, until an MDT can be convened to agree the future care and treatment. Out of hours, the on-call structures should be accessed to support decision-making.

The interim plan may include increasing observation for more vulnerable patients, increasing staff presence in communal areas, temporarily restricting access to certain areas that are less visible or observing the patient more closely in communal areas whilst reiterating guidance and acceptable use standards to them.

Following the MDT, where a breach of a patient or colleagues’ privacy is suspected, colleagues must:

  • discuss their concerns with the trust’s information governance, security and safeguarding teams
  • contact the police for further advice where a crime is suspected
  • where no crime is suspected, instruct the patient to delete any recorded media from the mobile device. This should be witnessed by a registered professional and documented in the EPR

Where content is found online and there is uncertainty of the source or the patient is no longer in the care of the trust, colleagues should raise this with their line manager and seek advice from the Information Governance, Security and Safeguarding teams accordingly.

Further guidance for consideration can be found at The Office of Communications (OFCOM) (opens in new window).

4.7 Charging devices

Charging of devices is to be limited to a designated area specified by the ward management team. To limit the risk of a device being removed without permission, or cables being used as a potential ligature, the area should always be locked.

To reduce the risk of fire, all chargers used must be brand certified (the original brand) and subject to portable appliance testing (PAT) prior to use in line with the trust electrical systems policy.

Patients should be advised to approach colleagues to arrange charging of their device.

4.8 Access to ward devices

Where a patient does not have a mobile device, connectivity, or sufficient data or airtime; colleagues will support patients with access to a phone and a private space (where clinically appropriate) where they can contact families, carers and support networks and relevant professionals.

Wards also have access to tablet devices to support video calls and web browsing where appropriate.

4.9 Visitors

All visitors must be made aware of the trust expectations regarding the use of mobile devices, the internet, social media, and digital content. Any visitor in breach of these expectations will be asked to stop and delete any inappropriate content in the first instance.

If a visitor refuses to comply with any these requests, they should be asked to immediately leave the premises. The offending visitors’ rights will be suspended until an MDT can be convened and a decision regarding future visitations reached.

If a crime is suspected, colleagues should contact the police for advice.

4.10 Loss or damage to devices

All property should be manged in line with the trusts patients’ monies and property procedure including a disclaimer form for any property retained by the patient.

However, there may be occasions where the patient indicates that they wish to make a claim for loss of property or expenses incurred. Any such claims should be managed in line with the trusts claims handling policy (management of clinical negligence claims, employer or public liability claims, property expense scheme claims).

4.11 Incident reporting

Any breech of this SOP must be reported via the trust’s incident reporting system.

5 Support and advice

There is no specific training related to this SOP. However, there are elements relating to the appropriate use and management of mobile devices that will be covered in information governance (staff access only) (opens in new window) (IG), human resources (staff access only) (opens in new window), security and RRI training and guidance (opens in new window) (staff access only). In addition, colleagues should seek support via their line management structures,  IT Helpdesk (staff access only) (opens in new window), chief nurse information officer (CNIO) and chief clinical information officer (CCIO).

6 Appendices

6.1 Appendix A Care plan

6.2 Appendix B Patient leaflet

  • Financial scams, do not give out personal or bank details or financial details.
  • Gambling apps or websites, do not give out personal details such as mobile number, email, social media accounts. Do not allow others to use your mobile device.
  • Grooming, be aware if using dating apps or social media as not everyone is who they say they are and people may set up fake profiles.
  • Mate and Hate crime, do not give out personal details such as mobile number, email, social media accounts. Do not allow others to use your mobile device.
  • Cyberbullying, be aware when using social media or online gaming or dating apps.

6.3 Appendix C Mobile device posters


Document control

  • Version: 4.1.
  • Unique reference number: 17.
  • Approved by: Clinical policy review and approval group.
  • Date approved: 5 January 2024.
  • Name of originator or author: Chief nursing information officer.
  • Name of responsible individual: Chief nurse.
  • Date issued: 21 May 2024 (minor amendment).
  • Review date: 31 January 2027.
  • Target audience: Inpatient and community settings.
  • Description of change: Section 4 link updated.

Page last reviewed: October 29, 2024
Next review due: October 29, 2025

Problem with this page?

Please tell us about any problems you have found with this web page.

Do not include personal or medical information in your message. For example, your name, NHS number, date of birth or medical history.