Readers Write: Stuff Doctors Leave on Workstations in the Doctor’s Lounge Late at Night (And Other Times)
Stuff Doctors Leave on Workstations in the Doctor’s Lounge Late at Night (And Other Times)
The image above caught my eye when I sat down at a workstation in the doctor’s lounge. I bet whoever left it there thought he or she was making a completely anonymous search, though I could see everything, including visited hyperlinks. We do try to teach our medical staff about using shared workstations, but there is a strong feeling of anonymity even as we are told there is no privacy at work.
One of our gastroenterologists is unhappy with his current employment, at least as judged by the number of versions of his CV on various workstations, complete with cover letters to other institutions. I don’t know whether he is unaware his CV and job hunt letters are on not only one, but multiple workstations, or if he is making a not-so-subtle statement about his job satisfaction to his current employers. I have also seen bankruptcy documents, child custody agreements, wrong-headed letters of complaint to Audi dealerships, and adorable pictures of kids dressed up for prom.
If you think you can’t be tracked and you are not leaving a trail of the most personal information on semi-public workstations, you are probably wrong. In 1997, a graduate student was able to identify Massachusetts Governor William Weld’s health information — even though the state medical database was supposedly de-identified — by correlating the elements of the medical database with voter registration rolls in Cambridge. Although this was probably a fluke, re-identification in a doctor’s lounge might be easier.
We do try to clean up the desktop screens of hospital workstations, mostly so it is easy to find the icons that we want to be found. In a parallel effort to raise awareness about not leaving personal (sometimes very personal) information on workstations through saved files and browser histories, I collected a little data.
The doctor’s lounges require keycard access, so the workstations in there are used almost exclusively by physicians. The information I gathered came from the histories of Internet Explorer (purged every couple of days) and other browsers (Chrome and Firefox) installed by users as non-administrators. With those disclosures, here is a sampling of what doctors look at, at work.
There were 1,052 entries over three days. The first thing to notice is the complete absence of porn. Overall, searches were at worst only mildly embarrassing, with nothing to trigger HR’s attention.
Forty-eight percent of visits were to a practice portal or billing system, 21 percent were to sports sites (cricket scores beating football scores, which either speaks to our physician demographics or penetration of the ESPN mobile app), and 13 percent were visits to medical sites (UpToDate and Medscape being the most common.) The remainder were visits to Google and foreign language and news sites that reflected our demographics.
There were a few visits to the county probate court, checking on malpractice and divorce cases (the search terms are displayed if you reopen the window from the history). One person Googled, “I have water coming into my basement right now.” I know it was a she since she discussed night call plumber’s fees at lunch the following day.
I could also identify my plumber-needing friend by her search history. Users leave sequences in their histories like <foreign language site><another site><same foreign language site>, narrowing the presumptive visitors to just the doctors who speak that language. Also, site visits bracketed by practice EMR portal visits linked the sites in between to specific individuals if you look at the call schedule. The call schedule will generally narrow down the potential users to just one.
Overall, I estimate about 40 percent of the browser history in doctor’s lounges can be associated with a specific person. This is an estimate since I only asked a few directly. The message is that even an otherwise anonymous Google search can probably be linked directly back to a hospital user, even by non-administrators, so surf accordingly.