Considerations for protecting patient information on mobile devices when crossing international borders
Anyone travelling internationally knows that border agents are increasingly thorough and intrusive when searching passengers and their belongings. In addition to searches of your personal effects, border agents can also inspect business information, including medical records, in your briefcase or stored electronically on your laptop. You considered this possibility when deciding on the papers to bring with you and the information downloaded to your laptop, but did you consider the information stored on your mobile devices such as your smartphone or tablet?
Border agents generally have broad powers to search the mobile devices of travellers. It does not matter that the device contains confidential information, such as identifiable patient information, or is password-protected or encrypted. As mobile devices become commonplace in delivering patient care, they can contain confidential information that border agents could access, raising concerns about patient privacy.
Considering the recent increase in searches of mobile devices by United States Custom and Border Protection (USCBP), the CMPA encourages its members who travel across international borders to consider whether their devices contain identifiable patient information. Any confidential information that is not required during the trip should be removed from these devices, even if the information or the device is password-protected or encrypted.
Travelling to international destinations
Although Canadians tend to focus their attention on searches when entering the United States, border agents in all countries have the right to search travellers and their belongings before being allowed into the country. Border agents generally have broad discretion and authority to search individuals and anything accompanying them into the country. The goal is to identify and prevent crimes such as terrorist activity, child pornography, and immigration offences.
Since travellers now routinely carry mobile devices including smartphones, tablets, and laptops, border agents are expanding their routine searches to include these devices. Searches may include inspection of the physical device for evidence such as compartments that may be used for smuggling. Travellers might also be required to allow border agents access to information stored on devices, including electronic documents, emails, and contacts.
Travelling to the United States
Searches of mobile devices when entering the United States are increasing. In 2016, United States Custom and Border Protection (USCBP) conducted 19,051 searches of mobile devices accompanying travellers. In 2017, this figure increased significantly to 30,200.1
Authority to search mobile devices
In January 2018, USCBP issued a directive for searches of mobile devices.2 Although the authority to search travellers’ mobile devices is not new, this detailed new directive generated extensive attention. That is, in part, because of the broad implications on the disclosure to government border agents of sensitive information subject to doctor-patient confidentiality and solicitor-client privilege.
The directive confirms that USCBP agents can conduct a routine, non-invasive search, without a warrant or reasonable suspicion, of the information accessible on a traveller’s mobile device. Although the directive states that medical information and other possibly sensitive information will be handled "in accordance with any applicable federal law and [USCBP] policy,"2 it does not preclude a search of the device and the information stored on it or seizure of the device or information by the government.
Without additional grounds and authority, USCBP agents conducting routine searches cannot intentionally access information stored only remotely. For example, medical records accessible on a mobile device only through a remote server and not stored on the device itself should not be subject to search by border agents in the normal course. To prevent inadvertent or unauthorized access to such confidential information, the border agent should ask you to disable network connectivity or put the device into airplane mode. If not expressly asked, you should do so before submitting to a search.
Searches that are more extensive can be conducted only if the border agent has reasonable grounds to suspect illegal activity or a national security concern. An advanced search often involves connecting external equipment to the mobile device to review, copy, and analyze its contents. Border agents may seize the device for a potentially significant period to perform an advanced search.
When the inspection is complete and no further action is being taken, USCBP must destroy copies of any information taken from a device and return the device to the owner.
Password and encryption
If asked, you are obligated to give the border agents your device and the information stored on it in a condition that allows the agent to search it. If the device is password-protected or encrypted, you may be required to give the agent the password or the encryption key, or both. Agents can also demand passwords for applications on the device, which may allow them to access your social media accounts and emails.
The agent must delete passwords and encryption keys obtained during a search once they are no longer required for that purpose.
If you fail to cooperate with border agents, they could seize the device and refuse you entry into the country.
Privacy breach notification
Are you required to notify your local privacy commissioner, College, or patients if border agents accessed identifiable personal health information during a search? Because border searches raise complex legal issues, that question has no easy answer. Members are encouraged to remove any identifiable patient information from their devices when travelling internationally and to contact the CMPA to discuss possible notification requirements when identifiable patient information is accessed during a border search.
When advising members on notification requirements, the CMPA will consider the facts of each case, including the circumstances of the search, the nature of the information accessed by border agents, and the applicable law(s) including the scope of any notification obligation.
Although the search likely occurred outside of Canada, provincial, territorial, or federal privacy laws regarding notification may still apply. Some of these laws may require custodians of personal health information to notify regulators, or patients, or both if identifiable personal health information has been disclosed without consent and where not otherwise permitted under the applicable legislation.
The bottom line
- Avoid, if possible, bringing unnecessary, identifiable patient information with you when travelling across international borders, including on your mobile devices.
- Keep your mobile devices in airplane mode when submitting to a border search.
- Comply when border agents ask you to provide passwords or encryption keys.
- Contact the CMPA if a border agent has accessed identifiable patient information.
- Department of Homeland Security [Internet]. Washington: United States Customs and Border Protection; 2018 Jan 5. CBP Releases Updated Border Search of Electronic Device Directive and FY17 Statistics [cited 2018 April 23]. Available from: https://www.cbp.gov/newsroom/national-media-release/cbp-releases-updated-border-search-electronic-device-directive-and.
- Department of Homeland Security [Internet]. Washington: United States Customs and Border Protection; 2018 Jan 4. CBP Directive No. 3340-049A, Border search of electronic devices [cited 2018 April 23]. Available from: https://www.cbp.gov/document/directives/cbp-directive-no-3340-049a-border-search-electronic-devices.