Protecting patient information on mobile devices when crossing international borders
In brief
- Border agents can inspect business information, including medical records stored electronically on a mobile device (such as a smartphone, laptop, USB drive, or tablet).
- The CMPA encourages physicians who travel across international borders to consider whether their devices contain identifiable patient information.
- Any confidential information that is not required during the trip should be removed from devices, even if the information or the device is password-protected and encrypted.
- Keep your mobile devices in airplane mode when submitting to a border search.
Travel to international destinations
Border agents in all countries have the right to search travellers and their belongings. Their goal is to identify and prevent terrorist activity, financial and commercial crimes, child pornography, and immigration offences.
Since travellers now routinely carry mobile devices including smartphones, USB drives, tablets, and laptops, border agents are expanding searches to include these devices. Searches may include inspection of the physical device for evidence such as compartments that may be used for smuggling. Travellers might also be required to allow border agents access to information stored on devices, including electronic documents, emails, and contacts.
Travel to the United States
Authority to search mobile devices
In January 2018, United States Custom and Border Protection (USCBP) issued a directive for searches of mobile devices. Although the authority to search travellers’ mobile devices is not new, this directive generated attention when it came into force. This was, in part, due to the broad implications on the disclosure to government border agents of sensitive information subject to doctor-patient confidentiality and solicitor-client privilege.
The directive confirms that USCBP agents can conduct a routine, non-invasive search, without a warrant or reasonable suspicion, of the information accessible on a traveller’s mobile device. Although the directive states that medical information and other possibly sensitive information will be handled "in accordance with any applicable federal law and policy," it does not preclude a search of the device and the information stored on it or seizure of the device by the government.
Without additional grounds and authority, USCBP agents conducting routine searches cannot intentionally access information stored only remotely. For example, medical records accessible on a mobile device only through a remote server and not stored on the device itself should not be subject to search by border agents in the normal course. To prevent inadvertent or unauthorized access to such confidential information, the border agent should ask you to disable network connectivity or put the device into airplane mode. If not expressly asked, you should do so before submitting to a search.
Searches that are more extensive can be conducted only if the border agent has reasonable grounds to suspect illegal activity or a national security concern. An advanced search often involves connecting external equipment to the mobile device to review, copy, and analyze its contents. Border agents may seize the device for a potentially significant period to perform an advanced search, although the directive states that detention should not ordinarily exceed five days.
When the inspection is complete and no further action is being taken, USCBP must destroy copies of any information taken from a device and return the device to the owner.
Password and encryption
If asked, you are obligated to give border agents your device and the information stored on it in a condition that allows the agent to search it. If the device is password-protected or encrypted, you may be required to give the agent the password or the encryption key, or both. Agents can also demand passwords for applications on the device, which may allow them to access your social media accounts and emails.
The agent must delete passwords and encryption keys obtained during a search once they are no longer required for that purpose.
If you fail to cooperate with border agents, they could seize the device and refuse you entry into the country.
Privacy breach notification
Border searches raise complex legal issues, including whether the physician’s local privacy commissioner, College, or patients should be notified of the search. Members are encouraged to contact the CMPA to discuss possible notification requirements when identifiable patient information is accessed during a border search.
