HIPAA and Social Media can be Problematical

HIPAA and Social Media
Social Media and HIPAA

 

Benefits of Social Media

Social media offers many benefits for health care organizations because it allows interaction with patients and others.  It offers education, and services.  As a result, it is an essential communication and marketing tool and part of strategic marketing plans.  Due to this organizations turn to social media to communicate with their employees. Unfortunately HIPAA and Social Media can be problematical.

Authorization to use PHI

It is possible to violate HIPAA Rules and patient privacy while using social media, if not managed correctly.  Due to this it is important for health care organizations to disclose protected health information carefully.   An organization must do so only with patient authorization for interviews, photographs and marketing communications.

Media Posts May Risk Privacy

Posts of PHI done by employees will violate the HIPAA Rules and result in a reportable breach of PHI. Social media posts are not a permissible use or disclosure of PHI.   The ability to post simultaneously in several platforms increases the risk for an organization. Remember that to de-identify PHI,  all 18 identifiers must be removed.   There must also be low risk it could be used to identify the patient. Facial images, and other identifiers such as tattoos must also be removed.    Learn more.

Preventing HIPAA Privacy Risk

Employees should be trained on the dangers of using social media inappropriately from the very onset of their employment.  Many organizations deal with the issue through development of a social media use policy.   They also monitor social media activity.  If not addressed, HIPAA and Social Media can be problematical.