Social media has changed the way the world communicates.
In the medical community, social media adoption has come with inevitable data breaches and ethical issues— many of which could have been avoided.
In one recent case, a nurse at New York Presbyterian Hospital was fired from her job after she posted a photo to Instagram of the aftermath of an empty trauma room following the treatment of a man hit by a subway train. She was fired for insensitivity.
If employees were better educated about the potential HIPAA and ethical pitfalls, they could avoid violations. That’s why it’s critical that physicians protect their practice by creating a strong social media policy.
4 Tips for Creating a Strong Social Media Policy
How can physicians navigate through these potential legal minefields? The best way to avoid liability is to have a clear, widely distributed social media policy that specifically addresses the use of social media sites both on and off the job.
Here are four tips for disseminating your practice’s policies on social media:
- Extend existing privacy policies to explicitly include the use of social media sites and other Internet activities such as blogging, and clearly state that company policies apply to both on- and off-duty use of social networking sites.
- Include specific examples of the kinds of statements on social media sites that could run afoul of HIPAA, and emphasize how even small, seemingly innocuous disclosures can constitute HIPAA privacy rule violations.
- Distribute social media policies, both as a part of employment manuals and separately as stand-alone policies. Consider doing this on your practice’s internal computer network systems as well.
Require employees to acknowledge receiving and reading these policies, and periodically remind them — for example, through workplace postings and email notices — of the risks involved with using social media sites, as well as their personal responsibilities to abide by the letter and spirit of the policies. Review these policies annually and with each new employee.
A clear, well-defined, and widely disseminated social networking policy that emphasizes compliance responsibilities during both work and non-work hours, and covers both office and personal computer systems, phones, and any other devices with access to the Internet, is your most effective weapon against liability for employee misuse of social networking sites.