Examples of HIPAA Violations on Social Media
Inappropriate social media conduct can lead to tomorrow’s headlines. Here are a few examples of HIPAA violations on social media:- Two nurses take photos of x-rays of a patient who was admitted to the emergency room with an object lodged in his body. At least one nurse posts and discusses it on her Facebook page.
- A medic posts a photo and other personal health information via social media, disclosing a celebrity’s treatment details.
- An employee of a gynecologist vents her frustrations on her online blog, ridiculing the patients giving birth. Although the employee did not use patient names or any other identifying information in her post, two of the patients recognized themselves in the blog due to the detailed nature of the post and filed HIPAA complaints against the doctor and the practice.
Challenges with HIPAA and Social Media
While social media can benefit health care in a variety of ways, it poses new dilemmas and liability concerns for health care professionals and institutions alike. Information sharing or a breach of confidentiality that violates the Health Insurance Portability and Accountability Act of 1996 (HIPAA) can result in damaged reputations, hefty fines, civil liability to patients, job loss, disciplinary action by state licensing boards, and even criminal investigations and sanctions.
Patient Privacy Rights
Patients have a right to expect that their personal medical information is kept private. Too often, health care professionals unintentionally violate patient privacy when discussing their day or an unusual healthcare case they witnessed. Time and again, such missteps can be attributed to a lack of training. Every workforce member is required to have a working knowledge of the foundational privacy and security regulations issued under HIPAA. And they must be continually reminded of organizational policies, expected standards of conduct and their own ethical and legal obligation to maintain patient privacy and confidentiality at all times.
Preventing Social Media HIPAA Violations
Ongoing Training + Effective Policies and Guidance = Employee Awareness and Caution
This simple equation can help you avoid issues and maintain HIPAA compliance. Improving your organizational policies and employee education doesn’t have to be the daunting task it might appear to be. With outside help from Stericycle, you can overcome this challenge. Stericycle’s popular educational webinars and its Steri•SafeSM HIPAA training provide employees with a knowledge of the risks associated with social media use, and in everyday interactions with patients