27 August 2018
Complying with Health Insurance Portability and Accountability Act (HIPAA) regulations has always been challenging, however the advent of social media has added another layer of complexity. Since anyone can “post,” “tweet,” “like” or “comment” about any topic, there is an increased risk of inadvertent HIPAA violations on social media or sensitive information leaks if staff members inappropriately interact with social media sites. For example, there was a case where a few nurses were fired for discussing their patients on social media.
Despite the dangers these venues present, nearly half of health care organizations lack a social media policy, according to iHealthTran.com, which puts them at risk for compliance shortfalls and security breaches.
To ensure your HIPAA policies take social media use into account, consider the following three tactics:
Health care organizations should appoint a subject matter expert (SME) to periodically review their HIPAA social media policies to ensure they remain current. Depending on the organization, the SME may be an internal resource or an outside HIPAA expert. Either way, if policies are deficient regarding social media, then it is critical that they be amended as soon as possible.
Within HIPAA social media guidelines, organizations should detail how staff access and interact with social media sites. The good news is organizations don’t have to craft these policies alone: they can turn to outside resources to identify and adapt the appropriate verbiage.
Although organizations should offer HIPAA training annually and during orientation, it is a good idea to host a specific training focused on social media use. This education session should cover things like how to preserve patient privacy and information security while using social media: the risks for improper use; and the role staff play in keeping information safe. If needed, partner with an outside resource to help with training, providing interactive and informative online resources that ensure staff fully appreciate the part they play.
The use of social media has exploded in the past five years, and it shows no signs of stopping. Organizations need to understand the proper ways to use these tools and ensure their HIPAA policies reflect those strategies. Learn more about how Stericycle can help your facility manage HIPAA compliance.
Interested in Our Solutions? We Can Help
Sign up to receive Stericycle’s latest news, tips and offers to help your business remain compliant
Which solution interests you?