Issue link: http://viewer.e-digitaledition.com/i/348641
S OCIAL NETWORKING SITES can be great resources for connecting with colleagues, venting after a long, stressful day at the hospital, or obtaining validation in the way of "likes" or retweets. However, the risk of bad social networking habits in your professional life can lead to more than removal from your friends' newsfeeds. As I'm sure you know all too well, HIPAA and many state privacy laws prohibit healthcare providers from disclosing patient information without proper patient authori- zation. Placed in the context of social media, this means posting something seemingly harmless without someone's consent — such as a picture of a shocking condition or a status update venting about a difficult patient — may be in violation of HIPAA or other state privacy laws and subject to fines and other penalties. In addition, news stories or lawsuits regarding the breach of confidential information through social media can tarnish a provider's reputation and create enough bad press to last until the next social media revolution. Although you may believe you are omit- ting any identifying patient information in the post, clinical details could certainly be enough to violate HIPAA. As a rule, healthcare professionals should not use social media to share any health information that could be linked to an individual patient, including names, pictures and physical descriptions. Remember, though, that information protected by HIPAA includes anything that can be used to identify a patient. Personal health information is really only safe when it is stripped of 18 particular identifiers including the catch-all, "any other unique identifying number, characteristic or code." While posting a picture of a gunshot wound or an X-ray may seem compliant, A Proactive Approach to Social Networking Can Prevent Privacy Breaches the uniqueness of the situation could be enough to allow someone in your social network to reasonably identify the patient. For example, as recently as March 2014, a slew of firings and reprimands followed when a provider posted a photograph of the emergency room, which portrayed but did not identify potential patients, to a social media site. In another case of posting before thinking, an OB/GYN and hospital received much criticism after the physician asked her social media network if she could show up late to a patient's delivery when the patient had been late for all of her previous appoint- ments. The post included medical history and alluded to the time of the baby's birth. With all the potential risk involved, taking a proactive approach to ensuring your employees, contractors and agents aren't violating privacy laws with the unfet- tered use of social media is encouraged. You can do this through the creation and implementation of a social media policy. A worthwhile social media policy should clearly delineate expectations of employees' use of social media, especially where they may even tangentially or remotely relate to patient care. Consistent and regular training can ensure that the policy stays current in the face of evolving social media trends and developments — and stays mentally relevant to busy healthcare providers. Defined ramifications for policy violations require serious consideration by employees before posting to a social networking site. Encouraging staff to report those who violate the social media policy will increase the organization's ability to monitor, even if passively, the social media activity of their employees. Having a clear policy that is frequently reviewed for applicability and consistently refreshed with staff allows institutions and employers to actively manage risk associated with HIPAA and privacy law violations, as well as affirmatively prevent the bad press associated with a lawsuit for privacy violations. Healthcare attorney Anne P. Schmidt is based out of the Philadelphia office of Burns White and represents clients throughout Pennsylvania. Schmidt concentrates her practice on defending hospitals, physicians and long-term-care facilities against professional and general liability claims. She can be reached at apschmidt@burnswhite.com. n +++++++++++++ +++ + +++ + +++++++++++++ LEGAL By Anne P. Schmidt M D N E W S . CO M n MD NEWS Eastern Pennsylvania/NW New Jersey | 5