Facebook, Twitter, and Instagram, Oh My! How to Ensure HIPAA Compliance in An Era of Rapidly Developing Social Media

Similar documents
Social Media IUSM-GME-PO-0031

University Social Media Accounts

What is Social Networking?

What is Social Networking?

Membership Application February 2013

806 ADVERSE EMPLOYMENT ACTIONS AND OFF-DUTY CONDUCT

Telecommuting Policy - SAMPLE

Illinois State Credit Union Scholarship Program

PURDUE UNIVERSITY WEST LAFAYETTE, INDIANA SCHOOL OF NURSING STUDENT DRUG TESTING POLICY PRIOR TO PARTICIPATION IN CLINICAL ACTIVITIES

EMPLOYEES, SOCIAL MEDIA, SMARTPHONES, TABLETS: LEGAL ISSUES FOR EMPLOYERS

What Employers Need to Know about the New NLRB

BROOKS RUNNING MEDALIST PHOTO CONTEST CONTEST OFFICIAL RULES

HEALTH CARE RIGHTS AND TRANSGENDER PEOPLE Updated August 2012

SOCIAL MEDIA: REPUTATION MANAGEMENT November 9, 2017

Employ Florida Marketplace Terms and Conditions Governing your access and use of the Employ Florida Marketplace (EFM)

TODAY S WEBINAR Ebola and the Law: What Hospitals Can Do Now to Prepare

NOTICE OF PRIVACY PRACTICES

Ethics for Professionals Counselors

CAPITAL SURGEONS GROUP, PLLC

Advanced HIPAA Communications and University Relations

There are three (3) different ways to submit your photo:

MCCP Online Orientation

Session 403 -Video Surveillance and the Senior Housing Provider

THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH

EMS and the Law: How to Protect Yourself from Medical Negligence Claims and other Legal Considerations. Julia A. Rush, J.D.

SEATTLE ART MUSEUM #SummerAtSAM PHOTO CONTEST OFFICIAL RULES

JOINT NOTICE OF PRIVACY PRACTICES

Important: Please read these rules before entering this contest (the "Contest").

Rhode Island College Club Sports Emergency Information Form

Mandatory Reporting Requirements: The Elderly Rhode Island

Mutual Respect Policy

Policy 3.19 Workplace Violence and Threat Assessment Team

If you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at

Labor Law & NLRB Update NHRMA 2017

San Diego State University Police Department San Diego State University CA Policy Manual

Google Impact Challenge: US OFFICIAL RULES

The EU GDPR: Implications for U.S. Universities and Academic Medical Centers

A Guide for Students

Internship Application Student Teacher Acceptance

I. PURPOSE DEFINITIONS. Page 1 of 5

STANDARDS OF CONDUCT SCH

Workplace Violence & Harassment Policy Final Draft August 3, 2016 Date Approved October 1, 2016

ARTICLE 27 GRIEVANCE PROCEDURE

Google Impact Challenge: SOUTH AFRICA OFFICIAL RULES

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

INTRODUCTION GENERAL PRINCIPLES

HIPAA Privacy Test Overview

NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM

Southend SCITT Code of Conduct Agreement

The American Board of Plastic Surgery, Inc.

Singapore Healthcare Management Congress 2012

Pace Intellectual Property, Sports & Entertainment Law Forum

Family Based Treatment Therapist Certification Program

NOTICE OF PRIVACY PRACTICES

SEXUAL ABUSE PREVENTION PROGRAM

NOTICE OF PRIVACY PRACTICES

Disclosure Statement & Policies

NOTICE OF PRIVACY PRACTICES

OFFICE OF THE GENERAL COUNSEL. MEMORANDUM GC December 1, 2017

Attachment B ORDINANCE NO. 14-

AVE MARIA UNIVERSITY SEXUAL HARASSMENT AND SEXUAL VIOLENCE POLICY

This policy applies to all employees.

OFFICE OF THE GENERAL COUNSEL Division of Operations-Management. MEMORANDUM OM May 21, 2014

Counseling Disclosure Statement

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders

St. Jude Children s Research Hospital. Code of Conduct

Building Your Influence on Social Media. To participate in the Live Polls. Plenary: Building Your Influence on Social Media

ERIE COUNTY MEDICAL CENTER CORPORATION NOTICE OF PRIVACY PRACTICES. Effective Date : April 14, 2003 Revised: August 22, 2016

Ashland Hospital Corporation d/b/a King s Daughters Medical Center Corporate Compliance Handbook

TECHNOLOGY ISSUES CONFRONTING UNIONS AND EMPLOYEES IN THE WORKPLACE

MAIL: 1026 W. El Norte Pkwy PMB 143 Escondido CA PHONE: (800) FAX: (866) WEBSITE:

The Chevron-Marketer Miami-Dade Fuel Your School Promotion Miami-Dade County in Florida

Adventism is blessed with a group of dedicated lay people

Title 5: ADMINISTRATIVE PROCEDURES AND SERVICES

VOLUNTEER APPLICATION

STANDARDS OF CONDUCT A MESSAGE FROM THE CHANCELLOR INTRODUCTION COMPLIANCE WITH THE LAW RESEARCH AND SCIENTIFIC INTEGRITY CONFLICTS OF INTEREST

Southwest Acupuncture College /PWFNCFS

Critical Access Hospitals & Compliance Programs. Gregory N. Etzel, Esq. B. Scott McBride, Esq. Health Industry Group Vinson & Elkins LLP

1.04 Patient Rights Legislation

HIPAA Privacy & Security

Policy 629. Education Programs. Student Fundraising. I. Purpose

NOTICE OF PRIVACY PRACTICES

Susan Busler & Judi Peters Polk County 4-H Youth Development

Policies and Procedures for Discipline, Administrative Action and Appeals

NOTICE OF PRIVACY PRACTICES

RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM. I,, have received a copy of Dr. Andy Hand s Notice of Privacy Practice.

Mental. Health. Court. Handbook

ADV Advertising and Social Media

PREA AUDIT: AUDITOR S SUMMARY REPORT 1 COMMUNITY CONFINEMENT FACILITIES

Fujifilm Honor Your Favorite Servicemen and Women Photo Sweepstakes Official Consumer Sweepstakes Rules

Health-Related Website and Social Media Platform Services

Mandatory Reporting Requirements: The Elderly California

PATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES

THE GENERAL ASSEMBLY OF PENNSYLVANIA HOUSE BILL

Advocate Policy Handbook

S 2734 S T A T E O F R H O D E I S L A N D

Alignment. Alignment Healthcare

NLRB v. Community Medical Center

LIVING WORD CHRISTIAN SCHOOL CODE OF ETHICS

Transcription:

Facebook, Twitter, and Instagram, Oh My! How to Ensure HIPAA Compliance in An Era of Rapidly Developing Social Media Jeana M. Singleton, Esq. Brennan, Manna & Diamond

Social Media Web-based platforms whereby users communicate, network, and share user created content with others participating in the platform Facebook, Twitter, Instagram, YouTube, LinkedIn, Foursquare, Yelp, Tumblr, blogs, user comments 2

Social Media Use In The Healthcare Industry 3

Social Media Commonly used for marketing purposes - many hospitals now have their own Facebook or Twitter pages Used in recruiting LinkedIn Employers often look at social media pages of job applicants 4

Increased Use of Health Care Social Media Maps of Social Media Utilization for Hospitals Adjusted by Bed Count: November 2014 Source: http://www.jmir.org/2014/11/e264 5

Increased Use of Health Care Social Media Of 3,371 U.S. hospitals surveyed for a Journal of Medical Internet Research November 2014 Publication: 95% of hospitals have a Facebook page 50% of hospitals have a Twitter page Of 64 Ohio health care organizations surveyed for the Mayo Clinic Social Media List as of January 2016: 69% use Facebook 64% use Twitter 41% use YouTube 39% use LinkedIn 13% use a blog 6

Increased Use of Health Care Social Media Source: http://www.solomonmccown.com/2013/09/healthcare-in-the-digital-era/#ygxjr0petft0tfqr.97 7

Patient Confidentiality And Social Media 8

HIPAA Health care providers must keep a patient s individually identifiable health information confidential, except in specific circumstances when disclosure is allowed. 9

Social Media Use Can Violate HIPAA HIPAA violation occurred when grief counselor helped establish a Facebook group with teens. Counselor s involvement amounted to HIPAA violation, even though teens could have started the group on their own. 10

Common Problems Discussion of patients through social media: Example 1: Doctor fired and fined by Rhode Island Board of Medicine for posting patient information on Facebook page. Although name was not used, could still identify patient. Example 2: Patient was involved in a crime and ER employee posted patient s health information on Facebook. Example 3: Paramedic posted information on a social media site about a sexual assault victim. Patient filed a lawsuit against the paramedic and the emergency service he worked for due to privacy violations. 11

Common Problems Posting pictures of patients on Facebook an Instagram: Example 1: Hospital workers, including nurses, took pictures of stabbed, dying man, posted on Facebook. Led to firings and suspensions. Example 2: Nursing aide took pictures of elderly patients using bedpans, posted on Facebook. She was sentenced to jail (served 8 days) for invasion of privacy. Example 3: Resident posted picture on Facebook of his suturing technique on patient. Also included summary of patient s health history and medical state in the ER. Resident was disciplined. 12

Healthcare Providers Need To Adopt A Social Media Policy 13

Social Media and Patient Confidentiality Journal of the American Medical Association 2012 survey: Approximately 80% of medical and osteopathic boards surveyed indicated that they had received reports of online violations of patient confidentiality. 14

Nursing School Nightmares Nursing students at a Kansas community college took pictures with a placenta during clinical lab at hospital and posted them on Facebook College dismissed the students from the nursing program Lawsuit ensues due to expulsion without appeals process (due process claim) One of the actual pictures posted on Facebook 15

Nursing School Nightmares U.S. District judge rules that because instructor gave permission to take picture, there was implicit permission to show to others (i.e. post online) No privacy right implicated by placenta College did not have code of conduct relating to taking pictures in learning environment or prohibiting putting photos on Facebook Court reinstates students- appeals process was unfair, were not allowed to argue they had permission. Procedural due process was violated Takeaway: Have clear and concise social media policies in place 16

Social Media Policies And The Law 17

Social Media Policies and Employment Law Recent cases taken up by the National Labor Relations Board (NLRB) for employees fired because of social media Employees right to be protected from employer retaliation when engaging in concerted activity NLRB released guidelines specifically for social media 18

National Labor Relations Act NLRA protects rights of employees: union and non-union Section 7 protects an employee s right to engage in concerted activities for the purpose of mutual aid and protection 19

Concerted Activity Activity by individual employees who are united in the pursuit of a common goal. Action must be engaged with or on the authority of other employees, and not solely by and on behalf of the individual employee Certain concerted activities are protected activities for employees mutual aid or protection or efforts to improve working conditions. Includes scenarios where employees act to initiate group action, and also actions by individual employees bringing group complaints to the attention of management 20

Relation to Social Media Recently, the NLRB has focused on social media cases Various Facebook postings have been held to be protected concerted activity, and provisions of employer s social media policies have been deemed overly broad, and thus prohibited protected conduct in violation of NLRA. Ex: Hospital employee posted negative comments on Facebook about a co-worker s absence and was terminated. NLRB concluded that the hospital s policy provided no specific guidance on what was not allowed (e.g. it didn t describe what was private or confidential relating to any person or entity) and was overly broad in areas (e.g. didn t define broad terms such as what constituted embarrassment by the hospital) without limiting conduct in any way that would exclude protected activity. 21

NLRB Guidance on Social Media Policies Employer policies should not be so sweeping that they prohibit the kinds of activity protected by law, such as the discussion of wages or working conditions among employees. Example policy cannot prohibit making disparaging comments about company through any media or electronic media. This is overly broad, needs limiting language that does not restrict NLRA rights. An employee s comments on social media are generally not protected if they are mere gripes not made in relation to group activity among employees. 22

What should you do? Review policies. Do they broadly restrict social media commentary? Must not restrict discussions relating to an employee s terms and conditions of employment. Specifically outline types of posts that are prohibited. Appropriate training for staff and employees to recognize what is and is not allowed on social media. 23

Suggested Elements of Social Media Policies No use of social media at work No use of patient s name, pictures, videos, or any other identifying information No disparaging patients, even if not identifying them 24

Suggested Elements of Social Media Policies No disclosure of confidential information relating to organization and employees No stating that personal opinions are endorsed by organization No use of company or school logo on personal social media pages want to avoid any appearance that a personal page could be construed as being statements of the institution. 25

American Medical Association Social Media Policy AMA recently issued social media policy Focus on professionalism in the use of social media Separate personal from professional with online presence Encourage patient confidentiality and the use of privacy settings on personal social media accounts to maintain personal and professional privacy Maintain professional boundaries if interacting with patients online 26

LESSONS: Have clear and concise social media policies in place! Define what is and what is not appropriate use of social media by employees/ students. Provide examples. Explicitly state that policy is not intended to interfere with protected activity or infringe upon employee s rights. 27

LESSONS: Prohibit: false or obscene statements, harassing language, discriminatory statements, posting of any patient-related information or discussion of patients in general Include social media in all HIPAA training Monitor social media of employees/ students 28

LESSONS: Prohibit any unauthorized use of data Require employees/students to sign acknowledgment that they have received and read social media policy Explicitly state potential consequences and punishment and consistently enforce policy This will help avoid lawsuits that will hurt your reputation and finances! 29

National Council of State Boards of Nursing Social Media Video 30

QUESTIONS? Jeana Singleton Brennan, Manna & Diamond, LLC 75 East Market Street Akron, Ohio 44308 330-253-2001 jmsingleton@bmdllc.com 31

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback