Protecting Patient Privacy and Security with Your Online Presence
One factor which has tended to make dermatologists and dermatological physicians assistants wary of building an online presence through social media the Health Insurance Portability and Accountability Act (HIPPA). Passed in 1996, HIPPA includes provisions which protect the privacy and security of personal health information.
The privacy and security rules protect information related to a patient’s physical or mental health or condition, the provision of health care to that patient, and the patient’s payment for health care. Specifically, any information which could reasonably be believed to be used to identify a patient is protected by HIPAA.
The US Department of Health & Human Services Office for Civil Rights is responsible for enforcing HIPAA regulations.
Some health care professionals have failed to protect their patients’ rights under HIPAA, and have been found in violation. Other practices and providers have used the potential liability under HIPAA regulations to defer building an online presence, and to restrict or block employee access to social networks.
Some practices have recognized the potential benefits of a strong, professional online presence, and have taken practical steps to develop a healthy approach to social media.
For example, health care practices have developed social media strategies and policies which protect patient privacy and security, and which specifically address the HIPAA protections. These policies work together with other efforts to educate and remind health care professionals about the need to protect patient privacy and security. They are also effective tools to remind health care professionals of the potential challenges of social media, whether they are in a professional setting, on their own personal computer, or on a phone with internet access.
In the long run, your practice will be better served by intentional policies and strategies that establish your desired online presence, rather than either an “anything goes” or “nothing allowed” approach.
Does your practice have a social media policy? What steps do you take to monitor your policy? Does your policy directly address privacy concerns? Tell us about it.
[image by Sean MacEntee]