The use of social media is pervasive and constant; everyone is using it all the time. Your hospital employees are no exception to this statistical reality, regardless of however Draconian your prohibition on the use of social media may be. Blame it on technology that lets us tweet and Facebook with our friends anytime, anywhere. Blame it on an insatiable thirst for real-time information and a desire to stay connected. Whatever you do, deal with it.
Recently I attended a top-notch forum on the use of social media in healthcare. It offered an impressive array of digital leaders in healthcare. During questions and answers, I asked one of the panelists, the head of social media for a major university hospital, if the hospital provided social media training for its physicians. The answer? “No, because we only have a few of them who use it.” The moderator quickly moved on to the next question.
Remember that Even a Single Employee Social Media Misstep Can Damage Your Brand – And Cost You Talent
If we are lucky, we learn by our mistakes. If we are luckier, we learn by the mistakes of others. (That phrase just came to my mind. Nonetheless, I cannot imagine that I am the first to use it. So, please allow me to give credit to whoever may have used it first!)
Not long ago, it was reported that a physician at a Rhode Island hospital was fined by the State’s medical board and fired by her hospital after it was discovered that she had posted information on her personal Facebook page about a trauma patient’s injuries. The doctor had not mentioned the patient’s name or any information about where the patient was from. Additionally, no one seemed to question the notion that the physician had shared the information for anything other than a constructive purpose.
What was the doctor’s offense then, given the facts that she had not mentioned the patient’s name or where the patient was from, or had done anything other than attempt to share constructive information about her medical practice? The state medical review board concluded that the information the doctor provided in her Facebook post about the patient’s injuries could have been pieced together with other publically-available information to uncover the patient’s identity, a violation of law that prohibits the release of any individually identifiable health information.
The physician’s case was the state medical board’s first reported disciplinary action involving a physician use of social media. Despite the story receiving extensive coverage in both traditional media and new media it seems that the story, or its lessons, were missed by some.
Responsible HIPAA Training Must Cover the Use of Social Media
A medical center or doctor’s office can’t inoculate itself completely against social media missteps by employees. They can, however, through clear social medical guidelines and training make it far less likely that such missteps will occur. Hospitals and medical practices owe it to their staff and patients to provide both. For greatest effectiveness, social media training should be weaved into training that covers patient information confidentiality.
Small medical practices and large medical institutions are equally covered by HIPAA, a federal law prohibiting the disclosure of “individually identifiable health information” without a patient’s informed consent. It is a law that all medical professionals are trained in and cautioned about. It is a law that provides for financial, license and even criminal sanctions. Unfortunately, understanding how the parameters of the law apply to social media is topic usually given too little attention. As a consequence, reports of nurses or other medical staffers being fired or reprimanded for social media missteps are not uncommon. It would be far better for medical centers to invest in social media policies and training rather than bearing the costs of cleaning up after preventable social media crises.
Sometimes the Smartest People Make the Biggest Mistakes
Few understand the importance of patient confidentiality better than physicians who begin their studies by being reminded that it is one of the core principles enshrined in the Hippocratic Oath. Despite this, without social media guidelines and training, even physicians are susceptible to straying from what are in new media less-than-clear lines. When they do, the consequences can be severe.
Who is to more to blame when a confidentiality breach occurs in medical employees private social media account? The employee who unintentionally released individually-identifiable health information or the institution that failed to provide clear guidelines or training on acceptable social media conduct? The greater question is how medical organizations might take the lessons of the unfortunate social media missteps of others to better protect patient confidentiality and promote more responsible employee conduct.
Don’t Let Smart Employees with Smart Phones Make Dumb Mistakes
All it takes to damage the reputation of your organization is a smart employee with a smart phone who makes a dumb mistake. Up-to-date social media policies and training work to prevent and minimize social media missteps. Missteps will always occur when we inject the human factor. However, without clear social media training and guidelines, the fault for such missteps must be shared by the organization itself and the frequency of such incidences will be far more common.
Social Media Guidelines – Your First Line of Defense
Clear social media guidelines are the first line of defense in preventing a social media crisis from occurring. They are, however, unlikely to be read or successfully understood unless they are accompanied by training that provides for some hands on experience and real-world case studies. Hospital and medical practices: do yourself and your patients a favor by prescribing both to all of your employees!
Glen may be found sharing social media tips at:
- Social Media Law on Google+