There are pluses and minuses to social media in the health care industry. One of the biggest drawbacks is the lack of understanding regarding how people use social media not only in the workplace but also when they’re away from work.
A unified communications provider wrote a white paper that highlighted five key legal issues that health care employers must address if they’re going to allow their employees to freely use social media at work.
Privacy – Privacy is tricky. When does an employee have a reasonable expectation of privacy? When sharing videos on YouTube, there is no such expectation unless the employee used the sites privacy settings to limit who could or could not view it. “The key takeaway here is that individuals must be ever mindful of privacy settings and what the corporate policy is for the use of social media tools within the enterprise,” according to the white paper.
Content Ownership – This is another tricky one. Make sure you know the terms of use policies of whatever social media you allow your employees to use. It might be a good idea to forgo posting any kind of intellectual property or other proprietary content on sites like Facebook. That takes us to …
Intellectual Property Infringement – It’s convenient to collaborate and share ideas with colleagues via Facebook, but you have to be incredibly careful about who has access to those collaborations. It’s also important to ensure that employees who participate in the collaboration understand what information they can and cannot share with friends, family or even other employees via social media or any other medium.
Unauthorized Activities – This literally covers a multitude of sins such as harassment, discrimination, unfair competition, defamation, disclosure of confidential information and criminal activity.
Regulatory Compliance – Anyone who works in the health care industry knows about HIPAA and how important it is to comply with the act’s guidelines. If a patient discloses his health issues on his own Facebook page, that’s fine. But if a health care worker discloses the same information on her personal Facebook page or on the health care organization’s Facebook page, that’s not OK, even if the patient isn’t specifically named. If the health care worker provides enough information for a “reasonable” person to deduce who the health care worker is talking about, she’s violated the patient’s privacy and could get into a lot of trouble.
Many regulations “classify posts to Facebook, for example, as a form of electronic communication to be treated no differently than email,”according to the white paper.
There are some who might say that the use of social media in health care should be severely curtailed because of the high potential for mistakes and misuse. Perhaps the real answer is to adapt to this new way of communicating and create guidelines and implement policies and training that would minimize the risk of err or abuse, not to ban social media use altogether.
Do you have security concerns regarding social media in your healthcare organization? Give us a call today and we can help you make sense of all your Healthcare IT security.