Thanks for printing!  Don't forget to come back to Healthcare Compliance Pros for fresh articles!

HIPAA and Social Networking Conflicts

Some healthcare organizations are using social networks (e.g., Facebook ,Twitter and Myspace), some not, but either way it is a good bet your employees are using these sites to connect with and expand their social networks. That can become a huge problem!

Employees who are used to flashing every aspect of their lives online are very likely to discuss work online as well. Social network sites create a huge risk for HIPAA violations, and also for employee problems. HIPAA is 24/7!

There have recently been HIPAA violations occurring on these popular Internet sites. Retaining control of employee use of social networks is becoming increasingly difficult because healthcare workers access them on personal time away from work.

We encourage you to generally prohibit your employees from including any information about patients on their social network pages, even if patients have given them permission to do so. We also encourage you to prohibit your employees from linking to a patient’s social network page where the relationship is strictly professional. We encourage you to prohibit your employees from accessing these social networking pages while at work using your office computer.

Individuals are free to disclose any information they choose on their social network pages, including their PHI. However, you should be sensitive about your employees linking to these pages at work because of the appearance of impropriety and the distinct possibility of a HIPAA violation.

No, you cannot control your employee’s lives, EXCEPT as it relates to work.

Return to the Home Page