Does HIPAA apply to social media?

Does HIPAA apply to social media?

Although HIPAA does not contain any explicit rules regarding social media usage, HIPAA’s privacy protections still apply to social media posts concerning health information. Given the ease by which information can be shared on social media, social media presents unique challenges to HIPAA compliance.

What should you not do on social media HIPAA?

Common examples of social media HIPAA compliance violations include: Posting verbal “gossip” about a patient to unauthorized individuals, even if the name is not disclosed. Sharing of photographs, or any form of PHI without written consent from a patient.

How do we protect patient privacy when using social media?

Ask staff members to sign confidentiality agreements, and maintain a signed copy of the agreement in each employee’s personnel file. When posting content containing patient identifiable information to the organization’s social media sites, ensure patient consent is obtained.

Can I follow a patient on social media?

Health professionals are broadly prohibited from communication over social media if any information shared could be used to identify a patient. Over the past few years, the U.S. Department of Health and Human Services has instituted numerous policies and standards to guide practitioners who use social media.

Is Facebook HIPAA compliant?

Conclusion: Facebook is not HIPAA compliant because it will not sign a BAA. However, covered entities can use it—as long as they do not share any PHI.

How social media is used in healthcare?

Social media provide HCPs with tools to share information, to debate health care policy and practice issues, to promote health behaviors, to engage with the public, and to educate and interact with patients, caregivers, students, and colleagues.

How is social media bad for health?

However, multiple studies have found a strong link between heavy social media and an increased risk for depression, anxiety, loneliness, self-harm, and even suicidal thoughts. Social media may promote negative experiences such as: Inadequacy about your life or appearance.

What to do if a patient finds you on social media?

When Patients Contact You via Social Media – 9 Pointers

1. Take the discussion offline.
2. Understand they’re just looking for help.
3. Give them the facts.
4. Remind them you’ll get in trouble.
5. Point out why social media represents a risky means of communication.
6. Document everything.
7. Make a social media policy of your own.

What do you need to know about HIPAA on social media?

Here’s what you need to know about complying with HIPAA on social media. “30% of adults are likely to share information about their health on social media sites with other patients, 47% with doctors, 43% with hospitals, 38% with a health insurance company and 32% with a drug company.”

What is protected health information in social media?

The most important thing in terms of social media and HIPAA is that no form of PHI can be shared in any type of social media content. Protected Health Information, or PHI, is any piece of information that can be used to identify a patient.

Are there any real world examples of HIPAA violations?

In the first half of 2018, more than 56% of the 4.5 billion compromised data records were from social media incidents. Some of these were HIPAA violations from employees posting a patient’s protected health information (PHI) the social web. Some of these were accidental. Maybe PHI was in the background unknowingly.

Is it HIPAA violation to post on Facebook?

We’ll explain what a HIPAA violation is, how it can happen on social media, & some guidelines to keep in mind to help protect your patients’ privacy. In 2018, a Texas nurse published a post on her personal Facebook account about a case of a young boy who was battling measles at her hospital.

Do you risk violating HIPAA on social media?

Not only can nurses face fines from HIPAA violations on social media, but they can also risk their jobs by disregarding employer policies. HIPAA Journalreported on a nurse who was terminated for HIPAA violations after disclosing PHI loud enough that other patients could hear.

What are examples of HIPAA violations?

A few examples of HIPAA violations that are a result from data breaches may include stolen or lost tablets or phones, malware email hacks, improper keeping of unsecured records, lack of employee training, sharing PHI, improper disposal of records, unauthorized release of information, and the sending of unencrypted sensitive data.

How do patients use social media?

Communicating Availability. Social media can be useful for simple administrative tasks, such as posting office hours and appointment availability. For existing patients, social media can link to appointment scheduling software or websites, or secure websites where they can log in to view their medical information.