Social media is used by many and 80% of people use social media sites to get information regarding doctors, hospitals, medical news and information. Social media can be extremely useful tool for communicating general healthcare information to the public, establishing professional connections and sharing experiences. Still there should be censor on the extent of the information shared as for HIPAA compliance. HIPAA violations occur due to sharing of too much of information on the social media sites. HIPAA training should be imparted to the healthcare employees while using the social media.
Here is a list of do’s and don’ts of social media and HIPAA violations and compliance in medical practice.
1] Understand what is considered as HIPAA violations on social network:
As per HIPAA compliance, a breach is an impermissible use as per the privacy rules that includes the security or privacy of the protected health information. Posting verbal conversation about patient to unauthorized individuals even if the name is disclosed. Sharing photographs or any information without consent of the patient. To assume that the posts or photos have been deleted when they are still to be viewed by the public. Sharing pictures of workplace that happens to have visible patients files.
2] Do not post anything on social media that you will not say in a common public place. This is the basic rule if you are in doubt about a post, picture or comment check with the compliance officer or your colleague before putting it on social media sites.
3] Train the employees adequately– Train the employees on HIPAA privacy and security policies when they are hired and repeat it at least annually. The best way to limit the violation of rules of privacy make sure that they do not use social media sites during working hours. Also extend your rules and policies of HIPAA compliance to social media networks.
4] SEVERITY OF PUNISHMENT OF HIPAA VIOLATIONS– Do not refrain or overlook the severity of punishment of violation of the HIPAA compliance. If the employees are mishandling the public health information and share it or disclose it inappropriately, they should be punished severely. The punishment could be imprisonment or fine or both of it. If HIPAA breach occurs on social media sites then the compliance officer should be informed regarding all aspects of breach. There after notification to the individual must be sent in no case later than 60 days, top HIPAA violations and prevention is available. If the breach involves more than 500 individuals then in this situation the compliance officer will send notice to the media and to the secretary of HHS. The employees involved in breach should be retrained on HIPAA compliance.
HIPAA compliance is an ongoing vigilant process of your overall compliance program. By providing HIPAA training to the employees at the time of their joining and then repeating it at regular intervals the breach or violation of Public Health Information can be stopped.