Social Media and Privacy: How Does Your Program Measure Up?


By nature, health care is community oriented. From large health care systems to small physician offices and patient support groups, new social media tools such as social networks, weblogs, and video chats are reengineering the way providers and patients interact.   

Knowledge is shared between clinicians, and with their patients and members of the general public. While social networks enable users (clinicians, patients, and others) to share information and participate in support groups, research collaborations, and other venues, use of this technology also presents challenges for health care entities.  

“Social Media in Healthcare: Privacy and Security Considerations” is an excellent white paper, prepared by the Privacy and Security Committee of the Health Information Management Systems Society (HIMSS). The paper describes different types of networks and platforms that healthcare entities can use for social media, including examples and common uses of various media. The paper includes examples of risk mitigation strategies that healthcare entities can use to address some of the risks associated with social media. Download the White Paper 

The white paper includes guidance based on two primary considerations: 

 DO – “Engage and Educate” and DON’T “Diagnose or Treat”. 

Following is a checklist for measuring how your social media program measures up with respect to privacy issues. This checklist includes information from the HIMSS white paper and additional measures developed by the author for your consideration. This checklist is meant to be a conversation-starter and enable your workgroup to discuss and think through the issues in determining the best approach for your organization.  

Comply Track has a number of tools you can use to develop and enhance your social media strategy. These include:  

Risk Assessment Manager:  Identify risks associated with the use of social media in your organization, communicate with key stakeholders responsible for developing and implementing social media strategy across the organization, and create surveys to evaluate workforce knowledge and concerns regarding social media.   

Activity and Event Manager:  Track, manage, and document communications with key stakeholders.  

Document and Policy Manager:  Enable collaboration on social media policy, guidelines, survey results, and monitoring activities, across departments that are responsible and accountable for various aspects of social media (e.g., marketing, IT, human resources, compliance, privacy, security, internal audit).  

 Social Media Checklist: How Are You Accounting for Privacy? 

How would you describe your organization’s social media strategy? 

Does your organization have a strategic plan for social media, including goals and objectives for using social media, resource requirements to implement the plan, and evaluation of the plan on a periodic basis to measure if goals are met and if changes are needed in strategy or deployment? 

How does your social media policy address patient confidentiality? 

Does your social media policy address how privacy and security of patient information will be maintained in patient care, research, and education where social media is used to communicate with patients, providers, affiliates, research collaborators, and others? 

Have you provided your business associates with a copy of your social media policies and your expectations for their role in your social media plan? 

Do you regularly train your workforce in appropriate use of social media

Do you know who in your organization is using social media and have you provided them with guidelines regarding protecting privacy while using social media? 

Do you monitor the use of social media by the workforce? How do you use the results?      

 Phyllis A. Patrick, MediBlog Submission, October 1, 2013