Claims & Risk Management, Employment Practices, Senior Care

Social Media & HIPAA Compliance

Posted on by Propel Insurance
Social Media and HIPAA compliance

The rapid growth of social media use in the workplace poses significant challenges to nursing homes and other long-term care communities (LTCs).

A trend has emerged involving employees taking photos, selfies and videos of elderly residents and sharing them on social media sites including Facebook, Twitter, Instagram and Snapchat.

Whether intentional or unintentional, breaches of patient confidentiality or privacy on social media platforms can occur in countless ways, such as:

 

  • posting photos or videos of patients – even if they can’t be identified
  • posting photos or videos that reveal room numbers or patient records
  • posting descriptions of patients, their medical conditions, and/or treatments

According to HIPAA, all photos are an invasion of privacy and violate the Health Insurance Portability and Accountability Act Rules on data sharing.

In order to protect residents privacy rights, many nursing homes are implementing social media policies including:

  • Drafting a policy to mandate training and obtain a signed acknowledgement from each employee stating that he/she understands his/her obligations to keep the residents’ confidential protected health information private;
  • Warning employees that posting a picture, even without identifying the resident, could violate HIPAA;
  • Requiring employees who identify themselves as employees of your facility to include a disclaimer on their social media page stating that any postings are their sole opinion and not the opinion of the facility where they are employed;
  • Reminding employees that the organization may monitor blogs or other digital media. If the employee fails to abide by the guidelines or the organizations online policies, the employee may be subject to legal or disciplinary action which could include termination.

By enforcing these policies regarding social media in the work place, patient care facilities take proactive steps to protect residents and the facility.

To learn more about protecting your residents’ rights and your facility, contact any of us at Propel.

Propel Insurance

Legal Fraud Disclaimer

Alera Group, Inc. is aware that there are persons fraudulently impersonating our company by using fake internet domains that appear to look like our legitimate services. If you are contacted by someone claiming to work for Alera Group, or any of our partners, please carefully review the email address and domain. If you have a relationship with our company, please contact us directly and not through any information that is provided in such an email. Please be extremely careful in responding to such emails with personal and financial information, sharing passwords, or any other information of value. Alera Group, or any of our partners, will never send ACH instructions via email and thus we strongly recommend that you verify the authenticity of each wire transfer request by calling your Alera Group contact using the number you have previously called.

NOTICE OF DATA PRIVACY INCIDENT.