Healthcare Social Media Nightmares
You’re a savvy and knowledgeable healthcare marketing expert.
So you know a social media HIPAA violation when you see one, right?
Below are 10 social media nightmares that any hospital, health system, nursing home, etc. could face on any given day – even if the organization doesn’t engage in any proactive social media. Each of these little disasters poses some kind of challenge for the provider (or “covered entity,” as defined by HIPAA), but only one is a true violation under federal law.
- A physician in an impaired provider program appears in a Flickr photo with a martini in hand.
- Video of a pharmacy employee making a “bottoms up toast” with a bottle of Cheratussin® is uploaded to YouTube.
- A patient’s wife makes a post on a hospital Facebook page thanking the nurses who cared for her husband (whom she refers to by name) and mentioning his MI and catheterization.
- An EMS worker posts a Twitpic of a female transport tech in the morgue – topless.
- A patient in an ED tweets that his doctor “smells like Grey Goose.”
- A 20-year old photograph is posted to Facebook showing a CNO in nursing school pretending to put a fork in a cadaver.
- An audio recording of a ranting phone call made by a surgeon to his ex-wife – from the OR – is uploaded to YouTube.
- A dashcam video of a hospital CEO failing to walk a straight line in a DUI arrest appears on Vimeo.
- A photo of an imaging tech posing with an X-ray of a human stomach containing a small spoon in it appears on Pinterest.
- A physician’s office manager makes a comment on a patient’s Facebook photo, congratulating the patient on her weight loss and asking if her diabetes has improved.
Any one of these priceless little vignettes could make for a really bad day in the hospital marketing and PR department.
Though I am not an attorney, and I am not offering legal advice, I would guess some of these situations may reflect violations of state law. Numbers 2 and 8 seem likely candidates in this category.
Others scenarios appear to fly in the face of DOH guidelines. For instance, antics in the morgue and parties in the ED are generally frowned upon by surveyors.
Most of these nightmares appear to be the substance of potential complaints to various licensing or accrediting organizations. Generally speaking, licensed medical professionals and administrators are encouraged or required to abide by certain “codes of conduct” as determined by the licensing organization. No one likes to think their physician, nurse, paramedic or pharmacist engages in elicit, imprudent or inappropriate activities. The regulatory boards to which the professionals in scenarios 1, 2, 4, 5, 6, 7 and even 8 belong could make unexpected calls to the poor fools who find themselves represented this way on social media.
But since it’s only #10 that involves 1) a covered entity (in this case, an employee of a healthcare provider) disclosing 2) personally identifiable 3) health information, the last situation is the only true HIPAA violation. Though the office manager’s actions are not distasteful, disrespectful or disgusting, they clearly violate federal patient privacy regulations.
So what’s your worst social media nightmare – and how did you make it better?