The Health Insurance Portability and Accountability Act’s (HIPAA) rules continue to be challenging for many health care providers to meet.
Problems with staff members who are poorly trained, simply unethical or inclined to gossip and technological issues as more offices transition to automated systems can leave physicians in big trouble when it comes to HIPAA compliance — particularly where social media is concerned.
Marketing has become an unfortunate necessity even among physicians these days — and that often requires keeping an active social media presence. While even the most novice employee in a medical office is unlikely to obviously violate patient confidentiality in a post on the clinic’s Facebook page, there are plenty of subtle ways that HIPAA can still be violated:
- Candid photos taken for a website are designed to show a happy and active staff — but they accidentally include clear shots of a patient or two in the background
- A photo of a staff member includes a computer and a patient’s information can be seen on the screen
- A staff member takes a photo of a patient with his or her camera without the patient’s permission
- A staff member gossips about a patient who is well-known in the community or to the listeners, leaving no doubt about whom he or she is speaking, even though a name is never used
- Two physicians’ assistants privately message each other about a patient, discussing things that they have no reason to discuss (like his or her personal attributes or appearance) on an unsecured medium and another person finds out
In order to avoid professional misconduct charges over HIPAA violations, it’s important to train your employees carefully on the use of social media and patient privacy.
If you’re concerned about a potential or known HIPAA violation, or you’re under investigation for a HIPAA violation, you face potentially devastating consequences to your reputation, business, license and even your freedom. It’s wise to seek legal advice as soon as possible.
Source: kb.iu.edu, “What are the penalties for violating HIPAA?,” accessed Dec. 07, 2017