Many people enjoy using social media and using it to broadcast their stories to people worldwide. However, there are typically limitations concerning one’s job, where the person cannot disclose some confidential aspects. They are particularly severe in the case of healthcare workers because of the Health Insurance Portability and Accountability Act, which was signed by President Bill Clinton in 1996. As a result of this policy, the disclosure of what is known as protected health information (PHI) is strictly punished. According to Adams (2016), HIPAA has led some healthcare workers to be discouraged from using social media altogether. However, one does not necessarily have to abandon the practice if they learn some essential facts about it.
Protected health information is a broad category with a somewhat nebulous definition. Ovansian (2016) identifies it as “information collected from an individual that either ‘identifies the individual’ or ‘reasonably can be used to identify the individual’” (p. 172). As such, any posts that directly reference or mention a patient are not permitted and punishable by law. In general, healthcare workers should be careful when referring to a patient, however indirectly. Moreover, nowadays, it is easier than ever to identify a person based on some contextual clues. As such, it is best to be careful to maintain the privacy of one’s patients, preferably avoiding any mention of them to avoid potential issues.
The concepts of privacy, security, and confidentiality are also critical to HIPAA and the safety of the patients’ personal information. Privacy is the ability of the person to control their personal information and disclose or withhold it at will. Security, in the context of information, is protection from unauthorized access, such as that which results from cyberattacks. Lastly, confidentiality is a quality of an agreement, such as that between the medical provider and the patient, that limits one or both parties from disclosing specific information. Medical workers have to respect the privacy of their patients, guarantee the security of their databases, and keep patient information confidential in all circumstances, sometimes including courts of law.
It is beneficial to provide examples of how a medical worker may inadvertently breach HIPAA based on one of the three principles above. It would be a violation of privacy to access the medical records of a patient that the worker does not need to work with during their job. A violation, or rather a failure, of security would be a successful attack that results in a data breach of patient information. Lastly, any disclosure of patient information on social media that has personal information, as described above, would be a violation of confidentiality. The first and third actions would lead to disciplinary (and likely legal) action against the offender, while data breaches are generally the responsibility of the organization as a whole.
The punishments for medical workers who breach HIPAA can be severe, in part because of the implications of the event for their organization. Stroehlein and Bayer (2016) mention that the Board of Nursing can apply a reprimand, sanctions, financial fines, or loss of licensure to a nurse who violates the legislation. Additionally, most healthcare facilities will have codes of conduct that prescribe additional punishments for not following them. Particularly severe cases can lead to the worker’s immediate termination, which, combined with the censure by higher bodies, can make finding work complicated. Overall, medical workers should approach social media use with care and try to avoid involving their professional environment.
References
Adams, S. A. (2016). Use of social media by hospitals and health authorities. In S. Syed-Abdul, E. Gabarron, & A. Y. S. Lau (Eds.), Participatory health through social media (pp. 27-41). Elsevier Science.
Ovansian, M. M. (2016). Healthcare begins a mobile revolution. Georgetown Law Technology Review, 1(1), 170-174.
Stroehlein, M., & Bayer, T. (2016). Social media and nursing today. SOJ Nursing & Health Care, 2(2), 1-3.