If a patient disclosed private information, would you tweet about it? Probably not. But posting a selfie at work is harmless, right?
Unfortunately, HIPAA violations on social media aren’t uncommon. And violators may not even know they’re posting something inappropriate. But a careless post could be costly, ranging from $100–$50,000 per incident.5 tips to avoid HIPAA violations Click To Tweet
For this reason, healthcare instructors must teach their students to stay HIPAA compliant —especially on social media.
Common HIPAA Violations on Social Media
Social media platforms such as Facebook, Twitter, Reddit, and Snapchat provide an easy way to communicate. But students need to remember their professional obligations when connecting with others and posting online. Even a small violation could be devastating to a health professional’s career.
The website Clinical Advisor shared an RN’s story violating HIPAA laws. The nurse was fired after posting about a toddler with measles in a private Facebook group. While the patient’s name wasn’t shared in the post, the nurse’s place of employment was listed on her profile. The patient was identified and the nurse was fired for a HIPAA violation.
Because students are held to the same standard as licensed professionals, they must be aware of relevant privacy laws and standards on social media. After all, you wouldn’t want one of your student’s careers to end before it even started. To help your program avoid disaster, HIPAA Journal created a list of common social media HIPAA violations:
- Posting of images and videos of patients without written consent.
- Posting of gossip about patients (even if a name is not disclosed).
- Posting of any information that could allow an individual to be identified.
- Sharing of photographs or images taken inside a healthcare facility in which patients or PHI are visible.
- Sharing of photos, videos, or text on social media platforms within a private group.
Avoid Sticky Situations
Now that you know what HIPAA violations on social media look like, how can they be avoided? Here are 5 guidelines to teach your students:
Extend Your Existing HIPAA Policies to Social Media
Apply the same HIPAA guidelines learned in the classroom to social media. If you wouldn’t say it in public, don’t post it on social media.
Avoid Sharing Detailed Information
HIPAA violations can occur even if a name isn’t disclosed. Leave out any biographical information and identifying details when posting.
Watch Your Images
A patient or their files in the background of a selfie could lead to serious trouble. Do a thorough scan of an image’s background before uploading it.
Don’t Vent Online
While you’re bound to work with a frustrating patient from time to time, posting about it can lead to serious consequences. Find an outlet other than social media to voice your frustrations.
Don’t Send Messages With Private Information
Facebook messages aren’t encrypted. Once again, if you wouldn’t say it in public, don’t send a private message. If you need to send a message with patient information, use a system that includes a patient portal.
Remember that the second something is posted, it will always be discoverable on a server. Even the delete button can’t “take back” a post, comment, or photo.No selfie or venting tweet is worth $50,000 Click To Tweet
While HIPAA violations can (literally) be costly, they can also be avoided. Get your students into a new habit when they post on social media. Train them to make sure a post is compliant before uploading a selfie at work or ranting about a patient. Even if they’re just sending it to a friend or posting in a private group, a quick scan to make sure HIPAA laws aren’t being violated should become second nature. Because let’s be honest, no selfie or venting tweet is worth $50,000.
If you’d like more ideas for teaching HIPPA rules, check out Teaching HIPAA Rules: 3 Keys to Success
Kappel, Spector. “Guidelines for Using Electronic and Social Media: The Regulatory Perspective.” The Online Journal of Issues in Nursing.
“HIPAA Fines Listed by Year.” Compliancy Group.
“HIPAA Social Media Rules.” HIPAA Journal.
“Posting with Caution: Social Media and HIPAA Compliance.” Healthcare Compliance Pros.
“4 Tips to Steer Clear of Social Media HIPAA Slip-Ups.” Continuum.
“Doximity: Social Networking For Doctors.” Information Week.
Cannon. “HIPAA Violations Among Nursing Students: Teaching Moment or Terminal Mistake.” Colorado Nurse.
Abby works with the content marketing team at GoReact, the best way to give feedback on student videos. She is currently studying communications at Brigham Young University. Abby has previously worked in human resources, as a custom specialist, and as a volunteer in Russia. In her spare time, she enjoys skiing, cookie dough, and spending time with her family.