These days, social media is king. Everything has become shareable and information can be passed along with just a click of a post or tweet button. But what happens if someone posts their negative feelings about your clinic, your staff, or even you online for the world to see? What if a patient desperately needs answers to their eye issue and reaches out to you via Facebook or Twitter for an answer? These scenarios can quickly turn into violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) if handled incorrectly.In this Q&A with Misti Buard, a certified marketing coach, we delve into everything physicians need to know to prevent HIPAA violations via social media.
These days, social media is king. Everything has become shareable and information can be passed along with just a click of a post or tweet button. But what happens if someone posts their negative feelings about your clinic, your staff, or even you online for the world to see? What if a patient desperately needs answers to their eye issue and reaches out to you via Facebook or Twitter for an answer?
These scenarios can quickly turn into violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) if handled incorrectly.
In this Q&A with Misti Buard, a certified marketing coach, we delve into everything physicians need to know to prevent HIPAA violations through social media.
Bad online reviews should never be ignored (especially those on Yelp or Google!). Some say that you should respond privately to a bad review, but that isn’t wise. Think about it, why would one respond privately to something that was written for everyone to see-and that ‘something’ is a bad reflection of their practice?
The best way to handle this situation is by joining the conversation. Address the issue (publicly) and more importantly, ask the patient how they’d like the issue resolved. Acknowledging the negative review publicly allows onlookers (potential customers) to see that the ophthalmologists values patient satisfaction, and that he/she is willing to go above and beyond to make sure that their patients are happy.
Monitoring Yelp and other sites weekly should be a best practice that each ophthalmologist follows. Positive reviews will encourage more patients to walk through your door, bad reviews will not.
â¨Rule of thumb for ophthalmologists who utilize social media sites: If you wouldn’t say it in an elevator, then you shouldn’t say it online.
The same HIPAA policies that are followed inside of the office, must be followed online.
The best way to avoid a HIPAA violation is by planning ahead. By that I mean create a social media plan each quarter. A social media plan will help ophthalmologists and their staff know exactly what content is being posted and the day it will be posted.
The key to avoiding any violations is truly preparation (going back to the social media plan). Allow me to use this analogy: Before a parent sends their six year old to school each day, the parent makes sure that their lunch is packed, their homework is complete and that they’ve been fed breakfast (maybe not exactly in that order). But that’s exactly how ophthalmologists should prepare their social media content.
If an office manager is in charge of creating the social media plan, then the doctor should review the plan along with the content that will be posted. Planning ahead will avoid any last minute/random (just so we can get our name out there!) posts. The parents of that 6 year old I mentioned earlier may worry about their child throughout the day, but I guarantee that they aren’t worried if their child completed their homework or not. Why? Because they reviewed the homework to verify if was complete before sending the child to school. Ophthalmologists should do the same.
The content that is posted should be two things, either educational and/or engaging.
A sample post could be as follows: Here are 5 tips on how to protect your eyes during the summer! After the tips are listed, the audience should be engaged by asking an open-ended question such as: “Which one of these tips do you and your family practice?”
Educating staff about HIPAA compliance is another must that should be done in order to avoid any violations.
There was an “unintentional privacy breach” that happened a couple of years ago.
Alexandra Than, MD, posted a few of the things she’d witnessed in the emergency room on her Facebook page. She didn’t include any names, but she wrote enough information that an individual was identified. She was fired from Westerly Hospital in Rhode Island.
A court document re: Alexandra Than: http://www.health.ri.gov/discipline/MDAlexandraThran.pdf
Yes, there are. For instance, there were several holiday parties toward the end of 2014, and if a doctor and his staff decided to take photos in their office and post them onto social media sites- they could easily get into trouble if a patient’s file is nearby and their name can is visible.
Of course at the time they’re just having fun and spreading holiday cheer, but if the name on that file can be read- the practice has violated HIPAA.
A doctor should never give guidance or recommendations via social media. If someone is asking for advice via social media, the doctor should advise the patient to visit the nearest ophthalmologist.