September 3, 2014
Independent community pharmacies work diligently to make sure their business meets HIPAA regulations. But what about when pharmacists and employees go online individually?
When the Health Insurance Portability & Accountability Act (HIPAA) was enacted in 1996, it created new standards for the protection of patient health information. But over the last five years, the dramatic rise of social media use has altered traditional ideas about communication and privacy. As pharmacists take to social media—both personally and professionally—new concerns surface about guarding private patient information.
For independent community pharmacies, balancing between social media interaction and HIPAA compliance can be tricky. But with a little knowledge and forethought, you can share your valuable health expertise without incurring potentially disastrous violations. Here are five practical tips for HIPAA-compliant social media behavior.
A clear, comprehensive social media policy for your pharmacy is the first step to HIPAA adherence. Make sure every member of your staff who encounters patient information understands the parameters of HIPAA. Establishing guidelines for social media content and procedure creates better awareness and consistency. Emphasize that even individual profiles on social media aren’t truly private and can be connected to the pharmacy. So it’s important for everyone on the team to be a positive purveyor of the pharmacy brand.
It’s crucial to exercise strict separation of all personal and professional profiles. Don’t “follow” patients on personal profiles, and don’t post messages unrelated to pharmacy on your public page.
The best way to avoid HIPAA violations is to avoid discussion of patients, period. This goes beyond omitting a name or other obvious identifiers. With the extensive resources that the Internet provides, even information that seems irrelevant can potentially identify the patient. Taking a moment to consider if your content is appropriate can be the difference between tact and transgression.
Those who feel obligated to share their experiences online might turn to anonymous posting as a solution. But almost none of our online interactions are truly private; this fact has been reinforced time and again. Anonymity breeds a false sense of invincibility and confidence. Need some relevant evidence? Look no further than the case of an anonymous blogger named Dr. Flea, who was exposed in court as the defendant in a wrongful death/malpractice suit.
The hazards of HIPAA and social media shouldn’t stop you from having a strong online presence. Instead of describing specific cases or patients, funnel your experiences of each day into sharing general expertise. As a pharmacist, one of the most trusted and knowledgeable voices in the health sector, you have the power and the means to spread important health information and positively affect others.
Please note that this article is a combination of general information and is not meant to be all encompassing. Here are a few sources with more detailed information on HIPAA-compliant social media behavior.
Office for Civil Rights
The OCR offers six educational programs on HIPAA compliance.
This company helps health systems create HIPAA-compliant online communities. The company’s blog has a great post on creating a HIPAA-compliant social media strategy.