The explosion of social media has made social networking a popular and often beneficial platform for communication and marketing by patients and physicians; but healthcare providers may expose themselves to serious legal risks by engaging in social networking, the extent of which are not yet known, according to a communication in the May issue of the Journal of the American College of Radiology.
“The definition of the term social media is still evolving, with no single definition universally accepted,” explained Stacey L. Gulick, JD, an attorney at the healthcare legal firm Garfunkel Wild in Great Neck, N.Y. “The term social networking is used synonymously or as a subcategory to describe the exchange of information among people who have something in common (e.g., friends who have shared Facebook pages).”
Although considering the potential uses of social media to be “limitless” for healthcare providers, Gulick noted that for hospitals and practices, the primary uses of social media include the dissemination of information as a marketing tool to consumers, fundraising and the creation of an online community among hospital staff.
The benefits and lucrativeness of social media mix ambiguously with serious legal and ethical issues; foremost among them is patient privacy.
“A healthcare provider’s posting of a patient’s image, name or treatment information as part of social networking, without patient authorization, is among other things, a potential (1) HIPAA breach requiring patient notification, (2) violation of state criminal laws regarding protection of health information, (3) violation of state healthcare licensure laws, (4) violation of state professional misconduct laws and (5) violation of Joint Commission and other accreditation standards that could jeopardize accreditation or Medicare status,” Gulick noted.
Moreover, even if a patient posts his own information on a social networking site, a simple response by a provider can easily venture into a breach of privacy law. Gulick recommended keeping posts general to avoid crossing the line from medical information to medical guidance. The latter can initiate a provider-patient relationship which incurs licensure laws for out-of-state physicians and potential malpractice liability. Explicitly stating that a post is not medical advice can help avoid these dangers, Gulick offered.
“The importance of this requirement cannot be emphasized strongly enough to all healthcare providers and their staffs,” added Gulick.
Institutions must establish guidelines for social marketing, which include who and what can be posted on the provider’s pages. According to Gulick, the guidelines should:
- Clearly state the kinds of posts that are unacceptable;
- Indicate that the provider reserves the right to refuse or remove any post;
- Notify participants that they are putting their personal information at risk;
- Emphasize that a provider-patient relationship is not established by the use of the site;
- Counsel patients to seek advice from their providers; and
- Disclaim harm that results from the use of, or materials on, the provider’s site.
Gulick also cautioned that social networking between hospital staff members comes with its own category of risks; among them is jeopardizing the privacy of employees that might also be patients.
Monitoring social media content is a must, but equally essential is striking a balance between removing inappropriate or critical comments while appearing responsive to legitimate patient complaints. Guidelines must establish the proper midpoint.
“It may be undesirable, or even unrealistic, to avoid the trend toward social networking, but awareness of the concerns and upfront steps to prevent wrongful use of social network sites could prove invaluable,” Gulick concluded.