HIPAA Compliance on Social Media

HomeResourcesBlogHIPAA Compliance on Social Media

HIPAA Compliance on Social Media

Posted on: in [ Best Practices, HIPAA, Therapy Business ]

HIPAA Compliance on Social Media

With social media’s increased role in today’s tech-savvy world, it’s almost become a necessity for your business to have an online presence if you’re going to market your services effectively. As healthcare providers, however, you need to be extra careful that what you’re doing isn’t breaking HIPAA regulations. NARA would like to share with you a few tips on how to stay compliant on social media:

Move conversations offline as soon as you can.

Whether it’s a patient asking about certain services you offer or someone writing an angry complaint on your wall, it’s not uncommon for people to self-disclose on social media. Your job is to move the conversation offline. Encourage them to call your office for further information or to discuss the matter in private. Remind them that you don’t want them to discuss private health matters in the public forum of social media.

Obtain written consent before you post pictures or testimonials.

Even using a moniker or blurring out details of a picture can still lead to disclosure. Have a consent form on-hand for clients to sign before you post their testimonies or pictures on social media.

Don’t friend your patients.                                                

Even if you’re friends with a patient outside of work, friending them on social media can still reveal more than you realize about your relationship. It’s best to keep work life and personal life as separate as possible when it comes to social media. 

Be aware of what’s in every photo.

Even if you’re taking a picture of your office holiday decorations or a picture of a co-worker, you still need to be cognizant if you’re giving anything away. Is there private information displayed in a computer monitor in the background? Is there private paperwork viewable in the photo? These are all things you need to look for before you post.

Make social media a part of your compliance training.

Work with your compliance officer to create a social media policy for your officer. Make sure everyone is trained on what it is, and remind them periodically throughout the year.

While this is not a comprehensive list of everything you should do to keep yourself HIPAA compliant online, it is good outline of what you should be following. For everything else regarding compliance, NARA is here for you. Our webinars and conferences follow legislative action and can help you understand what new government regulations mean for you and your business.