Hospitals, Privacy & Social Media

By Holly Hayes

The Joint Commission (TJC) has patient care standards regarding patient rights. Standard RI.01.01.01 states: “The hospital respects, protects, and promotes patient rights.”

The standard is scored by Elements of Performance (EPs) which include:

4. The hospital treats the patient in a dignified and respectful manner that supports his or her dignity.

7. The hospital respects the patient’s right to privacy.

Even with those standards in place, The Los Angeles Times reported this week that some hospital staff members are using social networking to discuss patients on Facebook.

Many hospitals are adopting no-tolerance policies for the release of patient information online, which covers everything from patient names to seemingly innocuous details such as weight. Los Angeles County’s Department of Health Services, for example, requires employees to sign an agreement that they will not release patient information through any non-county website.

“If you’re giving any data about a patient at all, you’ve breached the privacy,” said Pam Lane, vice president of health informatics with the California Hospital Assn. “People are doing it and they are losing their jobs.”

The state does not track online breaches of patient privacy separately from other breaches.
So far this year, 686 breaches of patient privacy have been reported at hospitals statewide and substantiated by investigators at the California Department of Public Health, including four by healthcare workers.

A number of the nation’s leading hospitals, including Cleveland Clinic and the Mayo Clinic, are raising awareness among their staff about how patient privacy protections such as the Health Insurance Portability and Accountability Act (HIPPA) apply online.

“We already have guidelines; social media is simply another form of communication. It’s no different from e-mail or talking to someone in an elevator,” Ed Bennett (director of Web strategy at University of Maryland Medical System) said. “The safe advice is to assume anything you put out on a social media site has the potential to be public.”

Let us hear your thoughts on patient privacy and social media.

Holly Hayes is a mediator at Karl Bayer, Dispute Resolution Expert where she focuses on mediation of health care disputes. Holly holds a B.A. from Southern Methodist University and a Masters in Health Administration from Duke University. She can be reached at holly@karlbayer.com.