How to Not Breach Patient Confidentiality on Social Media

HIPAA protected Healthcare Information in the Historic period of Expanding Social Media Boundaries

Social by nature, curious by design and caring by desire, health intendance providers agree the important responsibleness of our patient's personal medical information in conviction. The hallmark aspect of the patient/nurse relationship is built on the belief and understanding of trust. In many respects a built trust of care that includes the privacy and confidentiality of a patients personal health data. The expansion of the electronic advice age has provided health care professionals the ability to work faster and with a greater caste of efficiency and accuracy. A chore that would accept taken me half a twenty-four hour period 25 years ago with phone calls and memorandums are now completed with a mitt held device before I finish my showtime loving cup of Earl Gray in the morn.

The www/cyberspace has continued us in ways that are improving and expanding exponentially to move this protected data from one source to another. The problem we must fence with is how secure the data is as nosotros move it from person to person. Nosotros must too consider the need to place this information out in cyberspace and motion information technology around. Breaches in patient confidentiality or privacy tin be intentional or inadvertent, but they can occur in a multitude of methods.

The growth of the Social Media outlets has spawned numerous issues for health care institutions to appoint in the protection of patient protected health care information. Of late, improper utilization of social media by nurses has caused issues as they relate to, State laws and Federal regulations, HIPAA Health Insurance Portability and Accountability Deed of 1996). The concept of protecting a patient's information in this space has led to a blurring of the boundaries of what is private data and what is public information.

Social media venues too bring into question if what is posted should exist considered personal and what should be considered professional. In this word, I will focus on social media sites that expose posted content to the openness of the net. The take chances associated with posting patient information on the sites and some of the penalties that tin and have occurred in recent litigation cases.

Assessing hazard of exposure
Blogging (an interactive form of publishing content on the spider web) on social networking sites exposes the adventure of the fabric posted to be viewed in the public domain. When posted on personal sites or conversation rooms the material is discoverable and no longer private, even later on it has been deleted. The advances in electronic technology, currently provides this connection in our small personal manus-held devices. This poses other challenges such a theft of the device and the content in the devices electronic storage. Some examples of breaches in patient privacy can be very unassuming and done with a lack of intentional forethought. As often can exist the instance, skill assisted nursing care facilities have seen staff capturing images of the residents and posting them to their social media sites. These events typically take endearing captions and names accompanying the residents photograph describing something beautiful they did or may have said in conversion.

Every bit inadvertent and innocent as this may have been, it was a alienation of a resident/patients privacy. The aforementioned is true when a posting includes patient information described in sufficient detail that the patient tin be identified without the do good of proper name identification. For example, a nurse may be treating a patient in a detail unit of measurement and post the events of that day'due south intendance. This may include the extent of the patients change in status he/she may exist sharing in the post. With this material existence accessible, it tin can exist forwarded or re-posted to any venue, placing information technology in a position for the general public to view. Though perhaps the intent is harmless, some patients could have their lives placed in personal jeopardy. If for case they are attempting to hibernate, from a previously calumniating relationship.

In an August 2011, white paper published by the National Council of State Boards of Nursing (NCSBN) (www.ncsbn.org), there seems to be some misconception on the use of social media.

These misconceptions included a mistaken belief that;

• communication/posts are private and accessible only to the intended recipient.
• posts deleted from a site are no longer attainable.
• if the site is limited (private to selected recipients), the disclosure of the patient/resident data is harmless if but read by the selected recipients (if permissible disclosure has not been obtained it is still a alienation of confidentiality.)
• the mistaken belief that if the patient/resident's name is not disclosed it is non a breach.

In a 2010 NCSBN national survey, 33 of the 46 responding Boards of Nursing received complaints of nurses posting images and/or sensitive resident/patient data on social media sites. The survey also illustrated the bespeak that 26 of the 33 reporting States Boards of Nursing took some form of disciplinary action in response to the received complaints, which at a minimum, were messages of censure to the respondents.

Paying the penalisation
Another important consideration and responsibility comes with securing the device that may have patient sensitive information in storage. Electronic devices that store information such every bit laptops, tablets and smart phones can be stolen and the content easily accessed. These units have the capacity to concur significantly large files of patient sensitive information that is the responsibleness of the health care professional entrusted to its safe keeping.

In the Rover article, occurrence of stolen electronic devices with patient sensitive information ranged from a minor number to a significantly large database. In Dec of 2012 Hospice of Northern Idaho settled and agreed to pay $50,000 for a breach of unprotected patient information. The investigation found a self-reported theft of an unencrypted laptop with approximately 440 patient records including personal health data in the database.

The aforementioned year, Blue Cross Blue Shield of Tennessee was required to pay $i,500,000 in fines after an investigation of a reported theft of computer information. The report indicated the visitor failed to secure 57 computer hard drives that were stolen from the Tennessee facility. The hard drives contained protected health information on over i million individuals, including, names, social security numbers dates of birth, diagnosis codes and health plan data.

Every bit a practicing licensed professional, yous may exist subject to potential consequences from your employer and the States Board of Nursing. The consequences are beholden to the jurisdiction, however an investigation may occur on the grounds of failure to protect patient protected wellness information. A Nurse may find themselves answering to accusations of unprofessional conduct, mismanagement of patient records, or breach of a patient's confidential information.

Best course of activity
Our profession spans a broad range of nurses working and practicing beyond chronological ages from the early twenties in and through their seventies. The level of understanding of protecting patient sensitive data in the social media expanse volition likely vary from individual to individual. The best guidance is to recollect twice earlier y'all press the send/postal service button to a social network site. Maintaining the privacy and integrity of a patient'due south health data is paramount to your relationship with your patient, and it is besides the police force. Understanding the electronic age poses many risks that will challenge your ability to protect this information. If yous are uncertain contact/consult your employer'southward policies on the use of social media. Nurses must have a sound understanding of the boundaries of the personal and professional cyberspace as well every bit the risks of unintentional and inadvertent exposure of this safeguarded material.

---

References

1. White Paper: Nurse's guide to the use of Social Media, NCSBN (Baronial 2011), world wide web.ncsbn.org
2. Rover, Sara Simrall, 2013, Social Media Compliance Challenges: From HIPAA to the NLRA, Social Media And HIPAA Privacy Concerns for Health Intendance Providers. American Health Lawyers Association. Hospitaland Health Systems Police Institute.

Share this post