The trusted source for
healthcare information and
Despite years of regrettable incidents and cautions about social media and other forms of electronic communication, healthcare providers still are at risk from rogue or careless employees who post patient information or other inappropriate material on the web. It is proving more difficult than many originally thought to monitor social media and to prevent staff from posting in a way that makes the hospital liable.
The pervasiveness of social media is part of the problem, but so is the way online communicating has become second nature, says Jimmy Lin, vice president of product management and corporate development at The Network, a governance risk compliance company in Norcross, GA. Something funny happens at the office happy hour, so why not tweet about it? The hospital had an interesting case, so someone shares the news on Facebook. (See the story on p. 79 for two recent examples.)
Employees often do these things naturally and don’t even think they could be putting themselves and the provider at risk for reputation damages and potential lawsuits, Lin says. A recent trend is even more worrisome, however. "We’re seeing hospital employees who post pictures of patients from a particularly awful accident, and it’s not just sharing with a few friends," he says. "There seems to be a real desire for these pictures in the market, and so people are supplying them. The pictures can go viral and once they’re out there, you can’t get them back. It can lead to liability that the poster never expected."
Risk managers must educate employees about how to communicate safely, but Lin suggests doing it in the way tech fans like their information: short bursts of information from their smartphones. Use social media to train employees about social media. "These are the heavy users that you want to reach the most, so you should do it with frequent reminders and messages sent to their phones or Facebook," he explains. "That targets the right people. Think about smaller chunks over a long period, rather than a long employee training session."
Healthcare providers also should monitor social media for any information about or stemming from the hospital, Lin suggests. The sooner you know about a confidentiality breach or other improper posting, the sooner you can work to mitigate the damage.
Policies must be clear about the use of social media, but employers have to realize that it is here to stay, says Joanna Belbey, social media and compliance specialist at governance provider Actiance in New York City. Healthcare employees frequently use social media legitimately to communicate with each other and patients, she notes, so the best strategy is to provide guidance on how to use it properly. "Once you develop policies on social media use, the next step is to show employees how those policies apply to their specific situations," Belbey says. "Provide a lot of examples, and let people discuss why one is acceptable and the other is not. It is important to not only show them what not to post, but what they can post online."
There are some legal limitations on how much an employer can restrict an employee’s posts or discipline the employee for posting, says Howard M. Miller, JD, member of the law firm Bond Schoeneck and King in Garden City, NY. The law still is evolving in this area, he says, but the National Labor Relations Board (NLRB) is studying how much censorship is too much, especially with union employees. Employees can be prevented from violating laws by posting patient information, for example, but how much you can restrict comments about the employer is less clear.
"Generally you can’t stop certain griping about working conditions," Miller says. "But there are legitimate concerns about putting information online that is damaging to the reputation of the employer, so it’s a question of where the line is, and we haven’t found it yet."