Social media cyber liability
This presentation is the property of its rightful owner.
Sponsored Links
1 / 39

Social Media & Cyber Liability PowerPoint PPT Presentation


  • 68 Views
  • Uploaded on
  • Presentation posted in: General

Social Media & Cyber Liability. Andrew C.S. Efaw Kara Rosenthal Ellen Herzog. Why Do I Care?. Control HIPAA / Fines Jail Time Job/Reputation/Discipline Ethical Obligations Civil Lawsuits. Why Do I Care? Control.

Download Presentation

Social Media & Cyber Liability

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Social media cyber liability

SocialMedia & Cyber Liability

Andrew C.S. Efaw

Kara Rosenthal

Ellen Herzog


Social media cyber liability

Why Do I Care?

Control

HIPAA/Fines

Jail Time

Job/Reputation/Discipline

Ethical Obligations

Civil Lawsuits


Social media cyber liability

Why Do I Care?

Control

Facebook T & C: “You hereby grant Facebook an irrevocable, perpetual, non-exclusive, transferable, fullypaid worldwide license withtherightto sublicense) to (a) use, copy,publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, createderivativeworksanddistribute(through multiple tiers). . . .”

Gmail T & C: “By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, andnon-exclusive licensetoreproduce, adapt, modify, translate, publish, publicly perform, publiclydisplayanddistributeany Content. . . .”


Social media cyber liability

#trouble


Social media cyber liability

Why Do I Care?

HIPAA


Hipaa privacy rule

HIPAA Privacy Rule

Information that:

(1) is created or received by the healthcare provider

(2) as related to past, present or future physical or mental health, the provision of healthcare, or the payment re: healthcare, and which

(3) identifies the individual or, with respect to which there is a reasonable basis to believe the information can be used to identify the individual. 

45 CFR§ 160.103


Social media cyber liability

HIPAA Privacy Rule


Social media cyber liability

MYTH: You’re Ok If You Avoid Names


Why do i care

Why Do I Care?

HIPAA Fines

Unknown disclosures: Fines of $100 per disclosure, up to $25,000 per year

Reasonable Cause: $1,000 per violation, up to $100,000 per year

Willful neglect: $50,000 per violation, up to $1.5 million per year


Why do i care jail

Why Do I Care? Jail

HIPAA: Fines up to $250,000 and/or 10 years imprisonment for knowingly misusing individually identifiable personal health information


Why do i care jail1

Why Do I Care? Jail

  • Theft of medical records (ex: Colorado)

    • Unauthorized copying of medical record

    • Medical record includes x-rays

    • Copying includes taking a photograph

    • Felony

  • Personal invasion of privacy(ex: Oregon)

    • Photographing nudity without consent when the person has a reasonable expectation of privacy

    • Misdemeanor

  • Official misconduct/disorderly conduct (ex: New York)


Social media cyber liability

Why Do I Care?

Job, Reputation & Discipline


Social media cyber liability

MYTH: You’re Ok If You Avoid Names


Social media cyber liability

Why Do I Care?

Ethical Obligations


Social media cyber liability

Why Do I Care?

Lawsuits

  • Tort of invasion of privacy

    • No private right of action for patient under HIPAA, but privacy rule used as negligence per se

  • Outrageous conduct or emotional distress

  • Defamation

  • Negligence (breach of confidentiality/fiduciary duty)

  • The number of published cases involving social media evidence from 2010 through the first half of 2012 was

    1009


Social media cyber liability

Taking Action Against Employees

  • Facebook Post: “My dear client ms 1 is cracking up at my post, I don’t know if shes (sic) laughing at me, with me or at her voices.”

  • Terminated because post was not recovery-oriented, used illness for personal amusement, and raised confidentiality concerns

  • National Labor Relations Board sided with employer:

    • “the employee was not seeking to induce or prepare for group action, and her activity was not an outgrowth of the employees’ collective concerns”


Social media cyber liability

Taking Action Against Employees

  • Consult attorney before taking disciplinary action

  • Protected Activities (NLRB)

    • Concerted activities – group griping about working conditions, pay, schedules, safety conditions

  • Unprotected Activities

    • Comments made solely by and behalf of employee himself

    • Individual griping or personal contempt

    • Disclosure of confidential information

    • Harassment, discrimination, or threats

    • Attributing post to company


Social media cyber liability

Colorado’s Lawful Activities Statute

“Smoker’s Right”

  • Prohibits terminating an employee for lawful off-duty conduct unless the conduct:

    • is reasonably and rationally related to the employment activities and responsibilities of a particular employee

    • involves a conflict of interest with responsibilities to the employer

C.R.S. 24-34-402.5


Social media cyber liability

Creating a Better Social Media Policy

  • Policy should not be overbroad.

    • Does the policy explicitly or implicitly reasonably chill or restrict collective bargaining activities?

    • Ex: prohibiting disrespectful commentary = too broad

  • Policy should provide examples.

  • Consequencesshould be clear.

    • “Inappropriate postings will not be tolerated and may subject you to discipline, including termination.”

  • Purposeshould be stated up front.


Social media cyber liability

Creating a Better Social Media Policy

  • Accessing social media is off limits from work computers.

  • Ban social media access from personal phones and devices during work hours.

  • Prohibit the use of camera phones at work.

  • Do not mix professional and personal identities.

    • “Do not use work email address to register for social networks, blogs, or other online tools.”

    • “Do not represent yourself as a spokesperson for the hospital.”


Social media cyber liability

Creating a Better Social Media Policy: Not So Black and White

Acceptable Policy

Overbroad Policy

Prohibiting disrespectful conduct or negative conversations

Refrain from name calling or behavior that will reflect negatively on company

Communicate in professional tone and avoid objectionable topics

Avoid unprofessional communication that could negatively impact hospital reputation

Prohibiting derogatory attacks on hospital representatives, physicians, fellow employees and patients

Prohibiting posting of pictures of employee in uniform

  • Be respectful of fellow employees, business partners, competitors, partners, and customers

  • Expectation to represent the company in a positive and ethical manner

  • Maintain confidentiality

  • Refrain from representing your posting as that of the company


Social media cyber liability

Educating Employees

  • HIPAA applies even when off duty.

  • Don’t talk about patients, even in general terms.

  • You wouldn’t take a copy of an x-ray home, why would you take a picture?

  • Off-duty postings can affect employment and subject you to termination.

  • Discourage response by healthcare workers to social media or new stories.

  • Anonymity is red flag.


Social media cyber liability

Use Common Sense


  • Login