1 / 14

From Baby Boomers to Millennials

From Baby Boomers to Millennials. How to Remain HIPAA Compliant in the Age of Social Media. Molly Staley, Marketing Consultant Capital Ortho. Quick Review … What is HIPAA??.

sylvie
Download Presentation

From Baby Boomers to Millennials

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. From Baby Boomers to Millennials How to Remain HIPAA Compliant in the Age of Social Media Molly Staley, Marketing Consultant Capital Ortho

  2. Quick Review… What is HIPAA?? The Health Insurance Portability and Accountability Act of 1996 is U.S. legislation that provides data privacy and security provisions for safeguarding medical information.

  3. Protected Health Information Protected Health Information is any health information that can be tied to an individual and includes one of more these 18 identifiers. • Names (full or last and initial) • Geographical Identifiers smaller than a State • Dates (other than year) • Phone Numbers • Fax Numbers • Email addresses • Social Security Numbers • Medical Record Numbers • Health insurance beneficiary numbers • Account Numbers • Certificate/License Numbers • Vehicle Identifiers • Device Identifiers and Serial Numbers • URLs • IP Address Numbers • Biometric Identifiers • Full face photos and comparable images • Any other Unique Identifying Number, Characteristic, or Code Source: HIPAAJournal.com

  4. HIPAA & Social Media: What’s the Big Deal? • According to HHS, the majority of HIPAA violations in recent years have occurred from employees mishandling PHI, many of which stem from inappropriate social sharing. • Violations can result in fines ranging from $100-$1.5 million or Criminal Penalties which can result in fines up to $250,000 and up to 10 years in prison. • Other potential consequences include lawsuits, loss of medical license, & employee termination.

  5. Photo credit: Entrepreneur.com

  6. Common Social Media HIPAA Violations Posting of videos or images of patients without written consent Posting of gossip about patients Posting of any information that could allow a patient to be identified Posting videos or images taken inside a healthcare facility in which patients or PHI are visible Sharing of photos, videos, or text on social media platforms within a private group

  7. HIPAA Social Media Guidelines • Develop clear policies covering social media use and ensure all employees are aware of how HIPAA relates to social media platforms • Train all staff on acceptable social media use as part of HIPAA training and conduct refresher training sessions annually • Provide examples to staff on what is acceptable- and what is not- to improve understanding. • Communicate the possible penalties for social media HIPAA violations- terminations, loss of license, and criminal penalties • Ensure all new uses of social media sites area approved by your compliance department • Review and update your policies on social media annually • Develop policies and procedures on use of social media for marketing, including standardizing how marketing takes place on social media accounts • Develop a policy that requires personal and corporate accounts to be totally separated

  8. Guidelines Cont. • Create a policy that requires all social media posts to be approved by your legal or compliance department prior to posting • Monitor your organization’s social media accounts abd communications and implement controls that can flag potential HIPAA violations • Maintain a record of social media posts using your organization’s official accounts that preserves posts, edits, and the format of social media messages • Do not enter into discussions with patients who have disclosed PHI on social media • Encourage staff to report any potential HIPAA violations • Ensure social media accounts are included in your organization’s risk assessments • Ensure appropriate access controls are in place to prevent unauthorized use of corporate social media accounts • Moderate all comments all social media platforms

  9. Resources hipaajournal.com/hipaa-social-media/ hipaajournal.com/hipaa-compliance-checklist/ hhs.gov/web/social-media/policies/index.html

More Related