Protected Health Information in Social Media

Introduction

In modern healthcare environment, technology provides easy access to digital communication, and nurses apply social media for a wide range of purposes. With such advantages as information sharing and learning, there comes great responsibility for protecting patients’ sensitive data. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes the regulations and defines protected health information (PHI) as something that is transmitted through social media. In turn, the National Council of State Boards of Nursing (NCSBN) clarifies that information can be shared only in three cases: a patient’s informed consent, when non-disclosure would lead to harm, and if legally required.

Main Objectives

Nurses can violate these laws either intentionally or involuntarily in the following forms:

  • Photos or videos with patients without their consent and those that present patients’ records, room numbers, other sensitive data;
  • Comments on the severity of diseases, treatment details, and patients’ condition;
  • Using depreciating or degrading manner to refer to patients.

The HIPAA states that patients have the right to privacy that is related to determining what information should be shared, how, and with whom (Samadbeik, Gorzin, Khoshkam, & Roudbari, 2015). A patient having diabetes has the right to avoid sharing her health condition with the family via social media. Security consists of instruments and measures to protect health information systems from unauthorized access; for example, organizations’ computed programs, hardware, policies, and personnel. Confidentiality makes sure that a patient’s consent is required for any disclosure and that his or her health data is used only for the identified purposes.

Interdisciplinary collaboration is critical to ensure that sensitive electronic health information of patients is protected. According to the US Department of Health and Human Services Office for Civil Rights, there were more than 25,000 cases concerning privacy matters from 2003 until 2019 (Latner, 2019). In 2016, 300 substantial breaches of PHI occurred, while within several months of 2019, 50 nurses were terminated after the inappropriate use of social media at the Northwestern Memorial Hospital in Chicago (Abouelmehdi, Beni-Hessane, & Khaloufi, 2018; Wofford, 2019). Other sanctions include disciplinary actions, criminal penalties and reporting to law enforcement, and financial penalties to the organization.

For the interdisciplinary team, the principles to follow include properly established leadership and management, communication, professional development, clarity of vision, and mutual help. In case one of the team members notes the mentioned violations, they should be reported immediately. When a nurse observes that his or her colleague intends to share a selfie with the patient, this should be prevented. The integration of skills and knowledge within a team leads to greater understanding and more systematic care delivery. In addition, blogs, Facebook, YouTube, and discussion groups can be used to connect the team members, asking relevant questions and receiving correct answers and experience. Multiple evidence-based approaches to reduce privacy, security, and confidentiality threats are the adoption of relevant policies and their translation into practice. It is the responsibility of every nurse to avoid privacy issues and encourage the team to apply social media correctly. Not to do issues in social media are:

  • Ranting about the place of employment, coworkers, and policies; do not use personal emails associated with a hospital to enter social media;
  • Commenting and complaining about patients and posting photo materials that identify them by any means; remember that even the deleted photo can circulate online;
  • Refraining from negative thoughts and offensive language regarding patients; respect patients’ background and diversity.

References

Abouelmehdi, K., Beni-Hessane, A., & Khaloufi, H. (2018). Big healthcare data: Preserving security and privacy. Journal of Big Data, 5(1), 1-18.

Latner, A. W. (2019). Social media post prompts firing. Web.

Samadbeik, M., Gorzin, Z., Khoshkam, M., & Roudbari, M. (2015). Managing the security of nursing data in the electronic health record. Acta Informatica Medica, 23(1), 39-43.

Wofford, P. (2019)..Jussie Smollett case: 50 hospital workers fired for alleged HIPAA violations. Web.