Even if your medical office doesn’t participate in social media, odds are that the majority of office employees use social media in their personal lives.
Sometimes, in using social media, employees inadvertently breach the boundaries between the personal and professional, thereby creating an unprofessional “social media presence” for the medical office -- without their employer’s knowledge or approval.
Most important, it’s not just the office’s reputation that’s on the line and in jeopardy.
When social media is left unmonitored, medical offices face the very real risk of violating federal privacy laws by breaching patient confidentiality, which in addition to substantial fines, can permanently damage one’s professional reputation.
While the content of the social media is of paramount concern, another cause for headaches is the excessive time employees waste accessing social media websites during work hours. Creating a social media policy to clarify the standards for permissible and prohibited content for both personal and professional social media is one way to protect your patients, your productivity, and your business reputation.
A social media policy should communicate employer expectations regarding the use of personal electronic devices and prohibited social media content.
There are numerous examples of healthcare social media policies available online that can serve as a template for your office policy—so there’s no need to reinvent the wheel. In your research, consider reviewing social media policies from major medical centers. Next, consider your specific office needs and how you might tailor one of these policies for your office.
Be certain to address the following in your policy:
- Define social media and include examples of popular social media sites (e.g., Twitter, Facebook, Yelp, etc.) as well as the type of information the policy will cover.
- Determine who can access social media from the office as well as any restrictions on the use of office equipment.
- Emphasize that patient privacy is paramount. Explain the HIPAA privacy rules and the serious consequences for violations (fines of up to $1.5 million) and provide examples of content that constitutes breach.
- Describe what information employees are allowed to post online and what is off limits. Explain that if employees ever have questions about the appropriateness of content, they should first ask their employer or chief privacy officer.
- Reinforce that employees are responsible for maintaining a professional image of the business, the physicians, their coworkers, and themselves; and,
- Identify the consequences of noncompliance with the social media policy. Be clear that employees are held responsible for their actions and that violators will be subject to disciplinary action including a written reprimand or termination of employment.
After this policy has been created, it is imperative that employees are educated so they understand office expectations. When educating office employees, discuss the importance of maintaining professional boundaries with patients and remind them that they should not “friend” patients on Facebook. Additionally, inform them that posting photos of patients, for any reason, is strictly prohibited.
While labor laws allow an employee to discuss their work conditions, employees should never post any details of their work day that relates to patients, even if the information seems generic. When employees post on social media, not only do they represent themselves, they represent the employer, the office, and all healthcare professionals.
Inappropriate communications with patients online, online violations of patient privacy, and unprofessional comments directed at patients or coworkers are some of the issues that can be prevented with a good office social media policy.
One of the best tips continues to be to always pause before hitting the send key. If something does not look right, makes you question the rules, or think twice - get approval.