Lessons Learned: Avoiding Risks When Using Social Media

Lessons Learned: Avoiding Risks When Using Social Media

Pay Attention to HIPAA Pitfalls It should go without saying that healthcare professionals must comply with privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"),2 as modified by the Health Information Technology for Economic and Clin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Missouri medicine 2023-09, Vol.120 (5), p.345-348
Hauptverfasser: Hennessy, Michaeli, Story, Julianne, Enko, Pefe
Format: Artikel
Sprache:eng
Schlagworte:
Chiropractic medicine
COVID-19
Dermatology
Disclosure
Employees
Employers
Employment
False advertising
False information
Fines & penalties
Health care
Health Insurance Portability & Accountability Act 1996-US
Litigation
Medical personnel
Medical | Legal
Nurse practitioners
Nursing
Pandemics
Patients
Social networks
Wagner Act 1935-US
Working conditions
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Pay Attention to HIPAA Pitfalls It should go without saying that healthcare professionals must comply with privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"),2 as modified by the Health Information Technology for Economic and Clinical Health Act,3 if they are using and disclosing protected health information on their social media platforms. "6 To de-identify information, the healthcare provider can either receive a formal determination by a statistician or, more commonly remove all specifics related to the individual, including their family history, household members, employer information, and any other recognizable depictions.7 As a dental practice in Texas found out not too long ago, express patient authorization is a standard that cannot be ignored, no matter the situation.8 In responding to a patient's negative Yelp review, the dental practice disclosed the patient's last name and details of the patient's health condition.9 The Office of Civil Rights ("OCR") of the Department of Health and Human Services (the federal agency which oversees HIPAA) issued the dental practice a fine of $10,000 for the unconsented disclosure of the patient's protected health information.10 Similarly, in June 2023, the OCR fined a New Jersey healthcare provider $30,000 for impermissibly disclosing patient information, including the patient's mental health diagnosis and subsequent treatment, while responding to the patient's negative online review.11 And, in neighboring Rhode Island, the Department of Health Board of Medical Licensure and Discipline (the "Board") fined a physician $500 and required attendance at a confidentiality course for revealing personal identifiable information about her patients on Facebook.12 According to the Board, the physician described the patients' injuries with such depth, that the patients could be identified by unauthorized third parties.13 These civil fines, though serious in nature, do not come close to the maximum permissible amounts. During the pandemic, the chiropractor marketed vitamin D and zinc products, claiming they were more effective at treating COVID than vaccines.16 Shortly thereafter, the Federal Trade Commission sued the chiropractor for violating the COVID Consumer Protection Act of 2021.17 Finding that the chiropractor engaged in deceptive advertising, a federal judge ordered him to pay an $80,000 fine and permanently restrained him from promoting his products as one
ISSN:0026-6620