Fear of violating HIPAA guidelines is sometimes enough to keep a practice offline. In reality, there is nothing to be scared of as long as you follow some practical steps.
Here are tips from KevinMD to help keep out of trouble with HIPAA:
- Don’t talk about patients, even in general terms. A rational person would never reveal a patients name online, but someone could say: “We had a forty-year-old woman in the ER last night with a broken nose.” It only takes a couple of clues for people to piece together who your patient was. Don’t be specific about time frame, geography, gender and age. This information matched with the condition is too much information.
- Do talk about conditions, treatments, research. You can write about all of this and other things in general terms.
Instead of this, “I saw a patient last night with Rheumatoid Arthritis.”
Try this, “Signs and symptoms of Rheumatoid Arthritis are…”
- Don’t be anonymous. You are more likely to be responsible with your words when your name is attached to it–it’s as simple as that.
- If you wouldn’t say it in the elevator, don’t put it online. Read your post out loud to someone in your office before posting online to make sure the message you are trying to send is being clearly conveyed.
- Check the tone of your social media presence. You never want to come across like you are venting online. Posts should be informational, engaging and personable. Like before, always get a second opinion before making your post permanent.
- Don’t mix your personal and professional lives. Never friend a patient on Facebook unless you are actually friends outside of the exam room. Double check your privacy settings monthly and post with the mindset that anything you put online can become public.
As a physician you are in a unique position to help patients in and out of the exam room. People are looking for health care information, and you are the source from whom they want to get it.
HIPAA is meant to give you guidelines, not keep you offline.