A healthcare team’s guide to HIPAA compliance on social media

A healthcare team’s guide to HIPAA compliance on social media
Laura Porcincula
Rank
Userlevel 7
Badge +3

Navigating HIPAA compliance on social media can be challenging for healthcare marketers. How can you engage with patients and share compelling stories while adhering to strict privacy laws? 

In this article, the Sprout Social team discusses strategies to balance these challenges. Discover the best practices for managing patient interactions, learn from healthcare brands that excel on social media despite regulatory constraints, and uncover the key steps to safeguard patient data.

  • Are you curious about how to craft content without violating HIPAA? 
  • Which tools can help you monitor and manage compliance effectively?
  • What are some common HIPAA violations on social media?


Dive into the article for practical tips and inspiring examples that will elevate your healthcare social media strategy.
 

Laura Porcincula (she/her)

9 replies

S
Rank
Userlevel 3
Badge +1

Did y’all see the Modern Healthcare article about how the federal court is siding with the AHA on the HHS tracking guidance? https://www.modernhealthcare.com/digital-health/hhs-rule-third-party-tracking-aha-suit

Does your organization use a third-party middleware software? 

Laura Porcincula
Rank
Userlevel 7
Badge +3

Hi @Sarah Davidson, yes we have been following the news in this thread:

 

Laura Porcincula (she/her)
C
Rank
Userlevel 2
Badge

We’ve gone about this in two ways, being very vague (referencing them as a Patient only and only giving highlights of their story) or having them sign a media waiver. We’ve found that a lot of our patients that have inspiring stories love the opportunity to give other people hope so they sign the waiver form. But if they don’t specifically want to be shown/mentioned, we’ve just used quotes from them without referencing who they are or why they’re there. It’s worked pretty well. 

We’ve also had doctors or nurses talk about their inspiring patients, that way no one is referenced but we still get the message out. But wrangling a doctor or a nurse is sometimes really difficult lol! 

D
Rank
Userlevel 1

Wondering if anyone has had discussions specifically about HIPAA concerns related to patient education events or opportunities that you are using Facebook events to promote? Since these are often about specific conditions, diseases or health topics I’ve had some questions about patient identification via Facebook events in particular. How do you address? Are you still using Facebook events for disease-specific patient education events, but turning off the toggle in event settings to “show guest list” in order to avoid this concern?

S
Rank
Userlevel 3
Badge +1

@Laura Porcincula I’m late to the game, saw Kevin already posted this! 

 

@chandler.pacheco - agreed. Never refer to someone as a patient. And as cumbersome as it is, always have a signed consent waiver for social spotlights - even if it’s for community members, staff, etc. 

 

@danielle.thompson - If it’s a health-tip event for patients (e.g. ortho seminar or weight loss seminar) or it’s a meet-up/class for former patients (NICU reunion, stroke survivors support group, breastfeeding class), I would NOT use Facebook events as a way to gauge interest or collect RSVPs since people can see who’s attending. However, if it’s an access expansion or something community related that is NOT health related, e.g. a ribbon cutting or a CPR first aid training - that is fair game. 

It’s fine to do posts on these, but I’d just lean on the side of caution before doing an event where people can see that their friends or connections are attending or marked interested… 

C
Rank
Userlevel 2
Badge

@Sarah Davidson you can hide the guest list from the public on FB events. still could be a useful tool for things like breast feeding classes and support groups. And it is a great way for those attendees to share with others who may be looking for a resource like that. 

Also we tend to call patients, patients only when we are not sharing identifying information or pictures. Makes for great copy testimonials when showing off a department. 

S
Rank
Userlevel 3
Badge +1

@chandler.pacheco didn’t know you could hide a guest list. Will friends still get notified that “Jane Doe is attending [xyz event]” ….or I’m assuming it hides it from everyone’s notifications too?

C
Rank
Userlevel 2
Badge

@Sarah Davidson it hides notifications as well unless they publish it. Then that’s on them legally. We tested it out with one of our job fairs just to make sure that is how it worked it did! 

S
Rank
Userlevel 3
Badge +1

Cool, good to know! Learn something new every day! 

Reply


The Arboretum Terms of UseCookie settings