Medical Records Privacy and HIPAA Legislation: What you need to know

You're reading Medical Records Privacy and HIPAA Legislation: What you need to know, originally posted on Pick the Brain | Motivation and Self Improvement. If you're enjoying this, please visit our site for more inspirational articles.

The importance of HIPAA in the age of social media due to the fact that, when it was enacted, it was several years before social media networks such as Facebook were launched.

As a result specific there were no HIPAA social media rules were in place to govern them. However, there are HIPAA laws and standards that were applicable apply to social media use by healthcare organizations and their employees in a general sense. Healthcare organizations must therefore put in place a HIPAA social media policy to reduce the risk of privacy violations.

Note: get a full rundown of what HIPAA is here.

The first rule that is important when it comes to using social media in healthcare is to never disclose protected health information via social media channels. The second important rule is to never share protected health information via social media.

The HIPAA Privacy Rule outlaws the use of PHI on social media networks. That includes any text about particular patients as well as images or videos that could result in a patient being recognized. PHI can only be included in social media posts if a patient has given their authorization, in writing, to allow their PHI to be used and then only for the purpose specifically referred to on the consent form.

Social media channels can be implemented for posting health tips, details of events, new medical research, biographies of staff, and for marketing messages, provided no PHI is included in the posts.

In 2017, 71% of all Internet users used social media websites. The reach of social media networks combined with the simplicity of sharing information means HIPAA training should include the use of social media. If employees are not specifically guided on HIPAA social media rules it is highly likely that breaches will occur.

Guidance on HIPAA should be provided before an employee begins working for the company or as soon as is possible after an appointment. Refresher training should also be conducted at least once a year to ensure HIPAA social media rules are not disregarded.

In most instances, the HIPAA violations on social media lead to eventual in disciplinary action against the employees concerned, there were many terminations for violations of patient privacy, and in some cases, the violations resulted in criminal charges. A nursing assistant who posted a video of a patient in underwear on Snapchat was fired and spent 30 days in jail. It is not only employees that can be punished for violating HIPAA Rules. There are also severe penalties for HIPAA violations for healthcare outfits as well.

The Department of Health and Human Services’ Office for Civil Rights has published guidance on HIPAA social media regulations for the general public, covering the specific aspects of HIPAA that apply to social media networks. A HIPAA compliance checklist for social media can be seen on the HHS website.

You've read Medical Records Privacy and HIPAA Legislation: What you need to know, originally posted on Pick the Brain | Motivation and Self Improvement. If you've enjoyed this, please visit our site for more inspirational articles.