A few basic initiatives that office managers can do to reduce the likelihood of unethical, or illegal, information sharing include sensitizing staff on how even seemingly innocent information sharing can turn into a serious privacy or confidentiality breach, and also creating an overall attitude of caution and discretion publishing in any health related information in any form. Obviously, related information shared with medical or technical consultants involved in the patient’s care is perfectly acceptable.
It is critical for clinics and practices to set strict policies on social networking and data sharing. These policies include smart phones in the office and anything that can be transmitted through social networking. It’s imperative your employees realize that posting or responding via social media can be an act of a confidentiality breach and your practice and them may be sued for those actions or comments. Instead of commenting back, it is encouraged that your practice or practice employees handle discretions in a private manor, offline.
Something that office practices can consider doing, is tasking an individual who is designated and knowledgeable about HIPAA compliance. It’d be a good idea to give them occasional staff training on privacy and confidentiality issues and on developing formal policies about the use of social networking at work that way you have somewhat a professional in that area.
To get more information on how to carefully utilize social media and other online avenues for relaying information you can go to the February 2014 issue of EyeWorld.