Social media, like any information technology, can afford healthcare organizations some amazing capabilities, as well as make them vulnerable to potential hazards. As with any clinical information system, like an EHR or CPOE, or anything really, detailed protocols should be mapped out before users start using the system. This goes for social media too. It’s hard not to feel like you’re behind the curve if your practice or hospital has no social media presence yet, but cutting corners to get a few social media profiles up could be potentially disasterous if not done properly.
At MGMA this year, Marion Jenkins, Ph.D., CEO, QSE Technologies Inc., and adjunct faculty, healthcare IT, University of Denver, detailed the potential risks and vulnerabilities of social media outlets used in healthcare. He described each social mediay outlet can be “like a door or a window” for exposing your organization. Not only is broadband internet an employee time and company resource waster, he said, its one of the major ways that outside threats can be allowed in. Through peer-to-peer apps, email- hoaxes (i.e. virus warnings, etc.), SPAM, Trojans, key loggers, spyware, root kits, denial of service attacks, and phishing hackers can penetrate an organization’s server.
Jenkins said that American Medical Association’s social media policy is a good starting point for organizations to develop clear guidelines from. In general, he says, there should be recognition that internet privacy is not a given and standards for patient privacy/confidentiality. Governing principles should be created to keep patient‐identifiable information from being revealed; maintain physician/patient boundaries online; and keep personal and professional content separate. He also said that healthcare organizations should realize that the biggest risks are internal business office and clinical staff doing their normal jobs, and recommended developing and implementing an employee “acceptable use policy” that covers social media with consultation with legal, human resources, and information technology. New HIPAA security rules should also be reviewed.
However, social media can be a tool for positive exposure and to penetrate new markets. There are a ton of legitimate uses for social media like to send appointment reminders/cancellations/wait lists; solicit participation for clinical trials and blood drives; distribute patient information forms, corporate announcements, and general patient education.
Dana Lewis, interactive marketing specialist/blog administrator, Swedish Medical Center, a multi-facility health system based in Seattle, Wash., said at a recent social media conference in November that social media is a great way to engage with patients and advance clinical initiatives. She recommended having internal policies in place in addition to tools, trainings, and resources, as well as being clear with your communities regarding commenting/posting. She also noted that social media is not a “one size does not fits all” strategy and organizations need to figure out what works because not everything does. Her organization uses its Facebook page and blog to post informational videos about surgeries, community news, and other relevant news. What both Jenkins and Lewis both urge health practitioners to do is Google themselves and their organizations regularly, and make sure individuals understand their privacy settings and what they choose to share online.