That’s fine if you’re a reality TV star or other self-promoting celebrity. After all, Kanye West’s gal-pal doesn’t have to worry about HIPAA or other privacy laws. But for doctors, oversharing on social media — even when it’s unintentional — can lead to serious problems.
That doesn’t mean you should avoid the medium altogether — in these socially driven times, that simply isn’t an option — but rather approach it in a way that protects both patient privacy and your professional reputation. Here’s how:
Remove identifying information
Whether it’s posting Before & After photos or discussing a case with your peers, even small details — a patient’s ID in a file name (JaneDoe.jpg) or a casual reference to non-medical matters — can be used to determine identity. And thanks to the viral nature of social media that information can spread far beyond its intended audience.
“Using social media is like riding a hospital elevator,” Bradley H. Crotty, M.D., recently told ModernMedicine.com. “There’s no control over who hears the information you might share with another physician, or its context.” If you take reasonable steps to protect your patients’ identity, there’s no problem; if that’s not possible, take the “conversation” offline.
Get comprehensive patient consent
Social media blurs what was once a fairly straightforward process: the ability to document patient care and share it, as appropriate, to further that care. Increasingly, however, that information is being shared in blog posts and Facebook updates, which moves the needle more toward marketing and promotion. Even without identifying information, many patients would rather not find themselves being showcased in such ways.
The solution is to use a “commercial consent” form in which patients agree to allow the use of photos, reviews and other information for any type of commercial use, including dissemination on social media sites.
Manage your staff
You could block staff access to social media sites but doing so cuts you off from the conversation people are already having about cosmetic surgery and, quite possibly, your practice. At the same time, the proliferation of Web-enabled smartphones means you really can’t block access entirely.
Instead, have a policiy in place that explains HIPAA, details what constitutes protected patient information and sets enforceable standards on the appropriate use of social media for personal and practice-related matters.
Establish dual citizenship
Mixing business and pleasure is rarely a good idea and that’s as true in social media as it is in life. Some doctors, for example, feel okay accepting friend requests on Facebook but doing so also increases the likelihood that anything you discuss will be seen by strangers.
To avoid that situation, consider establishing dual online profiles: one for yourself and one for your practice. Check the privacy settings for whatever social networks you use; limit access to the former to friends, family and professional peers, and encourage appropriate interaction on the latter. You can also use Friend Lists on Facebook or Circles on Google+ to interact with selective audiences but both increase the likelihood of inadvertent posts to unintended audiences.
Develop a two-pronged strategy
Like business and pleasure, protecting patient privacy while also promoting your practice may not seem like a natural fit but they can be viewed as complementary missions that benefit all concerned. Follow the above steps to ensure your social-media efforts are HIPAA-compliant and you’ll not only avoid violations that can devastate your online reputation, you’ll also engender trust among patients. That trust increases the odds that patients will give their consent for photos, reviews, etc., which, in turn, can be key selling points as you promote and protect your brand.