If you use patient photos on your practice website, you already know they’re a great way to showcase your work, encourage visitors to explore further and, hopefully, generate new business.
Unfortunately, they can also generate serious legal consequences for doctors who don’t take the appropriate steps to safeguard the privacy of the people in them. And while a picture may, indeed, be worth a thousand words, you don’t want those words to be contained in a lawsuit.
Consider the case of Dr. Michele Koo of St. Louis, who found herself named in just such a suit after several patients discovered they could be identified through before & after photos posted on her website. According to the St. Louis Post-Dispatch, the patients gave consent to have their photos posted with the understanding that their names would remain confidential.
And the fact is that the photos didn’t include their names — but the digital file information used to catalogue each photo did. That, in turn, made the names readily available to anyone who visited Koo’s website, came across the photos during an image search or simply typed in a person’s name in a search engine and got blended results (i.e., photos, videos as well as links) in return.
The case offers a cautionary tale for any aesthetic professional who uses patient photos as a promotional tool. In fact, according to a recent poll conducted by Cosmetic Surgery Times, 58% of respondents said they ensure the security of patients’ identities for before & after photos on their website. The rest were split between those who didn’t post images online (35%), those that didn’t ensure security (4%) and those that didn’t ensure security but planned to in the near future (4%).
Here at RealSelf, we believe the 58% are on the right track. Every day, thousands of aesthetic consumers visit the site, clicking on before & after photos to get a visual sense of what to expect from the procedures they’re considering. Doctors who don’t post patient images miss out on a valuable opportunity to connect with the very consumers they seek to attract.
In the meantime, it’s worth noting that Koo’s lawyer argues that her web vendor, MedNet Technologies, bears responsibility for the breach, a contention the company disputes. The matter will ultimately be decided by the court but suffice it to say that a couple of keystrokes before posting could have spared everyone the trouble.
Likewise, doctors who want to reach potential consumers without violating their existing patient’s confidentiality need to understand the intricacies of patient consent in the Internet age and think before they post.
1. Make sure images contain no Personally Identifiable Information (PII)
Even though file names on the web are typically not published on the web page, they may still be searchable or downloadable from the website via file names or embedded info. To prevent problems, avoid identifiable file names (e.g., janedoe.jpg), opting for anonymity-protecting ones (e.g., facelift_patient1.jpg) instead. When highlighting body procedures, leave faces out of the frame and when using blogging platforms, such as WordPress, remove the link to the photo entirely.
2. Get consent before you click — and be clear about usage
If your consent forms state that photos may be used to document patient care, they do NOT authorize their use for other purposes, such as teaching, publicity or marketing. Instead, have patients sign a “commercial consent” form, which gives permission for any type of commercial use versus restricting it to specific location or mediums.
3. Understand the way the web works
As the web becomes more open, so, too, does the importance of obtaining the broad commercial consent noted above. Between improvements in image searching and the proliferation of blogs and social networks, millions of images are no longer tethered to their original locations. However, if you take the steps to maintain patient privacy from the start, read the photography guidelines on RealSelf and consult with your legal counsel before posting, the results will speak for themselves.