Social Media Compliancefor Healthcare Professionals Presented by: Asha Kamath, Joanna Wolfe & Srini Kolathur              ...
Webinar ObjectivesUnderstand social media security andcompliance challenges and how to effectivelyuse social media while c...
Who are we …EHR 2.0 Mission: To assist healthcareorganizations develop and implementpractices to secure IT systems and com...
Glossary1.   PHI: Protected Health Information2.   HIPAA: Health Insurance Portability and Accountability     Act3.   HITE...
Trends in Healthcare IT        Informatics   Collaboration         Mobile           EHR        Computing         HIE      ...
US Hospitals on Social Media    1,300+ Hospitals                                     6000 + Hospitals    575 YouTube Cha...
Handheld Usage in Healthcare• 25% usage with providers• Another 21% expected to use• 38% physicians use medical  apps• 70%...
EMR and EHR systems                      8
Health Information Exchange (HIE)                                    9
What is social media?                                      NetworkUser-created video,audio, text ormultimedia that are   P...
What does Social Media Mean inHealthcare?Onlinetechnologies and                        Consumerspractices thathealthcare  ...
Benefits to Patients    Allows patients to share information, personal     experiences, and to socialize.     Examples: R...
Benefits to Healthcare Providers   Instantaneous communication to entire class    of patients in emergency situations, su...
Learn from other providers   Live procedures   Train medical personnel   Reach main stream media   Communicate during ...
Your Job is Important … Five California nurses were terminated after it was discovered that they were discussing patient c...
Your Job is Important Cont.     A Minnesota nursing home employee was    fired after rumors spread that she had posted   ...
The American Recovery andReinvestment Act of 2009 and HITECH                                      17
HITECH Modifications to HIPAA   Creating incentives for developing a meaningful use of    electronic health records   Ch...
Why do you need to care about socialmedia compliance?   Federal Mandate   Penalties(CMP) for non-compliance   Reputatio...
HIPAA Titles - Overview                          20
HIPAA Security Rule                      21
Information Security Model                   Confidentiality                   Limiting information access and            ...
PHI         Health      Information      Individually      Identifiable         Health      Information          PHI      ...
ePHI – 18 Elements                 Elements                                             ExamplesName                      ...
ViolationsWhat is a HIPAA violation on social media? Disclosures made on social media concerning a patient’s PHI without t...
Scenarios   A patient attempts to “friend” an attending    physician on Facebook …   A nurse posts pictures of a baby wh...
Compliance Best Practices   Social media do’s and don’ts filter(checklist)   Strong social media policy and guidelines ...
Top 5 Recommendations1.   Be cognizant of patient privacy, confidentiality     and individually identifiable information2....
Suggested Tweeters to Follow New England Journal of Medicine @NJME Journal of the American Medical Association @JAMA Am...
Where do you start?Identify Social Media Objectives &Strategy   Develop a Social Media Program   -Training, policies, pilo...
Key Takeaways   Don’t allow HIPAA anxiety to keep you from    embracing social media   Limit liabilities with clear poli...
References   Mayo Clinic   AMA Social Media Policy   Mount Sinai Medical Center SM Policy   WU School of Medicine     ...
Next Steps   Training Package       Sample social media compliance polices       Best practices checklist       4-hour...
Questions?E-mail: info@ehr20.com  Call: 802-448-2255                         34
Thank you!!              35
Upcoming SlideShare
Loading in …5
×

Social Media Compliance for Healthcare Professionals

2,159 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,159
On SlideShare
0
From Embeds
0
Number of Embeds
107
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Social Media Compliance for Healthcare Professionals

  1. 1. Social Media Compliancefor Healthcare Professionals Presented by: Asha Kamath, Joanna Wolfe & Srini Kolathur 1
  2. 2. Webinar ObjectivesUnderstand social media security andcompliance challenges and how to effectivelyuse social media while complying with HIPAAregulatory requirements. E-mail: info@ehr20.com 2
  3. 3. Who are we …EHR 2.0 Mission: To assist healthcareorganizations develop and implementpractices to secure IT systems and complywith HIPAA/HITECH regulations. Education(Training, Webinar & Workshops) Consulting Services Toolkit(Tools, Best Practices & Checklist)Goal: To make compliance an enjoyable and painlessexperience, while building capability and confidence.
  4. 4. Glossary1. PHI: Protected Health Information2. HIPAA: Health Insurance Portability and Accountability Act3. HITECH: Health Information Technology for Economic and Clinical Health Act4. HIE: Health Information Exchange5. RSS: Real Simple Syndication6. HHS, OCR and SAG 4
  5. 5. Trends in Healthcare IT Informatics Collaboration Mobile EHR Computing HIE 5
  6. 6. US Hospitals on Social Media 1,300+ Hospitals 6000 + Hospitals 575 YouTube Channels 1068 Facebook pages 814 Twitter Accounts 1300+ Hospitals 566 LinkedIn Accounts 946 Four Square 149 Blogs 6 Ref: http://ebennett.org/hsnl/
  7. 7. Handheld Usage in Healthcare• 25% usage with providers• Another 21% expected to use• 38% physicians use medical apps• 70% think it is a high priority• 1/3 use hand-held for accessing EMR/EHR 7compTIA 2011 Survey
  8. 8. EMR and EHR systems 8
  9. 9. Health Information Exchange (HIE) 9
  10. 10. What is social media? NetworkUser-created video,audio, text ormultimedia that are Publish Microblogpublished andshared in a socialenvironment, such as ablog, podcast, forum, Share Discusswiki or video hostingsite.Any technology that lets people publish, 10converse and share content online.
  11. 11. What does Social Media Mean inHealthcare?Onlinetechnologies and Consumerspractices thathealthcare Regulators Health Coachesprofessionals and Wellness Disease Mgmt.patients use to Clinical Trialshare opinions, Recruitment PHRinsights, Nurses Training Physiciansexperiences, and Treatment & Much moreperspectives witheach other Clinical Allied health Investigators pros. 11
  12. 12. Benefits to Patients  Allows patients to share information, personal experiences, and to socialize. Examples: Revolution Health, Organized Wisdom, and Patients Like Me.  Allows increased connection with other people suffering from the same illness or condition  Empowers patients to take control of health care decisions 12
  13. 13. Benefits to Healthcare Providers Instantaneous communication to entire class of patients in emergency situations, such as a drug recall or preventing scams To attract new clients and patients Improved results because of better informed patients Increased productivity due to patient knowledge More patient/provider interaction 13
  14. 14. Learn from other providers Live procedures Train medical personnel Reach main stream media Communicate during crises Accurate information to patients 14
  15. 15. Your Job is Important … Five California nurses were terminated after it was discovered that they were discussing patient cases on Facebook. The situation was investigated for weeks by both the nurses employer, Tri City Medical Center in San Diego, and the California Department of Health before the nurses were fired for allegedly violating privacy laws. 15
  16. 16. Your Job is Important Cont. A Minnesota nursing home employee was fired after rumors spread that she had posted photos of herself with nude patients on her Facebook page. Though no nude pictures were found, the employee did have pictures of herself with clothed patients, which violated the homes privacy policy and led to her termination. 16
  17. 17. The American Recovery andReinvestment Act of 2009 and HITECH 17
  18. 18. HITECH Modifications to HIPAA Creating incentives for developing a meaningful use of electronic health records Changing the liability and responsibilities of Business Associates Redefining what a breach is Creating stricter notification standards Tightening enforcement Raising the penalties for a violation Creating new code and transaction sets (HIPAA 5010, ICD10) 18
  19. 19. Why do you need to care about socialmedia compliance? Federal Mandate Penalties(CMP) for non-compliance Reputation risk Business risk Pervasive social media 19
  20. 20. HIPAA Titles - Overview 20
  21. 21. HIPAA Security Rule 21
  22. 22. Information Security Model Confidentiality Limiting information access and disclosure to authorized users (the right people) Integrity Trustworthiness of information resources (no inappropriate changes) Availability Availability of information resources (at the right time) 22
  23. 23. PHI Health Information Individually Identifiable Health Information PHI 23
  24. 24. ePHI – 18 Elements Elements ExamplesName Max Bialystock 1355 Seasonal LaneAddress (all geographic subdivisions smaller than state, including street address, city, county, or ZIP code)Dates related to an individual Birth, death, admission, discharge 212 555 1234, home, office, mobile etc.,Telephone numbers 212 555 1234Fax numberEmail address LeonT@Hotmail.com, personal, officialSocial Security number 239-68-9807Medical record number 189-88876Health plan beneficiary number 123-ir-2222-98Account number 333389Certificate/license number 3908763 NYAny vehicle or other device serial number SZV4016Device identifiers or serial numbers Unique Medical DevicesWeb URL www.rickymartin.comInternet Protocol (IP) address numbers 19.180.240.15Finger or voice prints finger.jpgPhotographic images mypicture.jpgAny other characteristic that could uniquely 24identify the individual
  25. 25. ViolationsWhat is a HIPAA violation on social media? Disclosures made on social media concerning a patient’s PHI without that patient’s authorization is considered a HIPAA violation. 25
  26. 26. Scenarios A patient attempts to “friend” an attending physician on Facebook … A nurse posts pictures of a baby who was just discharged from her service, expressing joy, best wishes to the family, and congratulating everyone involved in this excellent patient outcome … A lab technician blogs that the laboratory equipment he is using should have been replaced years ago and is unreliable … 26
  27. 27. Compliance Best Practices Social media do’s and don’ts filter(checklist) Strong social media policy and guidelines Training employees on how to safely use social media and comply with HIPAA Web content filtering(Technology solutions) Social media monitoring 27
  28. 28. Top 5 Recommendations1. Be cognizant of patient privacy, confidentiality and individually identifiable information2. Do not discuss patient’s conditions3. Provide broader perspective on issues at hand4. Share information that promotes quality health care and up-to-date medical information5. Everything said online can be found and is available forever 28
  29. 29. Suggested Tweeters to Follow New England Journal of Medicine @NJME Journal of the American Medical Association @JAMA American Academy of Family Physicians @AAFP National Institutes of Health @NIHforHealth enters for Disease Control @CDCgov(Among many, many others including individual medical specialty organizations and journals) 29
  30. 30. Where do you start?Identify Social Media Objectives &Strategy Develop a Social Media Program -Training, policies, pilot Improve Quality of Care - Converse, Listen, Comply, Engage and Share Assess and Improve - Monitor, Evaluate and adjust 30
  31. 31. Key Takeaways Don’t allow HIPAA anxiety to keep you from embracing social media Limit liabilities with clear policies and procedures Social media compliance challenges are due to lack of training Monitor your social media platforms Social media will become more pervasive 31
  32. 32. References Mayo Clinic AMA Social Media Policy Mount Sinai Medical Center SM Policy WU School of Medicine 32 FDA Guidelines on SM
  33. 33. Next Steps Training Package  Sample social media compliance polices  Best practices checklist  4-hour training ehr20.com/services Next Live Webinars:  Meaningful Use Security Risk Analysis (4/18/2012)  Business Associate Assessment (4/25/2012) Sign-up at ehr20.com/webinars 33
  34. 34. Questions?E-mail: info@ehr20.com Call: 802-448-2255 34
  35. 35. Thank you!! 35

×