SlideShare a Scribd company logo

Bianca_Cirimele_Whitepaper_HIPAA_Reputation_Management

Download as DOC, PDF
Bianca Schroeder
Bianca Schroeder

The document discusses the issues that medical practices face with patient reviews on public websites due to privacy laws. It notes that while the law protects a patient's right to post reviews, laws like HIPAA greatly restrict a practice's ability to respond without risking privacy violations. This creates problems for practices to address defamatory reviews. The document proposes notifying website users of these legal restrictions on medical practices and encouraging alternative feedback channels. It also advocates for long-term legal solutions to better balance patient and practice rights regarding online reviews.

1 of 6
Review Websites: Doctor Defamation & Patient Privacy A White Paper May 4, 2015 Background Social media provides an outlet for patient feedback, which can be used to inform and improve future practices like never before. However, today’s "share" culture is putting medical practices in legal danger. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established rules to protect the privacy and security of individually identifiable health information. HIPAA Privacy Rules set national standards in the U.S. for maintaining the confidentiality of protected health information. Accordingly, organizations and individuals were required to implement safeguards when working with covered information. Failure to comply with HIPAA regulations can result in civil and criminal penalties. These penalties can apply to both organizations and individuals. Additionally, organizations can take disciplinary actions against responsible employees when a violation occurs. HIPAA results in a monstrous issue for covered practitioners when faced with feedback on public forum sites such as “Yelp”. A practitioner who responds to reviews online could be slapped with violation of HIPAA and state privacy laws because by responding to a patient in an online forum arguably discloses a patient relationship. In 1996, Congress also passed the Communications Decency Act (CDA), providing public forum sites that handle reviews protection from legal action. These sites can allow third parties to post information and the site is not held liable for that content. Yelp’s terms and conditions take full advantage of the CDA, disclaiming liability for user content on their site. Fighting any negative online reviews in court has, in a way, become a futile exercise. In 2011, a California practitioner who sued the parents of a patient, alleging that a negative review they posted on Yelp defamed her, was ordered to pay the parents and Yelp $80,000 in attorneys' fees and litigation costs. The court ordered the practitioner to pay these fees because California has an anti-SLAPP (Strategic Lawsuit Against Public Participation) statute. The law clearly favors the patient over the practitioner. Online review sites such as Yelp offer no relief for businesses faced with strict industry regulations. Yelp does not arbitrate disputes and argues that businesses should post public comments to reviewers. This clause is devastating for businesses whose reply may constitute acknowledgement of a patient relationship and therefore a privacy violation. 5/4/2015 Page 1
Yelp’s policy on flagging reviews from users who were never actually a patient recommends a remedy that can lead to illegally exposing patient relationships to Yelp’s flag removal case moderators. Businesses that cannot offer contact lists without violating patient confidentiality are rendered unable to provide evidence, which could lead to the removal of a fake review. Abstract Federal and state law supports a patient's right to post about a medical practice on public, online forums, and there is little practitioners can do to prevent patients from posting negative reviews. Additionally, industry specific regulations make it nearly impossible for HIPAA covered practitioners to respond to public face threats that result from negative online feedback. Terms and conditions on review websites offer no recourse for businesses with strict regulations, thereby rendering them helpless against potentially fraudulent and defaming reviews. This paper seeks to shed light on a grave reputation management problem facing medical practitioners and offer prescriptive remedies. Problem Statement Some businesses are regulated more heavily than others, including regulations that affect how they manage their online reputation. These regulations apply to the businesses themselves and not consumers. This is the case with medical practices, which are accountable to federal and state laws regarding patient privacy and identifiable health information. As a result, these kinds of businesses can continue to be listed on sites like Yelp so that consumers can find and share information about them. In most cases, regulated businesses can interact with consumers on Yelp in the same way that any other business can (e.g., sending private messages to reviewers or posting public responses which don't betray private information about the reviewer). Unfortunately, this is not the case with medical practices where responding to a patient in an online forum arguably discloses a patient relationship. This creates a situation where practitioners cannot legally respond to reviewers who are defaming them and causing losses to their reputation and bottom line. This forces reputation managers for medical practices to limit review replies to overly generic, boilerplate communications, which can be perceived as cold and uncaring by an under-informed public. For example, medical practitioners or their representatives might state that they are always saddened when their patient experience did not exceed expectations. To avoid establishing a patient relationship, they must completely avoid any mention of the reviewer’s personal, patient experience or any issues that they have brought up in the review copy. Such impersonal language may further damage the perception of the practice and cause other users to perceive them as lacking concern for their patients on a relational level. This is assuming that the review was written by a person who actually had a personal consumer experience with the practice and is not an angry ex-employee or an industry competitor. Sites like Yelp falsely contend that their review flagging protocols can remedy infirmities concerning fake reviews, however they fail to account for concerns such as HIPAA violations. Yelp’s policy on flagging reviews from users who were never actually a customer or patient prescribes, “Yelpers are not allowed to post reviews if they didn't have a consumer experience with the business (e.g., buying something, calling to inquire about pricing, etc.). If you see a questionable review, please flag it. Please note that our moderators will only remove a review if 5/4/2015 Page 2
the consumer doesn't describe a consumer experience. It usually isn't enough to say that you don't recognize the reviewer as a real customer, so please let us know if you have specific evidence about who wrote the review.” The language here implies that businesses are expected to provide evidence that a reviewer did not interact with their business. Proving that a person had no interaction with a business might entail providing evidence such as call logs, contact lists, payment receipts and other exhaustive lists with no sign of the reviewer’s name or other contact information. This is assuming that the reviewer in question used their real name on their Yelp profile and that identifiable information such as an e-mail address or phone number are even available. Businesses that cannot offer contact lists or other supporting documents without violating patient confidentiality are rendered unable to provide evidence, which could lead to the removal of a fake review. Accordingly, Yelp’s policy leaves covered medical practices with the choice of being defamed or risking a violation of federal and state privacy laws. Yelp’s unfair treatment of covered medical businesses is both unfair and highly unethical. Proposed Solution New measures must be taken to increase public awareness of the limitations faced by medical businesses on review websites. Awareness alone will not resolve inadequacies in legal protections available to covered medical businesses. However, increased transparency and public awareness is a step in the right direction. Introduction of Solution Public review sites must take steps to notify users of the legal limitations faced by businesses that are held accountable to federal and state laws concerning patient privacy and identifiable health information. Business representatives who claim business profiles on review sites should be asked if they are held accountable to federal and state privacy laws such as HIPAA. If the page owner confirms that they are a covered organization, a notice should be clearly posted on their business profile for all users to see. Recommended notification messaging points might include the following: • NOTE: This business is legally responsible for adhering to federal and state privacy laws [HYPERLINK TO A PAGE WITH LINKS TO RELEVANT FEDERAL AND STATE PRIVACY LAWS], which restrict their ability to publicly and personally respond to reviewers. Users are encouraged to contact the business in person, by phone, or private message before posting a review. WARNING: You are legally liable for the information contained in your review. • NOTE: Medical information is private and is subject to legal restrictions [HYPERLINK TO A PAGE WITH LINKS TO RELEVANT FEDERAL AND STATE PRIVACY LAWS], for both patient and practitioner. Users are encouraged to contact this business in person, by phone, or private message before posting a review. CAUTION: You are legally liable for the information contained in your review. 5/4/2015 Page 3
Application of Solution Notification of the privacy limitations placed on practitioners will enlighten business page viewers as to the reasons behind public replies that would have otherwise been considered to be cold or impersonal. Additionally, recommending alternative feedback channels will encourage reviewers to communicate with businesses in a way that allows for greater protection of privacy and quicker resolution. Alerting users to the private nature of medical information and of their liability for the information contained in their review is intended to dissuade fake reviewers or competitors from posting defamatory reviews. While public notification alone is not a sufficient, long-term remedy to the unfair treatment of medical businesses in online forums, it is a necessary interim strategy as stakeholders await legislative action to balances the scales. Long-Term Focus Long-term solutions should focus on providing legal protections for medical businesses and practitioners. Legal provisions should treat releases of protected patient information equally, regardless of the releasing party. Accordingly, private information is entirely kept private unless the patient clearly and publicly acknowledges a personal consumer experience with a covered medical business. Legal remedies should increase the liability of patients providing information that can be perceived as acknowledging a patient relationship. If a reviewer clearly and publicly identifies himself or herself as a patient, the law should treat this as a release of liability for the business to reply publicly on the review-hosting site. Future efforts should seek to identify remedies, which equally protect both patient and practitioner. Conclusion Online review websites create privacy issues for medical practitioners who cannot publicly acknowledge a patient relationship with reviewers on their business profiles. Accordingly, current federal and state privacy laws seriously limit a covered business’ ability to repair damage done to their online reputation by fake and real reviewers. Currently, terms and conditions of review websites such as Yelp offer no viable recourse options. While business owners wait for legislative protections to catch up with technology, public notification on review sites can offer some interim assistance. Long-term focus should be dedicated to updating outdated legal precedents, which could not have anticipated such protectoral deficiencies in situations arising from then non- existent technologies. 5/4/2015 Page 4
Appendices Appendix A – Author Bianca Cirimele, BA, MA Appendix B – References 1. Can I report a review if I don't think it was posted by a real customer? (n.d.). Retrieved May 4, 2015, from http://www.yelp-support.com/article/Can-I-report-a- review-if-I-dont-think-it-was-posted-by-a-real-customer?l=en_US 2. Dentists can use online forums such as Yelp to their advantage. (2014, January 13). Retrieved May 4, 2015, from http://www.cda.org/news-events/dentists-can- use-online-forums-such-as-yelp-to-their-advantage 3. Yelp for Business Owners. (n.d.). Retrieved May 4, 2015, from https://biz.yelp.com/support/common_questions 5/4/2015 Page 5
Appendices Appendix A – Author Bianca Cirimele, BA, MA Appendix B – References 1. Can I report a review if I don't think it was posted by a real customer? (n.d.). Retrieved May 4, 2015, from http://www.yelp-support.com/article/Can-I-report-a- review-if-I-dont-think-it-was-posted-by-a-real-customer?l=en_US 2. Dentists can use online forums such as Yelp to their advantage. (2014, January 13). Retrieved May 4, 2015, from http://www.cda.org/news-events/dentists-can- use-online-forums-such-as-yelp-to-their-advantage 3. Yelp for Business Owners. (n.d.). Retrieved May 4, 2015, from https://biz.yelp.com/support/common_questions 5/4/2015 Page 5

Recommended

Deal with (LACK) of Regulations, Develop Best Practices
Deal with (LACK) of Regulations, Develop Best PracticesDeal with (LACK) of Regulations, Develop Best Practices
Deal with (LACK) of Regulations, Develop Best Practices
Pharma Guy
 
Indest, Health Law, 25_hlr_507
Indest, Health Law, 25_hlr_507Indest, Health Law, 25_hlr_507
Indest, Health Law, 25_hlr_507
Miles Indest
 
Persuasion
PersuasionPersuasion
Persuasion
Jason Kegerreis
 
Protecting yourself and others
Protecting yourself and othersProtecting yourself and others
Protecting yourself and others
satart1944
 
Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants: Communique summer09Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants
 
Employers and Social Media: You Love to Love It & Love to Hate It
Employers and Social Media: You Love to Love It & Love to Hate ItEmployers and Social Media: You Love to Love It & Love to Hate It
Employers and Social Media: You Love to Love It & Love to Hate It
Janine Anthony Bowen, Esq.
 
What You Should Know About Your Credit Report
What You Should Know About Your Credit ReportWhat You Should Know About Your Credit Report
What You Should Know About Your Credit Report
- Mark - Fullbright
 
eMarketing Techniques Conference_Email Lists For Prospecting
eMarketing Techniques Conference_Email Lists For ProspectingeMarketing Techniques Conference_Email Lists For Prospecting
eMarketing Techniques Conference_Email Lists For Prospecting
Corporate College
 

Recommended

Deal with (LACK) of Regulations, Develop Best Practices
Deal with (LACK) of Regulations, Develop Best PracticesDeal with (LACK) of Regulations, Develop Best Practices
Deal with (LACK) of Regulations, Develop Best Practices
Pharma Guy
 
Indest, Health Law, 25_hlr_507
Indest, Health Law, 25_hlr_507Indest, Health Law, 25_hlr_507
Indest, Health Law, 25_hlr_507
Miles Indest
 
Persuasion
PersuasionPersuasion
Persuasion
Jason Kegerreis
 
Protecting yourself and others
Protecting yourself and othersProtecting yourself and others
Protecting yourself and others
satart1944
 
Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants: Communique summer09Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants: Communique summer09
Anesthesia Business Consultants
 
Employers and Social Media: You Love to Love It & Love to Hate It
Employers and Social Media: You Love to Love It & Love to Hate ItEmployers and Social Media: You Love to Love It & Love to Hate It
Employers and Social Media: You Love to Love It & Love to Hate It
Janine Anthony Bowen, Esq.
 
What You Should Know About Your Credit Report
What You Should Know About Your Credit ReportWhat You Should Know About Your Credit Report
What You Should Know About Your Credit Report
- Mark - Fullbright
 
eMarketing Techniques Conference_Email Lists For Prospecting
eMarketing Techniques Conference_Email Lists For ProspectingeMarketing Techniques Conference_Email Lists For Prospecting
eMarketing Techniques Conference_Email Lists For Prospecting
Corporate College
 
Projeto electrobeach - 2014
Projeto electrobeach - 2014Projeto electrobeach - 2014
Projeto electrobeach - 2014
Rodrigo Farias
 
Seen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendationsSeen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendations
Carlene Peterson-Cox
 
Twitter for Reporters
Twitter for ReportersTwitter for Reporters
Twitter for Reporters
Carlene Peterson-Cox
 
Social Metrics Presentation
Social Metrics Presentation Social Metrics Presentation
Social Metrics Presentation
Bianca Schroeder
 
Sundeep_Kumar- Management Consultant
Sundeep_Kumar- Management ConsultantSundeep_Kumar- Management Consultant
Sundeep_Kumar- Management Consultant
Sundeep Kumar
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power point
Doug Miller
 
2hourhealthcarefraud
2hourhealthcarefraud2hourhealthcarefraud
2hourhealthcarefraud
cccpfc
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
Compliance Global Inc
 
You are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docxYou are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docx
maryettamckinnel
 
Chapter 3: Ethics
Chapter 3: EthicsChapter 3: Ethics
Chapter 3: Ethics
HeatherSeghi
 
ASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcementASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcement
tom_cohn
 
The Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, NetworksThe Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, Networks
Affiliate Summit
 
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
BenitoSumpter862
 
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdfIn 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
bharatchawla141
 
Am Days
Am DaysAm Days
Am Days
tom_cohn
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
felicitytaft14745
 
Creating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With TeethCreating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With Teeth
Jim Radogna
 
Radogna
RadognaRadogna
Radogna
Jim Radogna
 
Chapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLeChapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLe
JinElias52
 
Business Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health PlanBusiness Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health Plan
- Mark - Fullbright
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
Atlantic Training, LLC.
 

More Related Content

Viewers also liked

Projeto electrobeach - 2014
Projeto electrobeach - 2014Projeto electrobeach - 2014
Projeto electrobeach - 2014
Rodrigo Farias
 
Seen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendationsSeen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendations
Carlene Peterson-Cox
 
Twitter for Reporters
Twitter for ReportersTwitter for Reporters
Twitter for Reporters
Carlene Peterson-Cox
 
Social Metrics Presentation
Social Metrics Presentation Social Metrics Presentation
Social Metrics Presentation
Bianca Schroeder
 
Sundeep_Kumar- Management Consultant
Sundeep_Kumar- Management ConsultantSundeep_Kumar- Management Consultant
Sundeep_Kumar- Management Consultant
Sundeep Kumar
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power point
Doug Miller
 

Viewers also liked (6)

Projeto electrobeach - 2014
Projeto electrobeach - 2014Projeto electrobeach - 2014
Projeto electrobeach - 2014
 
Seen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendationsSeen-on-Scene strategy, recommendations
Seen-on-Scene strategy, recommendations
 
Twitter for Reporters
Twitter for ReportersTwitter for Reporters
Twitter for Reporters
 
Social Metrics Presentation
Social Metrics Presentation Social Metrics Presentation
Social Metrics Presentation
 
Sundeep_Kumar- Management Consultant
Sundeep_Kumar- Management ConsultantSundeep_Kumar- Management Consultant
Sundeep_Kumar- Management Consultant
 
Confidentiality power point
Confidentiality power pointConfidentiality power point
Confidentiality power point
 

Similar to Bianca_Cirimele_Whitepaper_HIPAA_Reputation_Management

2hourhealthcarefraud
2hourhealthcarefraud2hourhealthcarefraud
2hourhealthcarefraud
cccpfc
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
Compliance Global Inc
 
You are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docxYou are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docx
maryettamckinnel
 
Chapter 3: Ethics
Chapter 3: EthicsChapter 3: Ethics
Chapter 3: Ethics
HeatherSeghi
 
ASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcementASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcement
tom_cohn
 
The Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, NetworksThe Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, Networks
Affiliate Summit
 
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
BenitoSumpter862
 
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdfIn 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
bharatchawla141
 
Am Days
Am DaysAm Days
Am Days
tom_cohn
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
felicitytaft14745
 
Creating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With TeethCreating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With Teeth
Jim Radogna
 
Radogna
RadognaRadogna
Radogna
Jim Radogna
 
Chapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLeChapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLe
JinElias52
 
Business Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health PlanBusiness Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health Plan
- Mark - Fullbright
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
Atlantic Training, LLC.
 
What are patients posting about you
What are patients posting about youWhat are patients posting about you
What are patients posting about you
daphne92
 
Urgent Care Billing Services, Revenue Cycle & EHR Services
Urgent Care Billing Services, Revenue Cycle & EHR ServicesUrgent Care Billing Services, Revenue Cycle & EHR Services
Urgent Care Billing Services, Revenue Cycle & EHR Services
everestar
 
Developing healthcare finance fraud (2)
Developing healthcare finance fraud (2)Developing healthcare finance fraud (2)
Developing healthcare finance fraud (2)
Modupe Sarratt
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2
Suzanne Guggenheim
 

Similar to Bianca_Cirimele_Whitepaper_HIPAA_Reputation_Management (20)

2hourhealthcarefraud
2hourhealthcarefraud2hourhealthcarefraud
2hourhealthcarefraud
 
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
HIPAA Rules for New Patient Attraction - Websites, Testimonials, Social Media...
 
You are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docxYou are a corporate compliance officer for a hospital.  You are al.docx
You are a corporate compliance officer for a hospital.  You are al.docx
 
Chapter 3: Ethics
Chapter 3: EthicsChapter 3: Ethics
Chapter 3: Ethics
 
ASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcementASE 2012 LR ftc enforcement
ASE 2012 LR ftc enforcement
 
The Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, NetworksThe Regulatory Landscape for Advertisers, Affiliates, Networks
The Regulatory Landscape for Advertisers, Affiliates, Networks
 
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate co.docx
 
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdfIn 2013, the Health Insurance Portability and Accountability Act (HI.pdf
In 2013, the Health Insurance Portability and Accountability Act (HI.pdf
 
Am Days
Am DaysAm Days
Am Days
 
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docxAssignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
Assignment 1 LASA 2— Corporate ComplianceYou are a corporate comp.docx
 
Creating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With TeethCreating a Dealership Social Media Policy With Teeth
Creating a Dealership Social Media Policy With Teeth
 
Radogna
RadognaRadogna
Radogna
 
Chapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLeChapter IntroductionDitty_about_summer Shutterstock.comLe
Chapter IntroductionDitty_about_summer Shutterstock.comLe
 
Business Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health PlanBusiness Medical Identity Theft faq Health Care Health Plan
Business Medical Identity Theft faq Health Care Health Plan
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
 
What are patients posting about you
What are patients posting about youWhat are patients posting about you
What are patients posting about you
 
Urgent Care Billing Services, Revenue Cycle & EHR Services
Urgent Care Billing Services, Revenue Cycle & EHR ServicesUrgent Care Billing Services, Revenue Cycle & EHR Services
Urgent Care Billing Services, Revenue Cycle & EHR Services
 
Developing healthcare finance fraud (2)
Developing healthcare finance fraud (2)Developing healthcare finance fraud (2)
Developing healthcare finance fraud (2)
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2
 

More from Bianca Schroeder

Bianca Schroeder Overview Portfolio
Bianca Schroeder Overview Portfolio Bianca Schroeder Overview Portfolio
Bianca Schroeder Overview Portfolio
Bianca Schroeder
 
Bianca Schroeder Training Portfolio
Bianca Schroeder Training PortfolioBianca Schroeder Training Portfolio
Bianca Schroeder Training Portfolio
Bianca Schroeder
 
Email drip campaign
Email drip campaignEmail drip campaign
Email drip campaign
Bianca Schroeder
 
Email marketing campaigns (ppt)
Email marketing campaigns (ppt)Email marketing campaigns (ppt)
Email marketing campaigns (ppt)
Bianca Schroeder
 
Extended family hope kit (print)
Extended family hope kit (print)Extended family hope kit (print)
Extended family hope kit (print)
Bianca Schroeder
 
Email marketing campaigns (ppt)
Email marketing campaigns (ppt)Email marketing campaigns (ppt)
Email marketing campaigns (ppt)
Bianca Schroeder
 
Persuasive speaking lecture
Persuasive speaking lecturePersuasive speaking lecture
Persuasive speaking lecture
Bianca Schroeder
 
Above it all secured coverage 11 16 to 7-17
Above it all secured coverage 11 16 to 7-17Above it all secured coverage 11 16 to 7-17
Above it all secured coverage 11 16 to 7-17
Bianca Schroeder
 
Communications Student Observation Questionnaires #2
Communications Student Observation Questionnaires #2Communications Student Observation Questionnaires #2
Communications Student Observation Questionnaires #2
Bianca Schroeder
 
Communications Student Observation Questionnaires #1
Communications Student Observation Questionnaires #1Communications Student Observation Questionnaires #1
Communications Student Observation Questionnaires #1
Bianca Schroeder
 
narrative
narrative narrative
narrative
Bianca Schroeder
 

More from Bianca Schroeder (11)

Bianca Schroeder Overview Portfolio
Bianca Schroeder Overview Portfolio Bianca Schroeder Overview Portfolio
Bianca Schroeder Overview Portfolio
 
Bianca Schroeder Training Portfolio
Bianca Schroeder Training PortfolioBianca Schroeder Training Portfolio
Bianca Schroeder Training Portfolio
 
Email drip campaign
Email drip campaignEmail drip campaign
Email drip campaign
 
Email marketing campaigns (ppt)
Email marketing campaigns (ppt)Email marketing campaigns (ppt)
Email marketing campaigns (ppt)
 
Extended family hope kit (print)
Extended family hope kit (print)Extended family hope kit (print)
Extended family hope kit (print)
 
Email marketing campaigns (ppt)
Email marketing campaigns (ppt)Email marketing campaigns (ppt)
Email marketing campaigns (ppt)
 
Persuasive speaking lecture
Persuasive speaking lecturePersuasive speaking lecture
Persuasive speaking lecture
 
Above it all secured coverage 11 16 to 7-17
Above it all secured coverage 11 16 to 7-17Above it all secured coverage 11 16 to 7-17
Above it all secured coverage 11 16 to 7-17
 
Communications Student Observation Questionnaires #2
Communications Student Observation Questionnaires #2Communications Student Observation Questionnaires #2
Communications Student Observation Questionnaires #2
 
Communications Student Observation Questionnaires #1
Communications Student Observation Questionnaires #1Communications Student Observation Questionnaires #1
Communications Student Observation Questionnaires #1
 
narrative
narrative narrative
narrative
 

Bianca_Cirimele_Whitepaper_HIPAA_Reputation_Management

  • 1. Review Websites: Doctor Defamation & Patient Privacy A White Paper May 4, 2015 Background Social media provides an outlet for patient feedback, which can be used to inform and improve future practices like never before. However, today’s "share" culture is putting medical practices in legal danger. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established rules to protect the privacy and security of individually identifiable health information. HIPAA Privacy Rules set national standards in the U.S. for maintaining the confidentiality of protected health information. Accordingly, organizations and individuals were required to implement safeguards when working with covered information. Failure to comply with HIPAA regulations can result in civil and criminal penalties. These penalties can apply to both organizations and individuals. Additionally, organizations can take disciplinary actions against responsible employees when a violation occurs. HIPAA results in a monstrous issue for covered practitioners when faced with feedback on public forum sites such as “Yelp”. A practitioner who responds to reviews online could be slapped with violation of HIPAA and state privacy laws because by responding to a patient in an online forum arguably discloses a patient relationship. In 1996, Congress also passed the Communications Decency Act (CDA), providing public forum sites that handle reviews protection from legal action. These sites can allow third parties to post information and the site is not held liable for that content. Yelp’s terms and conditions take full advantage of the CDA, disclaiming liability for user content on their site. Fighting any negative online reviews in court has, in a way, become a futile exercise. In 2011, a California practitioner who sued the parents of a patient, alleging that a negative review they posted on Yelp defamed her, was ordered to pay the parents and Yelp $80,000 in attorneys' fees and litigation costs. The court ordered the practitioner to pay these fees because California has an anti-SLAPP (Strategic Lawsuit Against Public Participation) statute. The law clearly favors the patient over the practitioner. Online review sites such as Yelp offer no relief for businesses faced with strict industry regulations. Yelp does not arbitrate disputes and argues that businesses should post public comments to reviewers. This clause is devastating for businesses whose reply may constitute acknowledgement of a patient relationship and therefore a privacy violation. 5/4/2015 Page 1
  • 2. Yelp’s policy on flagging reviews from users who were never actually a patient recommends a remedy that can lead to illegally exposing patient relationships to Yelp’s flag removal case moderators. Businesses that cannot offer contact lists without violating patient confidentiality are rendered unable to provide evidence, which could lead to the removal of a fake review. Abstract Federal and state law supports a patient's right to post about a medical practice on public, online forums, and there is little practitioners can do to prevent patients from posting negative reviews. Additionally, industry specific regulations make it nearly impossible for HIPAA covered practitioners to respond to public face threats that result from negative online feedback. Terms and conditions on review websites offer no recourse for businesses with strict regulations, thereby rendering them helpless against potentially fraudulent and defaming reviews. This paper seeks to shed light on a grave reputation management problem facing medical practitioners and offer prescriptive remedies. Problem Statement Some businesses are regulated more heavily than others, including regulations that affect how they manage their online reputation. These regulations apply to the businesses themselves and not consumers. This is the case with medical practices, which are accountable to federal and state laws regarding patient privacy and identifiable health information. As a result, these kinds of businesses can continue to be listed on sites like Yelp so that consumers can find and share information about them. In most cases, regulated businesses can interact with consumers on Yelp in the same way that any other business can (e.g., sending private messages to reviewers or posting public responses which don't betray private information about the reviewer). Unfortunately, this is not the case with medical practices where responding to a patient in an online forum arguably discloses a patient relationship. This creates a situation where practitioners cannot legally respond to reviewers who are defaming them and causing losses to their reputation and bottom line. This forces reputation managers for medical practices to limit review replies to overly generic, boilerplate communications, which can be perceived as cold and uncaring by an under-informed public. For example, medical practitioners or their representatives might state that they are always saddened when their patient experience did not exceed expectations. To avoid establishing a patient relationship, they must completely avoid any mention of the reviewer’s personal, patient experience or any issues that they have brought up in the review copy. Such impersonal language may further damage the perception of the practice and cause other users to perceive them as lacking concern for their patients on a relational level. This is assuming that the review was written by a person who actually had a personal consumer experience with the practice and is not an angry ex-employee or an industry competitor. Sites like Yelp falsely contend that their review flagging protocols can remedy infirmities concerning fake reviews, however they fail to account for concerns such as HIPAA violations. Yelp’s policy on flagging reviews from users who were never actually a customer or patient prescribes, “Yelpers are not allowed to post reviews if they didn't have a consumer experience with the business (e.g., buying something, calling to inquire about pricing, etc.). If you see a questionable review, please flag it. Please note that our moderators will only remove a review if 5/4/2015 Page 2
  • 3. the consumer doesn't describe a consumer experience. It usually isn't enough to say that you don't recognize the reviewer as a real customer, so please let us know if you have specific evidence about who wrote the review.” The language here implies that businesses are expected to provide evidence that a reviewer did not interact with their business. Proving that a person had no interaction with a business might entail providing evidence such as call logs, contact lists, payment receipts and other exhaustive lists with no sign of the reviewer’s name or other contact information. This is assuming that the reviewer in question used their real name on their Yelp profile and that identifiable information such as an e-mail address or phone number are even available. Businesses that cannot offer contact lists or other supporting documents without violating patient confidentiality are rendered unable to provide evidence, which could lead to the removal of a fake review. Accordingly, Yelp’s policy leaves covered medical practices with the choice of being defamed or risking a violation of federal and state privacy laws. Yelp’s unfair treatment of covered medical businesses is both unfair and highly unethical. Proposed Solution New measures must be taken to increase public awareness of the limitations faced by medical businesses on review websites. Awareness alone will not resolve inadequacies in legal protections available to covered medical businesses. However, increased transparency and public awareness is a step in the right direction. Introduction of Solution Public review sites must take steps to notify users of the legal limitations faced by businesses that are held accountable to federal and state laws concerning patient privacy and identifiable health information. Business representatives who claim business profiles on review sites should be asked if they are held accountable to federal and state privacy laws such as HIPAA. If the page owner confirms that they are a covered organization, a notice should be clearly posted on their business profile for all users to see. Recommended notification messaging points might include the following: • NOTE: This business is legally responsible for adhering to federal and state privacy laws [HYPERLINK TO A PAGE WITH LINKS TO RELEVANT FEDERAL AND STATE PRIVACY LAWS], which restrict their ability to publicly and personally respond to reviewers. Users are encouraged to contact the business in person, by phone, or private message before posting a review. WARNING: You are legally liable for the information contained in your review. • NOTE: Medical information is private and is subject to legal restrictions [HYPERLINK TO A PAGE WITH LINKS TO RELEVANT FEDERAL AND STATE PRIVACY LAWS], for both patient and practitioner. Users are encouraged to contact this business in person, by phone, or private message before posting a review. CAUTION: You are legally liable for the information contained in your review. 5/4/2015 Page 3
  • 4. Application of Solution Notification of the privacy limitations placed on practitioners will enlighten business page viewers as to the reasons behind public replies that would have otherwise been considered to be cold or impersonal. Additionally, recommending alternative feedback channels will encourage reviewers to communicate with businesses in a way that allows for greater protection of privacy and quicker resolution. Alerting users to the private nature of medical information and of their liability for the information contained in their review is intended to dissuade fake reviewers or competitors from posting defamatory reviews. While public notification alone is not a sufficient, long-term remedy to the unfair treatment of medical businesses in online forums, it is a necessary interim strategy as stakeholders await legislative action to balances the scales. Long-Term Focus Long-term solutions should focus on providing legal protections for medical businesses and practitioners. Legal provisions should treat releases of protected patient information equally, regardless of the releasing party. Accordingly, private information is entirely kept private unless the patient clearly and publicly acknowledges a personal consumer experience with a covered medical business. Legal remedies should increase the liability of patients providing information that can be perceived as acknowledging a patient relationship. If a reviewer clearly and publicly identifies himself or herself as a patient, the law should treat this as a release of liability for the business to reply publicly on the review-hosting site. Future efforts should seek to identify remedies, which equally protect both patient and practitioner. Conclusion Online review websites create privacy issues for medical practitioners who cannot publicly acknowledge a patient relationship with reviewers on their business profiles. Accordingly, current federal and state privacy laws seriously limit a covered business’ ability to repair damage done to their online reputation by fake and real reviewers. Currently, terms and conditions of review websites such as Yelp offer no viable recourse options. While business owners wait for legislative protections to catch up with technology, public notification on review sites can offer some interim assistance. Long-term focus should be dedicated to updating outdated legal precedents, which could not have anticipated such protectoral deficiencies in situations arising from then non- existent technologies. 5/4/2015 Page 4
  • 5. Appendices Appendix A – Author Bianca Cirimele, BA, MA Appendix B – References 1. Can I report a review if I don't think it was posted by a real customer? (n.d.). Retrieved May 4, 2015, from http://www.yelp-support.com/article/Can-I-report-a- review-if-I-dont-think-it-was-posted-by-a-real-customer?l=en_US 2. Dentists can use online forums such as Yelp to their advantage. (2014, January 13). Retrieved May 4, 2015, from http://www.cda.org/news-events/dentists-can- use-online-forums-such-as-yelp-to-their-advantage 3. Yelp for Business Owners. (n.d.). Retrieved May 4, 2015, from https://biz.yelp.com/support/common_questions 5/4/2015 Page 5
  • 6. Appendices Appendix A – Author Bianca Cirimele, BA, MA Appendix B – References 1. Can I report a review if I don't think it was posted by a real customer? (n.d.). Retrieved May 4, 2015, from http://www.yelp-support.com/article/Can-I-report-a- review-if-I-dont-think-it-was-posted-by-a-real-customer?l=en_US 2. Dentists can use online forums such as Yelp to their advantage. (2014, January 13). Retrieved May 4, 2015, from http://www.cda.org/news-events/dentists-can- use-online-forums-such-as-yelp-to-their-advantage 3. Yelp for Business Owners. (n.d.). Retrieved May 4, 2015, from https://biz.yelp.com/support/common_questions 5/4/2015 Page 5