Social media is becoming more important in the healthcare field. But, there are legal implications to using social media tools of which those in the industry should be aware.
Speakers:
Tatiana Melnik, JD
Associate Attorney, Dickinson Wright PLLC
Brian Balow, JD
Member, Dickinson Wright PLLC
Social Media And Ethical Concerns For Healthcare Professionals Marie Ennis-O'Connor
While social media use in healthcare has the potential to bring value to patient-provider relationships, it is not without its ethical and professional challenges. This presentation looks at those challenges and suggests ways to deal with them.
A keynote address made at the 2013 Transnational Summit of Trustworthy use of Data for Health. It was a provocative speech as it compare the abuse of health data with the abuse of natural resources extracted from countries through manipulation of people without giving them back any of the benefits of the resources they give. Big data in health, unethical use of data and the need for better regulations and ethical principles.
Surveys a series of ethical, economic, clinical and also safety issues relating to the application of informatics to healthcare, focusing especially on the role of informatics in the Patient Protection and Affordable Care Act. Talk presented in the University at Buffalo Clinical/Research Ethics Seminar - Ethics, Informatics and Obamacare, November 20, 2012. Slides are available here: http://ontology.buffalo.edu/13/ethics-informatics-obamacare.pptx
Social Media And Ethical Concerns For Healthcare Professionals Marie Ennis-O'Connor
While social media use in healthcare has the potential to bring value to patient-provider relationships, it is not without its ethical and professional challenges. This presentation looks at those challenges and suggests ways to deal with them.
A keynote address made at the 2013 Transnational Summit of Trustworthy use of Data for Health. It was a provocative speech as it compare the abuse of health data with the abuse of natural resources extracted from countries through manipulation of people without giving them back any of the benefits of the resources they give. Big data in health, unethical use of data and the need for better regulations and ethical principles.
Surveys a series of ethical, economic, clinical and also safety issues relating to the application of informatics to healthcare, focusing especially on the role of informatics in the Patient Protection and Affordable Care Act. Talk presented in the University at Buffalo Clinical/Research Ethics Seminar - Ethics, Informatics and Obamacare, November 20, 2012. Slides are available here: http://ontology.buffalo.edu/13/ethics-informatics-obamacare.pptx
This module describes how missing data can be managed while maintaining data quality. It explains how to plan for missing data; defines different types of “missingness;” outlines the benefits of documenting missing data and illustrates how to document missing data; and describes procedures to minimize missing data. Upon completion of this module, students will be able to explain why data managers should strive to minimize missing data and develop a plan to record or code why data are missing.
The Intersection of Social Media, HIPAA, and the WorkplacePolsinelli PC
Using Social Media in the workplace can enhance business operations by expanding communication, providing education, and improving services. Social Media, however, despite its advantages, can create potential risks to employees and employers. These risks are exacerbated in the healthcare space, as patient privacy concerns are paramount. This webinar will discuss social media and its appropriate use in the healthcare industry, navigate the interaction between freedom of speech, patient rights, and employment law, and provide information on how to draft and implement a workable and practical Social Media Policy
On our agenda:
-Social Media Statistics
-Benefits of Social Media in the Workplace
-Potential Patient Privacy and Security Social Media Pitfalls, including Real World Examples
-Employee Rights
-Adopting a Social Media Policy
Theera-Ampornpunt N. Health information privacy: Asia's viewpoint. Presented at: Globalizing Asia: Health Law, Governance, and Policy - Issues, Approaches, and Gaps!; 2012 Apr 16-18; Bangkok, Thailand.
This module describes how missing data can be managed while maintaining data quality. It explains how to plan for missing data; defines different types of “missingness;” outlines the benefits of documenting missing data and illustrates how to document missing data; and describes procedures to minimize missing data. Upon completion of this module, students will be able to explain why data managers should strive to minimize missing data and develop a plan to record or code why data are missing.
The Intersection of Social Media, HIPAA, and the WorkplacePolsinelli PC
Using Social Media in the workplace can enhance business operations by expanding communication, providing education, and improving services. Social Media, however, despite its advantages, can create potential risks to employees and employers. These risks are exacerbated in the healthcare space, as patient privacy concerns are paramount. This webinar will discuss social media and its appropriate use in the healthcare industry, navigate the interaction between freedom of speech, patient rights, and employment law, and provide information on how to draft and implement a workable and practical Social Media Policy
On our agenda:
-Social Media Statistics
-Benefits of Social Media in the Workplace
-Potential Patient Privacy and Security Social Media Pitfalls, including Real World Examples
-Employee Rights
-Adopting a Social Media Policy
Theera-Ampornpunt N. Health information privacy: Asia's viewpoint. Presented at: Globalizing Asia: Health Law, Governance, and Policy - Issues, Approaches, and Gaps!; 2012 Apr 16-18; Bangkok, Thailand.
Ethics for artificial intelligence, machine learning and automated decision m...Steven Finlay
Machine Learning and Artificial Intelligence are having an ever increasing impact on our lives. This presentation discusses some of the ethical issues associated with automated decision making systems, driven by machine learning and predictive models. It also provides a risk assessment framework for assessing the potential risks of such systems.
Presentation slides from a talk myself (Andrew McStay) and Vian Bakir gave at the University of Toronto, March 2016. Get in touch if you have thoughts.
Utilize Digital and Social Media Data to Inform Your Research in Novel WaysKatja Reuter, PhD
In collaboration with Audun Utengen and Thomas Lee from Symplur LLC, we explore the usage of digital and social media data to inform research in novel ways and discover emerging health trends, disease communities and outreach mechanisms.
This presentation is part of the Digital Scholar Training Series at USC and CHLA.
Learn more about the initiative: http://sc-ctsi.org/digital-scholar/
News story: http://sc-ctsi.org/index.php/news/new-digital-scholar-training-initiative-helps-researchers-better-utilize-we#.VDhIWWK9mKU
Project DescriptionApply decision-making frameworks to IT-rela.docxbriancrawford30935
Project Description
Apply decision-making frameworks to IT-related ethical issues
There are several ethical theories described in Module 1: Ethical Theories. Module 2: Methods of Ethical Decision Making, describes frameworks for ethical analysis. For this paper, use the Reynolds Seven-Step approach to address the following:
· Describe a current IT-related ethical issue; and define a problem statement
· Analyze your problem using a decision-making framework chosen from Module 2.
· Discuss the applicable ethical theory from Module 1 that supports your decision.
· Prepare a minimum 3- 5 page, double-spaced paper.
· Use APA style and format. Provide appropriate American Psychological Association (APA) reference citations for all sources. In addition to critical thinking and analysis skills, your paper should reflect appropriate grammar and spelling, good organization, and proper business-writing style.
Each of Reynolds seven steps must be a major heading in your paper.
Here are some suggested issues-
1. Workplace Issue.
2. Privacy on the Web. What is happening now in terms of privacy on the Web? Think about recent abuses and improvements. Describe and evaluate Web site policies, technical and privacy policy protections, and current proposals for government regulations.
3. Personal Data Privacy Regulations in Other Countries. Report on personal data privacy regulations, Web site privacy policies, and governmental/law enforcement about access to personal data in one or more countries; e.g., the European Union. This is especially relevant as our global economic community expands and we are more dependent on non-US clients for e-Business over the Internet. (Note: new proposed regulations are under review in Europe.)
4. Spam. Describe new technical solutions and the current state of regulation. Consider the relevance of freedom of speech. Discuss the roles of technical and legislative solutions.
5. Computer-Based Crimes. Discuss the most prevalent types of computer crimes, such as Phishing. Analyze why and how these can occur. Describe protective measures that might assist in preventing or mitigating these types of crimes.
6. Government surveillance of the Internet. The 9/11 attacks on the US in 2001 brought many new laws and permits more government surveillance of the Internet. Is this a good idea? Many issues are cropping up daily in our current periodicals!
7. The Digital Divide. Does it exist; what does it look like; and, what are the ethical considerations and impact?
8. Privacy in the Workplace: Monitoring Employee Web and E-Mail Use. What are current opinions concerning monitoring employee computer use. What policies are employers using? Should this be authorized or not? Policies are changing even now!
9. Medical Privacy. Who owns your medical history? What is the state of current legislation to protect your health information? Is it sufficient? There are new incentives with federal stimulus financing for health care organizations to de.
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxkarlhennesey
Page 9 of 15
Capstone Project
Yaima Ortiz
IDS-4934
March 1st, 2020
Abstract
Topic:
Privacy- What medical information should be confidential? Who, if anybody, should have access to medical records?
Thesis Statement
In healthcare centers and overall privacy is the right of every US citizen that should be protected in all its forms by the healthcare organization.
Rationale
1. The purpose of this paper is to identify why security measures are necessary to protect one’s privacy in the medical industry.
2. There are numerous laws, policies and healthcare organizational rules and regulations and statistics that would be helpful for conducting this research.
3. Privacy of a person whether this is me or you, is important then everything. I want to talk on this topic because I think most of us do not know what is happening to us.
4. I have selected textual analysis of books and available internet sources. The reason of this limited research methodology is that I cannot perform field study because of shortage of time.
Rough Draft Ideas
Identity theft in healthcare industry become a common practice and leads to information leakage that may destroy someone’s life. We can eliminate this human right violation by enforcing effective and practical laws. Healthcare organizations should understand their responsibilities and tighten security to protect information of patients.
Table of Contents
Introduction 3
Overview of Privacy Protections with Respect to Medical Records 4
Data Breaches in the Healthcare Industry 5
Healthcare is the biggest Target for Cyber Attack 7
Penalties and Punishments for Hacking Personal Information 9
Penalties 9
Devastating Consequences of Healthcare Data Breaches 10
Conclusion 10
Recommendations 11
Bibliography 12
Introduction
While operating in healthcare organizations need to gather patient’s information that is mostly personal information. It is the moral and legal responsibility of health care organizations to protect the information of their patients and do not share it with people outside of the organization without the patient’s consent. Protecting patient’s information is a crucial element of respect and essential for patients' autonomy and trust in the organization — the US healthcare industry currently facing patient mistrust that is caused because of a lack of trust. When patients experience a lack of confidence they do not share their information with a healthcare professional that causes ineffective treatment. In a 2018 study, Levy, Scherer, Zikmund-Fisher, Larkin, Barnes, & Fagerlin concluded that approximately 81.1% of people withheld medically relevant information from their health-care providers. Patients fail to disclose medically relevant information in front of their clinicians undermine their health and cause patient harm (Levy, 2018).
There are numerous components of patient privacy in healthcare that are personal space, religious and cultural affiliations, physical privacy ...
Page 9 of 15Capstone ProjectYaima OrtizIDS-4934.docxhoney690131
Page 9 of 15
Capstone Project
Yaima Ortiz
IDS-4934
March 1st, 2020
Abstract
Topic:
Privacy- What medical information should be confidential? Who, if anybody, should have access to medical records?
Thesis Statement
In healthcare centers and overall privacy is the right of every US citizen that should be protected in all its forms by the healthcare organization.
Rationale
1. The purpose of this paper is to identify why security measures are necessary to protect one’s privacy in the medical industry.
2. There are numerous laws, policies and healthcare organizational rules and regulations and statistics that would be helpful for conducting this research.
3. Privacy of a person whether this is me or you, is important then everything. I want to talk on this topic because I think most of us do not know what is happening to us.
4. I have selected textual analysis of books and available internet sources. The reason of this limited research methodology is that I cannot perform field study because of shortage of time.
Rough Draft Ideas
Identity theft in healthcare industry become a common practice and leads to information leakage that may destroy someone’s life. We can eliminate this human right violation by enforcing effective and practical laws. Healthcare organizations should understand their responsibilities and tighten security to protect information of patients.
Table of Contents
Introduction 3
Overview of Privacy Protections with Respect to Medical Records 4
Data Breaches in the Healthcare Industry 5
Healthcare is the biggest Target for Cyber Attack 7
Penalties and Punishments for Hacking Personal Information 9
Penalties 9
Devastating Consequences of Healthcare Data Breaches 10
Conclusion 10
Recommendations 11
Bibliography 12
Introduction
While operating in healthcare organizations need to gather patient’s information that is mostly personal information. It is the moral and legal responsibility of health care organizations to protect the information of their patients and do not share it with people outside of the organization without the patient’s consent. Protecting patient’s information is a crucial element of respect and essential for patients' autonomy and trust in the organization — the US healthcare industry currently facing patient mistrust that is caused because of a lack of trust. When patients experience a lack of confidence they do not share their information with a healthcare professional that causes ineffective treatment. In a 2018 study, Levy, Scherer, Zikmund-Fisher, Larkin, Barnes, & Fagerlin concluded that approximately 81.1% of people withheld medically relevant information from their health-care providers. Patients fail to disclose medically relevant information in front of their clinicians undermine their health and cause patient harm (Levy, 2018).
There are numerous components of patient privacy in healthcare that are personal space, religious and cultural affiliations, physical privacy.
The proposed Trusted Exchange Framework supports ONC’s goals of achieving nationwide interoperability:
Patient Access - Patients must be able to access their health information electronically without any special effort;
Population-level Data Exchange - Providers and payer organizations accountable for managing benefits can receive population level health information allowing them to analyze population health trends, outcomes, and costs; identify at-risk populations; and track progress on quality improvement initiatives; and
Open and Accessible APIs – The health information technology (health IT) community should have open and accessible application programming interfaces (APIs) to encourage entrepreneurial, user-focused innovation to make health information more accessible and to improve electronic health record (EHR) usability.
2015 Edition Proposed RuleModifications to the ONC Health IT Certification ...Brian Ahier
Presentation to April 7, 2015 Health IT Policy Committee:
2015 Edition Proposed RuleModifications to the ONC Health IT Certification Program and 2015 Edition Health IT Certification Criteria
Remarks to Public Forum on National Health IT PolicyBrian Ahier
On February 4, 2010 there was a public forum on the rollout of national HIT policy under HITECH, including "meaningful use," EHR certification, and HIE. Aneesh Chopra, at the time serving as Chief Technology Office (CTO) of the United States made some remarks.
FTC Spring Privacy Series: Consumer Generated and Controlled Health DataBrian Ahier
Increasingly, consumers are taking a more active role in managing and generating their own health data. For example, consumers are researching their health conditions and diagnosing themselves online. Consumers are also uploading their information into personal health records and apps that allow them to manage and analyze their data, and utilizing connected health and fitness devices that regularly collect information about them and transmit this information to other entities.
The movement of health data outside the traditional medical provider context has many potential benefits; however, it also raises potential privacy concerns. The seminar will address questions such as:
What types of websites, products, and services are consumers using to generate and control their health data, and how are consumers using them?
Who are the companies behind these websites, products, and services, what are their business models, and what does the current marketplace look like?
How can consumers benefit from these companies’ websites, products, and services?
What actions are these companies taking to protect consumers’ privacy and security?
What do consumers expect from these companies regarding privacy and security protections?
Do consumers differentiate between these companies and those that offer traditional medical products and services that are covered by HIPAA?
What restrictions, if any, do advertising networks and others impose on tracking of health data?
On February 19, 2014, the Federal Trade Commission staff hosted a seminar on Mobile Device Tracking.
The speakers discussed how retailers and other businesses have been tracking consumers’ movements throughout and around retail stores and other attractions using technologies that identify signals emitted by their mobile devices. While the technologies differ, many work by identifying and collecting the MAC address – which is unique to a particular device – broadcast when a mobile device searches for Wi-Fi networks. Companies can use these technologies to reveal information about consumers including the path taken throughout a location, length of time in one location, whether a visitor is new or returning, and the frequency of visits to a location. According to media reports, major retailers in the United States are using or have tested the technology in their stores in order to gain insights into the behavior of their customers.
In most cases, this tracking is invisible to consumers and occurs with no consumer interaction. As a result, the use of these technologies raises a number of potential privacy concerns and questions.
Big Data and VistA Evolution, Theresa A. Cullen, MD, MSBrian Ahier
Presentation to Open Source Electronic Health Record Alliance (OSEHRA) Architecture Work Group by Theresa A. Cullen, MD, MS
Chief Medical Information Officer
Director, Health Informatics
Office of Informatics and Analytics
Veterans Health Administration
Department of Veterans Affairs
Explore natural remedies for syphilis treatment in Singapore. Discover alternative therapies, herbal remedies, and lifestyle changes that may complement conventional treatments. Learn about holistic approaches to managing syphilis symptoms and supporting overall health.
micro teaching on communication m.sc nursing.pdfAnurag Sharma
Microteaching is a unique model of practice teaching. It is a viable instrument for the. desired change in the teaching behavior or the behavior potential which, in specified types of real. classroom situations, tends to facilitate the achievement of specified types of objectives.
ARTIFICIAL INTELLIGENCE IN HEALTHCARE.pdfAnujkumaranit
Artificial intelligence (AI) refers to the simulation of human intelligence processes by machines, especially computer systems. It encompasses tasks such as learning, reasoning, problem-solving, perception, and language understanding. AI technologies are revolutionizing various fields, from healthcare to finance, by enabling machines to perform tasks that typically require human intelligence.
Recomendações da OMS sobre cuidados maternos e neonatais para uma experiência pós-natal positiva.
Em consonância com os ODS – Objetivos do Desenvolvimento Sustentável e a Estratégia Global para a Saúde das Mulheres, Crianças e Adolescentes, e aplicando uma abordagem baseada nos direitos humanos, os esforços de cuidados pós-natais devem expandir-se para além da cobertura e da simples sobrevivência, de modo a incluir cuidados de qualidade.
Estas diretrizes visam melhorar a qualidade dos cuidados pós-natais essenciais e de rotina prestados às mulheres e aos recém-nascidos, com o objetivo final de melhorar a saúde e o bem-estar materno e neonatal.
Uma “experiência pós-natal positiva” é um resultado importante para todas as mulheres que dão à luz e para os seus recém-nascidos, estabelecendo as bases para a melhoria da saúde e do bem-estar a curto e longo prazo. Uma experiência pós-natal positiva é definida como aquela em que as mulheres, pessoas que gestam, os recém-nascidos, os casais, os pais, os cuidadores e as famílias recebem informação consistente, garantia e apoio de profissionais de saúde motivados; e onde um sistema de saúde flexível e com recursos reconheça as necessidades das mulheres e dos bebês e respeite o seu contexto cultural.
Estas diretrizes consolidadas apresentam algumas recomendações novas e já bem fundamentadas sobre cuidados pós-natais de rotina para mulheres e neonatos que recebem cuidados no pós-parto em unidades de saúde ou na comunidade, independentemente dos recursos disponíveis.
É fornecido um conjunto abrangente de recomendações para cuidados durante o período puerperal, com ênfase nos cuidados essenciais que todas as mulheres e recém-nascidos devem receber, e com a devida atenção à qualidade dos cuidados; isto é, a entrega e a experiência do cuidado recebido. Estas diretrizes atualizam e ampliam as recomendações da OMS de 2014 sobre cuidados pós-natais da mãe e do recém-nascido e complementam as atuais diretrizes da OMS sobre a gestão de complicações pós-natais.
O estabelecimento da amamentação e o manejo das principais intercorrências é contemplada.
Recomendamos muito.
Vamos discutir essas recomendações no nosso curso de pós-graduação em Aleitamento no Instituto Ciclos.
Esta publicação só está disponível em inglês até o momento.
Prof. Marcus Renato de Carvalho
www.agostodourado.com
Adv. biopharm. APPLICATION OF PHARMACOKINETICS : TARGETED DRUG DELIVERY SYSTEMSAkankshaAshtankar
MIP 201T & MPH 202T
ADVANCED BIOPHARMACEUTICS & PHARMACOKINETICS : UNIT 5
APPLICATION OF PHARMACOKINETICS : TARGETED DRUG DELIVERY SYSTEMS By - AKANKSHA ASHTANKAR
New Drug Discovery and Development .....NEHA GUPTA
The "New Drug Discovery and Development" process involves the identification, design, testing, and manufacturing of novel pharmaceutical compounds with the aim of introducing new and improved treatments for various medical conditions. This comprehensive endeavor encompasses various stages, including target identification, preclinical studies, clinical trials, regulatory approval, and post-market surveillance. It involves multidisciplinary collaboration among scientists, researchers, clinicians, regulatory experts, and pharmaceutical companies to bring innovative therapies to market and address unmet medical needs.
Flu Vaccine Alert in Bangalore Karnatakaaddon Scans
As flu season approaches, health officials in Bangalore, Karnataka, are urging residents to get their flu vaccinations. The seasonal flu, while common, can lead to severe health complications, particularly for vulnerable populations such as young children, the elderly, and those with underlying health conditions.
Dr. Vidisha Kumari, a leading epidemiologist in Bangalore, emphasizes the importance of getting vaccinated. "The flu vaccine is our best defense against the influenza virus. It not only protects individuals but also helps prevent the spread of the virus in our communities," he says.
This year, the flu season is expected to coincide with a potential increase in other respiratory illnesses. The Karnataka Health Department has launched an awareness campaign highlighting the significance of flu vaccinations. They have set up multiple vaccination centers across Bangalore, making it convenient for residents to receive their shots.
To encourage widespread vaccination, the government is also collaborating with local schools, workplaces, and community centers to facilitate vaccination drives. Special attention is being given to ensuring that the vaccine is accessible to all, including marginalized communities who may have limited access to healthcare.
Residents are reminded that the flu vaccine is safe and effective. Common side effects are mild and may include soreness at the injection site, mild fever, or muscle aches. These side effects are generally short-lived and far less severe than the flu itself.
Healthcare providers are also stressing the importance of continuing COVID-19 precautions. Wearing masks, practicing good hand hygiene, and maintaining social distancing are still crucial, especially in crowded places.
Protect yourself and your loved ones by getting vaccinated. Together, we can help keep Bangalore healthy and safe this flu season. For more information on vaccination centers and schedules, residents can visit the Karnataka Health Department’s official website or follow their social media pages.
Stay informed, stay safe, and get your flu shot today!
Pharma Pcd Franchise in Jharkhand - Yodley Lifesciences
Social Media, Healthcare and the Law
1. Social Media, Healthcare and the Law
Brian Balow, Member
Tatiana Melnik, Associate
DISCLAIMER: The vi ews and opinions expressed i n this presentation are those of the author a nd do not necessarily represent official policy or position of HIMSS.
3. Learning Objectives
Recognize about the different legal issues
surrounding social media using real life
examples
Discuss considerations organization should
make when creating a social media policy
Analyze an example social media policy
4. Outline
1. Privacy 3. Legal Issues
– History – Overview
– Foundation o Federal
– Why It Matters o State
Today
2. Social Media 4. Drafting Your Social
– Description Media Policy
– Importance – Considerations
– Example
5. Outline
1. Privacy 3. Legal Issues
– History – Overview
– Foundation o Federal
– Why It Matters o State
Today
2. Social Media 4. Drafting Your Social
– Description Media Policy
– Importance – Considerations
– Example
7. The Foundation of Privacy
Federal Laws
−U.S. Constitution
−Federal Legislation
−State Laws
−Common Law
−Industry Practice
* International Law
8. The Foundation of Privacy
U.S. Constitution
−Griswold v. Connecticut (1965) – emanations
from penumbras
−Roe v. Wade (1973) – the right of women to
choose
−Whalen v. Roe (1977) - privacy v. the public
interest
9. The Foundation of Privacy
U.S. Constitution: Context Matters
−“The Constitution does not explicitly mention
any right of privacy” - Roe v. Wade
−“Zones of privacy” - Griswold v. Connecticut
o 1st Am.: Right of association
o 2nd Am.: Right not to have to quarter soldiers
o 4th Am.: Right against unreasonable search and
seizure (“expectation of privacy”)
o 5th Am.: Right against self-incrimination
o 9th Am.: Preservation of unenumerated rights
10. The Foundation of Privacy
U.S. Constitution: Context Matters
−Analogy = Potter Stewart’s famous quote, holding
that the Constitution protected all obscenity
except “hard-core pornography.”
−Stewart wrote:
“I shall not today attempt further to define the
kinds of material I understand to be embraced
within that shorthand description; and perhaps
I could never succeed in intelligibly doing so.
But I know it when I see it, and the motion
picture involved in this case is not that.”
11. The Foundation of Privacy
U.S. Constitution: Context Matters
−So it goes with “privacy” under the Constitution.
12. The Foundation of Privacy
Federal Legislation: Context Still Matters
− Targeted Information − Specific identification
o Financial (GLBA) of information
o Medical (HIPAA) deemed to be
“private”
− Targeted Constituency − Specific identification
o Consumers (FTC of obligations
Section 5) regarding the use of
particular information
o Children (COPPA)
13. The Foundation of Privacy
State Laws
−Various state statutes addressing
o Social Security Numbers
o Drivers licenses
o Protection of health care information
o Recordkeeping and data destruction
o Breach disclosure
Industry Standards
−PCI DSS
14. The Foundation of Privacy
International Laws
−E.U. Privacy Directive 95/46/EC
oAddresses the collection, use,
processing, and movement of personal
data
−EU Internet Privacy Law of 2002
(Directive 2002/58/EC)
oProtects data in electronic transactions
−Individuals countries have their own laws
15. The Foundation of Privacy
Laws Govern
−What information can be collected
−How it must be stored and secured
−Under what circumstances it can be shared
−Under what circumstances it can be disclosed
−Requirements for responding to data breaches
and data losses
−Penalties for data breaches and data losses
16. Outline
1. Privacy 3. Legal Issues
– History – Overview
– Foundation o Federal
– Why It Matters o State
Today
2. Social Media 4. Drafting Your Social
– Description Media Policy
– Importance – Considerations
– Example
17. What is Social Media?
A method of communication
Create and disseminate ideas and information
– Instant
– Efficient
– Low Cost (Mayo Clinic spent $1500)
– User-generated content
– Collaborative
– No degree required, everyone is an expert
– Anyone can make a difference
18. Some Examples
Facebook
Twitter
YouTube
Medscape (from WebMD)
Sermo
Healthy Place (for mental health)
Patients Like Me
19.
20. Why does Social Media Matter?
Facebook (Facebook Statistics)
– More than 800 million active users (compared to 500
million last year)
– Average user has 130 “friends”
– More than 7 million apps and websites are integrated
with Facebook
21. Why does Social Media Matter?
Twitter (Mark Hachman, PC Mag, 2011)
– More than 100 million active users (compared to
75 million users last year)
o Which is an 82% increase since the beginning of
2011
– About 50 million tweet on a daily basis
– On pace to add 26 million new years before the
end of the year
22. Why does Social Media Matter?
Patients Like Me (Health 2.0 Conference, Our Speakers, 2010)
– Last year:
o More than 45,000 users
o Patients voluntarily revealing protected health
information
o Tracking 19 diseases
23.
24.
25. Why does Social Media Matter?
Patients Like Me
– Has completely revamped itself:
o More than 118,000 patients (compared to 45,000)
o Tracking 500+ conditions (compared to 19)
o Patients voluntarily and publicly revealing their
conditions
26.
27.
28. Why does Social Media Matter?
Patients Like Me
– Individuals voluntarily disclosing their
o Conditions (bipolar, ALS, MS, ADHD, depression,
HIV)
o Age
o Pictures
o Treatment protocols
o Time have had condition
29. Why does Social Media Matter?
Patients want to be in control
– Of the 74% of adults who use the internet
o 80% of internet users have looked online for
information about health related topics
o 34% of internet users, or 25% of adults, have read
someone else’s commentary or experience about
health or medical issues on an online news group,
website, or blog
o 24% of internet users, or 18% of adults, have
consulted online reviews of particular drugs or
medical treatments
30. Why does Social Media Matter?
Easy
+ Fast
+ Popular
Lots of Potential for TROUBLE
34. Examples of Trouble
Federal Aviation Administration
v. Cooper
− Case currently pending before the
Supreme Court (args heard on Nov. 25, 2011)
− “Operation Safe Pilot”
o FAA and the SSA teamed up to find pilots
who hid medical conditions
o Exchanged medical information about thousands of
pilots (45,000 in N. Cali.)
and found ~3,200 violators
o SSA disclosed that pilot was HIV positive and was
receiving disability benefits
o Failure to disclose is a felony (pleaded guilty, 2 yrs
probation, $1,000 fine, $200K in other legal fees)
35. Examples of Trouble
Federal Aviation Administration v. Cooper
− Pilot sued relying on the Privacy Act of 1974
o governs collection, maintenance, use, and sharing
of PII maintained by federal agencies
o prohibits the disclosure of PII without prior written
consent of the subject individual, unless the
disclosure is pursuant to one of 12 statutory
exceptions
o SSA admits violated the law
• but argues that emotional damages (humiliation,
embarrassment, mental anguish) are not “actual
damages”
36. Examples of Trouble
Federal Prosecution (Ag's Office, WD Penn. 2010)
− Pennsylvania
− UPMC Shadyside Hospital
− Employee selling PHI for personal gain (names,
birth dates, social security numbers)
− 14 count indictment (HIPAA and SSA)
− Possible punishment: 80 years, $4,730,000 or
both
37. Examples of Trouble
Federal Prosecution cont. (Nov. 2, 2011)
− Virginia
− Psychiatrist on trial for disclosing PHI
without authorization
− Facts:
o Patient went to see psychiatrist after traumatic
incident
o Patient complained about psychiatrist, who is
terminated as a result
o A few months later, patient put on a psychiatric
hold, psychiatrist finds out and notifies her
employer
38. Examples of Trouble
Federal Prosecution cont.
−The Department of Justice or
Attorneys’ General tend to prosecute when
o Medical records and identities are stolen to commit
healthcare fraud
o Medical records were stolen to embarrass or
threaten to embarrass someone
• 2011 Arizona case
• 2009 Indianapolis case
o Medical records were stolen to commit fraud
against private businesses
39. Examples of Trouble
Federal Prosecution cont.
−During 2011, Federal prosecutors working
with the FBI brought charges cases
charging 16 individuals and obtained 16
convictions
−Federal prosecutions are expected to continue
o As of early November 2011, the FBI has 56
pending investigations associated specifically
with violations of the HIPAA statute
o Actual number is higher because the above
numbers do not reflect cases where the HIPAA
statute was not the primary one charged
40. Examples of Trouble
Indiana
− Certified nursing assistant took a picture of a
paraplegic patient in a compromising position
− CNA says to her coworker: “This is too funny. I
need to take a picture of this.”
− Coworker: Please don’t take the picture.
Coworker notices picture on Facebook wall.
Reports to employer (as required under
HIPAA/HITECH!)
41. Examples of Trouble
Indiana
− Problem: revealed PHI
− Results for CNA:
oFired by employer after she admitted taking the
photo
oReferred to the State Department of Health
which oversees CNAs
oArrested and facing a voyeurism charge
42. Examples of Trouble
Rhode Island (Boston Globe, 2011)
– First (publicized) incident involving a doctor
– Westerly Hospital fired doctor for posting
information about a patient on her Facebook
account
– Reprimanded by the Rhode Island Medical Board
for “unprofessional conduct”
– Did not mention name, but Board concluded
revealed enough for others to identify the
patient
43. Examples of Trouble
Mississippi (WLBT 3, Dec. 2009)
– Governor tweeted: "Glad the Legislature
recognizes our dire fiscal situation. Look forward
to hearing their ideas on how to trim expenses."
– Nurse tweeted back: "Schedule regular medical
exams like everyone else instead of paying UMC
employees overtime to do it when clinics are
usually closed."
– Problem: Nurse indirectly referenced PHI
because she tweeted back to the Governor
44. Examples of Trouble
Iowa (Des Moines Register, 2010)
− Nurse fired because was using Facebook to
exchange information about a patient with another
health professional without consent
− No name, but enough information to identify
patient
45. Examples of Trouble
California
−St. Mary Medical Center (LA Times, Aug. 2010)
o Nurses from ER posted photo of dying patient on
Facebook pages
o Coworkers reported to hospital
o California Department of Public Health Department
was investigating
−“Rebekah Child, an RN at Cedars-Sinai's
emergency room, told the Times that she knows
many nurses who write about patients on
Facebook. Some even do it while they're on
the job.”
46. Examples of Trouble
California
−Employees improperly accessing records
o Fines required by state law
• SB 541 (2008) - fines for disclosing private medical
information range up to $250,000 per reported event
−Cedars-Sinai Medical Center (2008) - employee in
billing dept. stole 1,000+ records, committed fraud
−Kaiser Permanente (Bellflower) (2009)
o 50,000 in May 2009; employees snooping on
medical records of Nadya Suleman
o fined $187,500 in July 2009; 4 patients impacted
47. Examples of Trouble
California
−UCLA Ronald Reagan Medical Center (2010) -
fined $95,000 for employees snooping in Michael
Jackson’s records
−Community Hospital of San Bernardino, San
Bernardino, San Bernardino County (2010) - fined
$250,000 after facility failed to prevent
unauthorized access of 204 patients records by
one employee
−UCLA & Community Hospital - 2 of 6 fines issued
in one day -- penalties totaled $675,000
48. Examples of Trouble
Lawsuit
− University of Louisville (April 2011)
o Dismissed nursing student from its program after
she made unflattering remarks on her MySpace
page after watching a live birth
o Based on violating its Honor Code and the course’s
confidentiality agreement
o The student sued alleging First (free speech) and
Fourteenth (due process) Amendment violations
o She won on summary judgment
o The decision was reversed on appeal and
remanded to the District Court
49. Examples of Trouble
Lawsuit
− University of Louisville (Nov 2011)
o During the pendency of the appeal
• Yoder was reinstated to the nursing program
pursuant to the injunction
• Yoder completed her coursework
• Yoder obtained her nursing degree
• Yoger left the University
o Generally, case would be moot
• But here, issue of damages was not initially settled
• University has another 30 days to respond
• Stay tuned!
50. What’s Really the Problem?
Blurring of the lines between professional
and personal
– People do not consider the potential impact of
their communications (ignorance is not bliss)
– Personal opinion v. professional advice
– Eric Schmidt, CEO of Google, prediction to the
WSJ
Once you send, you CAN'T UNSEND
– WayBackMachine - http://www.archive.org
53. What About the Good?
Hospitals sharing information – as of October
2011, hospitals accounted for:
– 575 YouTube channels (compared to 398 in August
2010)
– 1068 Facebook pages (compared to 631 in August 2010)
– 814 Twitter accounts (compared to 634 in August 2010)
– 149 Blogs (compared to 87 in August 2010)
Good for patients because they can stay
informed, have more control over their own
healthcare and learn from actual experts
54. Outline
1. Privacy 3. Legal Issues
– History – Overview
– Foundation o Federal
– Why It Matters o State
Today
2. Social Media 4. Drafting Your Social
– Description Media Policy
– Importance – Considerations
– Example
56. Legal Issues with Social Media: Privacy
State and Federal Laws
– Strict privacy requirements and related data
security laws and regulations
– Revealing that the person is a patient is itself a
problem
– Limits your ability to respond to others online
because you would be disclosing PHI
57. Legal Issues with Social Media: Privacy
HIPAA/HITECH
– Privacy Rule
– Keep protected health information secure
– Disclosure allowed under certain defined
circumstances
– HIPAA Revision???
58. Legal Issues with Social Media: Privacy
HIPAA Complaint Facts
− HIPAA Privacy Rule - From April 2003 - Sept.
2011, HHS received 64,000+ complaints
− HIPAA Security Rule - Since Oct. 2009, OCR has
received 470+ complaints
− Of the above, ~22,500 eligible for enforcement
o ~15,000 - OCR required CEs to take corrective
actions
o ~7,500 - OCR found no violation
59. Legal Issues with Social Media: Privacy
HIPAA Complaint Facts Cont.
− Most common issues
o Employee misbehavior
o Improper disposal of records
o Organizations failing to give individuals copies of
their records
60. Legal Issues with Social Media: Privacy
HITECH Breach (HHS and FTC)
– "the unauthorized acquisition, access, use, or
disclosure of protected health information which
compromises the security or privacy of such
information, except where an unauthorized
person to whom such information is disclosed
would not reasonably have been able to retain
such information“
– If posted online, retained for a very long time
– Not covered by any of the breach exceptions
61. Legal Issues with Social Media: Privacy
HITECH Breach (HHS and FTC) –
−Who is under Obligations?
o Covered Entity
o Business Associate
o Subcontractor Requirements
62. Legal Issues with Social Media: Privacy
HITECH Breach (HHS and FTC) –
−What are you required to do?
o Required to investigate
o Required to give notice
o Required to reprimand
o Required to record/notify Secretary
63. Legal Issues with Social Media: Privacy
Investigation and Notice
– CEs must provide notification (where warranted)
“without unreasonable delay” but in no event
longer than 60 days after a breach is “discovered”
– A breach is discovered when it is known, or by
exercise of reasonable diligence, would have
been known by a member of the covered entity’s
workforce
– People in your workforce who spot a breach on
another employee’s site start the clock running
64. Legal Issues with Social Media: Privacy
State AG's have power to enforce HITECH
breach provisions
– At last year’s presentation, noted enforcement by
Connecticut, Indiana and Vermont
– For those AG’s, that are just learning, OCR has
kindly offered training sessions that took place:
o Dallas, Texas- April 4 & 5, 2011
o Atlanta, Georgia - May 9 & 10, 2011
o Washington, DC (metro area) - May 19 & 20, 2011
o San Francisco, CA- June 13 & 14, 2011
o In attendance? Reps from 45+ States and
territories
65. Legal Issues with Social Media: Privacy
State AG's have power to enforce HITECH
breach provisions
– In 2011, OCR provided technical assistance on
enforcement to the State Attorneys General in:
o California o Rhode Island
o Connecticut o South Carolina
o Illinois o Texas
o Massachusetts o Washington
o Michigan o Wyoming
66. Legal Issues with Social Media: Privacy
HIPAA Breach Facts
− As of Nov. 12, 2011, OCR received and posted
364 reports of breaches involving more than 500
individuals
o Each of the 6 largest breaches this year impacted
between 175,000 - 4.9 million individuals
o Reports from organizations in the Midwest
• Illinois - 17 / 242,682 • Michigan - 11 / 118,596
• Indiana - 11 / 66,938 • Minnesota - 10 / 47,804
• Iowa - 1 / 19,222 • Wisconsin - 5 / 16,888
67. Legal Issues with Social Media: Privacy
HIPAA Breach Facts Cont.
− As of Nov. 4, 2011, OCR received 36,000+ reports
involving fewer than 500 individuals
− Congress is not happy about the lack of
enforcement
o Senate Judiciary Committee, Subcommittee on
Privacy, Technology and the Law (Hearing from
November 9, 2011)
69. Cost of Addressing a Breach
Expensive to
clean up a breach
− $268 per record -
cost to rapidly
respond to
average data
breach (Ponemon
Institute, 2010)
70. Legal Issues with Social Media: Privacy
High stakes if employees violate patient's
privacy
– Liability under HIPAA and state laws, including
criminal liability (meaning jail time)
– PR problems
– $$$
72. Legal Issues with Social Media: Privacy
Numerous state laws may be implicated
−Data Record Privacy and Disclosure
o Mental illness (e.g., Mental Health Code, Act 258 of 1974,
MCL 330.1001 et seq.)
o HIV status (e.g., Acquired Immune Deficiency Syndrome,
Iowa Code 141A)
o Genetic information (e.g., IL - Genetic Information Privacy
Act, 410 ILCS 513)
−Several states have a patient bill of rights (e.g., MN
Healthcare Bill of Rights, Minn. Stat. 144.651 et seq)
74. Other Legal Risks
Discrimination
Harassment
Stored Communications Act of 1986
−Violation to gain unauthorized access
−Employees with “private” pages
75. Other Legal Risks
Negligence / Malpractice
Defamation
Intellectual property infringement
Afterhours work by nonexempt employees
FTC Endorsement Guidelines
76. Other Legal Risks
Malpractice
−Is tweeting during a medical procedure
negligence?
Litigation
−Tweets discoverable
−Facebook posts discoverable (probably)
77. National Labor Relations Act
The NLRB has been the hotbed of
social media activity
−National Labor Relations Act
o Enacted to protect employees’ rights to collective
bargaining
o But has been broadly applied to include employers
who do not have unions
78. National Labor Relations Act
The NLRB has been the hotbed of
social media activity
−Since 2010, has issued about 15 opinions on
various employer actions related to handling of
situations involving social media
−Typical case: employee sees something doesn’t
like, posts on Facebook, employer finds out and . .
79. National Labor Relations Act
TheNLRB has been the hotbed of
social media activity
− Since 2010, has issued about 15 opinions on
various employer actions related to handling of
situations involving social media
− Typical case: employee sees something doesn’t
like, posts on Facebook, employer finds out and . .
.
80. National Labor Relations Act
But, employers cannot fire employees when
employees are engaging in
− Concerted activity
o Employee acts “with or on the authority of other
employees, and not solely by and on behalf of the
employee himself”
− Protected activity
o Implicates working conditions (e.g., salary, hours,
safety, etc.)
− Protection can be lost under certain circumstances
81. Outline
1. Privacy 3. Legal Issues
– History – Overview
– Foundation o Federal
– Why It Matters o State
Today
2. Social Media 4. Drafting Your Social
– Description Media Policy
– Importance – Considerations
– Example
82. Why Have a Social Media Policy?
To protect your patients' rights
To instill professionalism throughout your
enterprise
To protect your organization from liability
To protect your employees from liability
83. Why Have a Social Media Policy?
If the organization does not know that
employees are posting PHI but knows of the
popularity of social networking websites and
that its employees use such websites
−Under Proposed HIPAA changes – may be "willful
neglect" if no policies and procedures in place
−In the HIPAA proposed rule, HHS focused on lack
of policies and procedures
84. Why Have a Social Media Policy?
Rogue employee defense
– Can shield employers from liability to the extent
the conduct occurred in spite of and contrary to
reasonable safeguards, including documented
training
85. Why Have a Social Media Policy?
Will not work if
– Cannot demonstrate a strict policy
– Cannot demonstrate training structure designed to
prevent the “rogue” conduct
86. Formulating a Social Media Policy
What is your stance?
– Does your organization want to allow the use of
social media? If so, with whose "tools"?
– Allow use only under certain circumstances?
Review current communications policies and
procedures
– Can generally be modified to address social media
– Good opportunity to review all policies
87. Formulating a Social Media Policy
Focus on what employees can do
− Be transparent and authentic
− Be responsible for what you write
− Protected PHI and proprietary information
− Use common sense and common courtesy
− Think twice before you hit post!
88. Formulating a Social Media Policy
Be consistent with your policies
Enforce your policies – having policies will not
help if they are not properly enforced
Review policies periodically
EMPLOYEES MUST BE AWARE OF POLICIES
AND RAMIFICATIONS OF VIOLATIONS
89. Formulating a Social Media Policy
Complying with the NLRB Act
− Policies may not be overly broad - examples of
overly broad language
o prohibit employees from using any social media that may
violate, compromise, or disregard the rights and reasonable
expectations as to privacy or confidentiality of any person
or entity
o prohibit any communication or post that constitutes
embarrassment, harassment or defamation of the
organization or of any organization employee, officer, board
member, representative, or staff member
o making statements that lack truthfulness or that might
damage the reputation or goodwill of the organization, its
staff, or employees
90. Formulating a Social Media Policy
Complying with the NLRB Act
− Why were those examples overly broad?
o NO definition or guidance as to what is private
or confidential
o NO exclusion for protected activities
Employees could reasonably interpret
policies to prohibit protected employee
discussions on wages and other terms and
conditions of employment
91. Formulating a Social Media Policy
Complying with the NLRB Act
– No right to:
o Make untrue statements
o Disloyal statements to damage a company’s
reputation
− BUT, if you investigate, and the above statements
are made in the context of a group of
employees discussing working conditions, call
your attorney prior to taking action
92. Policy Example: Kaiser Permanente
Statement Other considerations
Purpose – Facebook
Scope – Twitter
Definitions – Off Hours
Hosted Sites / Non- Discussions
Hosted Sites – Discussing Patients
Blogging Best Practices – Discussing Work
– If allow comments, Regulatory Audit
see the Mayo Clinic Enforcement
comments policy Training
93. Other Policy Examples
Mayo Clinic
– Participation Guidelines for the Public – Basic
rules of the road for blogs, etc. -
http://sharing.mayoclinic.org/guidelines/
– Comments Policy – How the Mayo Clinic handles
submitted comments -
http://www.mayoclinic.org/blogs/comment.html
– Guidelines for Employees & Code of Ethics -
http://sharing.mayoclinic.org/guidelines/for-mayo-
clinic-employees/
94. Other Policy Examples
Vanderbilt University Medical Center
– Social Media Toolkit
http://www.mc.vanderbilt.edu/root/vumc.php?site
=socialmediatoolkit
Social Media Governance
– http://socialmediagovernance.com/policies.php
– 174 Policies available
95. Disclaimer
This presentation is informational only. It does not
constitute legal or professional advice.
You are encouraged to consult with an attorney if
you have specific questions relating to any of the
topics covered in this presentation
96. For More Information
Brian Balow,
bbalow@dickinsonwright.com
Tatiana Melnik,
tmelnik@dickinsonwright.com
Attorneys practicing at