Containing the Patient Privacy Breach
Qualify for a free subscription to HealthLeaders magazine.
Social media creates new challenges for patient privacy.
Patient confidentially used to be a simple concept, simply enforced. Healthcare workers, for the most part, knew not to poke their nose in the records room or gossip about patients' medical issues. Privacy breaches, when they occurred, could be contained.
Along came electronic medical records, Internet social sites like Twitter and Facebook, and hackers. These newfangled online outlets provide—literally and in an instant—global access to patients' medical records, which makes breaches a lot more serious and enforcement a lot tougher.
"Patient information is like radioactive material," says Arthur R. Derse, MD, director of the Center for Bioethics and Medical Humanities at the Medical College of Wisconsin in Milwaukee. "It must be protected. It must be contained. It cannot be taken out of the building, sent out of the building, or looked at inappropriately if the employee is not permitted to access it.
"The problem is students and employees and younger folks coming into work think of Facebook and Twitter as something you do. Just as you shouldn't be saying anything about patients on the telephone, you shouldn't be Twittering or Facebooking about work," Derse says.
Fortunately, the concept of patient confidentiality has remained as simple now as it was in the time of Hippocrates. Rather than devising detailed, multilayered responses to every new social networking outlet that pops up every few months, effective patient confidentiality guidelines should identify the new threats but focus on instilling that simple and ancient principle with trustworthy employees.
Pamela Paulk, vice president of human resources at Johns Hopkins Hospital and Johns Hopkins Health System, says the Baltimore-based health system's confidentiality guidelines are based upon trust. "We really do believe that our employees are going to do the right thing," Paulk says. "Our guidelines say that everybody has gone through HIPAA training and signed their confidentiality agreements. We say that extends to social media, anything that would apply at work applies on social media. That is basically the guidelines."
- CEO Exchange: Preparing for Population Health
- Interventional Radiology No Longer a Sub-Specialty
- Advocate, NorthShore Deal Would Create 16-Hospital System
- Top Reason for Nurse Turnover: Managers
- CEO Exchange: Pressure is On to Partner, Drive Quality
- House OKs Cassidy's 'keep your plan' bill
- Power of price: In South FL and the nation, healthcare costs often are shrouded in secrecy
- Two NY hospitals to offer free hip and knee replacement surgeries for qualifying patients in December
- 3 Strategies for Retaining Millennial Employees
- How MA plans to re-enroll 450,000 residents in health insurance