Containing the Patient Privacy Breach
Qualify for a free subscription to HealthLeaders magazine.
Social media creates new challenges for patient privacy.
Patient confidentially used to be a simple concept, simply enforced. Healthcare workers, for the most part, knew not to poke their nose in the records room or gossip about patients' medical issues. Privacy breaches, when they occurred, could be contained.
Along came electronic medical records, Internet social sites like Twitter and Facebook, and hackers. These newfangled online outlets provide—literally and in an instant—global access to patients' medical records, which makes breaches a lot more serious and enforcement a lot tougher.
"Patient information is like radioactive material," says Arthur R. Derse, MD, director of the Center for Bioethics and Medical Humanities at the Medical College of Wisconsin in Milwaukee. "It must be protected. It must be contained. It cannot be taken out of the building, sent out of the building, or looked at inappropriately if the employee is not permitted to access it.
"The problem is students and employees and younger folks coming into work think of Facebook and Twitter as something you do. Just as you shouldn't be saying anything about patients on the telephone, you shouldn't be Twittering or Facebooking about work," Derse says.
Fortunately, the concept of patient confidentiality has remained as simple now as it was in the time of Hippocrates. Rather than devising detailed, multilayered responses to every new social networking outlet that pops up every few months, effective patient confidentiality guidelines should identify the new threats but focus on instilling that simple and ancient principle with trustworthy employees.
Pamela Paulk, vice president of human resources at Johns Hopkins Hospital and Johns Hopkins Health System, says the Baltimore-based health system's confidentiality guidelines are based upon trust. "We really do believe that our employees are going to do the right thing," Paulk says. "Our guidelines say that everybody has gone through HIPAA training and signed their confidentiality agreements. We say that extends to social media, anything that would apply at work applies on social media. That is basically the guidelines."
- NCQA Releases Annual Health Plan Rankings
- Technology Lights Up Health Innovation Forum
- Few Winners Among MSSP Participants
- 3 NC Health Systems Form Shared Services Organization
- Hospital Pharmacies Prep for Drug Takebacks
- Data Points to Boom in Private HIX
- Interstate Medical Licensure Effort Advances
- Anthem Blue Cross, 7 CA Health Systems Create New Challenger, Business Model
- EHR Systems 'Immature, Costly,' AMA Says
- How much does that x-ray cost? You can find out in NH