Assault case puts hospitals’ social-media policies at issue
By Stacey Burling, The Philadelphia Inquirer | |
McClatchy-Tribune Information Services |
These apparently were not enough to protect it from humiliation when outsiders checked out the Twitter account of an emergency-room tech after she was arrested in an attack on a gay couple in
In 140-character increments,
Knott was fired from her job at
The case raises questions about how hospitals are protecting themselves and their customers in an age when many younger employees and some older ones are practically fused to their smartphones. The issue is particularly important in health care, where the federal Health Insurance Portability and Accountability Act (HIPAA) sets a high standard for sharing any patient information.
"Any story like this needs to be a reminder to everybody working in the field . . . about the importance of protecting patient information," said
The case also seems to have spooked many people who might know enough about the law to know whether Knott, whose tweets did not include patient names, did in fact violate HIPAA or just the standards of common sense and decency. Or even what's in a typical social media policy.
Citing tangential connections to the case, three lawyers declined to discuss it, while a fourth insisted that her name not be used.
Calls seeking interviews with officials at
So this appears to be a touchy issue, perhaps because it is obvious that no business with thousands of employees can police all of their Twitter, Instagram, and Facebook accounts.
Knott worked in a low-level hospital position that required a minimum of four weeks' training.
Millevoi said Abington's social media policy prohibits posting "any content about patients or their personal health information including patient images." The hospital will notify patients it can identify about the tweets, she said.
Lawyers disagreed about whether Knott's tweets were clear violations of HIPAA. The law prohibits public release of obvious things like names and facial pictures, as well as addresses, dates, insurance-policy numbers, e-mail addresses, and several other numbers. There's also a catch-all phrase that includes any information that someone could use to figure out who a patient is.
Lawyers weren't sure whether the dated tweets in this case would provide enough information for outsiders to identify patients.
"That's where it's a slippery slope," said a
She said HIPAA is not just about privacy, but dignity. "If I'm representing the hospital, you don't let them take pictures, ever," she said.
While the legal issues are the same for what you say on Twitter or in the elevator, social media's permanence and potential reach make it a bigger headache.
Steinfeld said privacy is a challenge in institutions that need so much personal information. Her job is to try to create a "culture" of privacy that reaches employees at all levels.
"It's a very good idea in the world of HIPAA to err on the side of caution," she said.
Her simplest description of the law: "You use patient information as necessary to do your job. If you stick to that, you're going to be in good shape."
215-854-4944 @StaceyABurling
www.inquirer.com/health_science
___
(c)2014 The Philadelphia Inquirer
Visit The Philadelphia Inquirer at www.philly.com
Distributed by MCT Information Services
Wordcount: | 787 |
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News