Mental Health News Radio

How to be HIPAA Compliant on Social Media

Print Friendly, PDF & Email
Social media use can pose serious issues to your practice’s HIPAA compliance if patient information is not properly protected.
Photos and stories from one’s workday are commonplace on Facebook and Twitter. In most industries, these posts are routine and harmless–no different than vacation photos or memories from years gone by.
Listen to our live podcast from The National Council of Behavioral Health’s annual conference NatCon with CEO Marc Haskelson and Behavioral Health Channel Director David Kay. 

 However, this increasing interconnectivity can lead to major problems for health care and behavioral health professionals in today’s world because of HIPAA regulation. The question becomes: how can behavioral health professionals ensure that social media use is compliant with the stringent privacy and security requirements of HIPAA regulation?
Below, we discuss some of the major concerns regarding medical information and social media use. What can you Post on Social Media? The golden rule to remember here is that social media posts should never contain information that can be linked back to individual patients or medical records.
Protected health information (PHI) is any demographic information that can be used to identify one of your patients. This includes names, full face photos, dates of birth, addresses, social security numbers, medical data, and financial information, among others. HIPAA regulation forbids the use of PHI in marketing or social media campaigns, so this should be avoided at all costs to protect your patients’ privacy.
Here are some of the things you can post on social media:
– Health tips that patients might find useful
– Upcoming events patients might like to attend
– New research or findings related to your field
– Honors or awards your organization has been granted
– Profiles or bios of your staff
– Advertisements of your services as long as they DO NOT CONTAIN THE PROTECTED HEALTH INFORMATION of any of your patients (including names, photos, or any other personally identifiable information)

HIPAA Policies and Procedures
The Department of Health and Human Services (HHS) has issued extensive guidance on social media use. Numerous policies and standards exist that outline exactly how behavioral health professionals can ensure that their practice or organization is HIPAA compliant.
You must ensure that your organization has HIPAA policies and procedures corresponding to these HHS standards. One of the most important aspects of maintaining HIPAA compliance is being able to document that your organization is upholding the privacy and security requirements of the regulation.
Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard™. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance. 
Compliancy Group’s team of expert Compliance Coaches™ field questions and guide users through the implementation process, taking the stress out of managing compliance.
The Guard is built to address the full extent of HIPAA regulation, including HIPAA policies and procedures with full documentation. With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure.
Find out more about how Compliancy Group can help simplify your HIPAA compliance today!


Mental Health News RadioListen to Stitcher