Headlines like this are becoming more common: “Company CEO steps down after social media fiasco.” Or, “Executive fired over social media gaffe.”
Every company today should have a social media policy in place to reduce its chances of becoming a negative headline, but even with a social media policy, things can get out of hand. For healthcare practices and hospitals, upholding patient privacy and confidentiality is of the utmost importance, and in addition to having a written policy, monitoring your social media is critical.
One of our employees recently told me about a situation that occurred with a medical practice she had worked for previously. The medical practice encouraged employees to “like” company posts on a social media platform. A female employee liked one of the company posts. But, by clicking on the likes, readers could be directed to her social media account image. She was in a very revealing outfit in her profile image. Apparently, patients saw the thumbnail image, clicked on it, and were treated to an eyeful. The young lady was a front-desk practice employee who engaged with every patient who walked in. The practice did not have a social media policy in place and lost patients due to the image and the negative attention it reflected on the practice.
Other examples of social media disasters are easy to find by searching Google. So, if you think your company or business is pretty safe from a social media debacle, you could be very wrong.
Navigating social media and creating comprehensive policies are not for the novice, and hiring a social media expert or PR agency is your best bet for providing your healthcare business with the best and most complete social media policy to keep your patients’ information safe and your company name out of trouble.
If you do not have the budget, but still want a social media policy, there are many examples on the Internet to use as a basic template for your business. Here are some pointers to keep in mind before creating your social media policy.
1. Start out by defining what your healthcare business deems as social media
A very detailed description may not take into account emerging trends and may leave your policy open to misinterpretation. For example, the National Council of State Boards of Nursing (NCSBN) describes social media as “social media outlets, platforms and applications, including blogs, social networking sites, video sites, and online chat rooms and forums.” A broad statement like this covers most forms of social media including ones that may be on the horizon.
2. Define acceptable social media use while working
Some employees may be authorized to check your company social media accounts while on-duty, but the parameters need to be defined. If employees bring their own devices, your policy needs to address this use very specifically. If your employees use computers or tablets that have Internet access, the use of both kinds of equipment while on the premises need to be clarified. Your guidelines for taking images while on duty with electronic devices needs to be written into your policy as well.
3. Define acceptable social media use while off-duty
More concerning to healthcare professionals is the use of social media by healthcare staff after hours. HIPAA defines patient privacy, and all employees in healthcare should be trained and educated on a regular basis about HIPAA regulations. While the majority of healthcare professionals would not disclose protected information on personal social media platforms, it can happen inadvertently and without intention to harm. Your policy should cover professionalism and ethics, and cover proper employee use of social media in regards to protected information even after employment terminates.
4. Define disciplinary action
When there is a breach of HIPAA guidelines or your own social media policy, there can be real repercussions. According to the NCSBN, improper use of social media by healthcare providers or workers may violate state and federal laws (established to protect patient privacy and confidentiality) and may result in both civil and criminal penalties, including fines and possible jail time. Educate your employees about your policy and spell out what actions the company will take if an employee uses social media against HIPAA or your company social media rules.
Because there are so many social media platforms available today, it becomes even harder to draw the line between work and off-duty social activity. If your company encourages its employees to post on the company social media accounts, how are you managing this? Can anyone post to your company accounts? Is there an employee who is responsible for monitoring posts and comments? Does your company have a policy in place to handle questionable employee posts? What is the disciplinary process for inappropriate or unprofessional posts?
These are important areas a social media policy must address to be enforceable. If you prefer your employees refrain from posting on your company social media accounts, do you state this in your employee handbook or social media policy? Are your employees “friends” or “followers” of your company social media accounts? If so, does your company regularly look at the employee pages associated with your account?
Make sure each employee comprehends your social media policy, put it in writing, and have each employee sign the document. As another layer of protection for your business, have your legal department review it before distributing the policy to employees.