In a recent article, Todd McDonagh, COO of MedSafe/Total Compliance Solutions discussed 10 steps that health care providers can take to ensure HIPAA compliance when using social media.

1. Set up different accounts for communicating with friends and family and use different passwords to help differentiate the accounts.
2. Understand the nature of the social media platforms — they were created to help people connect with one another, broadcast their ideas, and create stores of personal information online.
3. Understand the platform you are using and how it works. For example, understanding the difference between using the “@” symbol and a direct message on Twitter could prevent the wrong information from getting into the wrong hands.
4. Periodically check your privacy settings, preferably once a week, as they can change.
5. Never refer to a patient by name and be sure to not give out any information that could identify the patient.
6. When referencing particular cases, conditions or treatments, be as general as possible and do not describe specific demographics or populations that can be identified.
7. Never “friend” patients on Facebook, as this could lead to serious ethical issues, and consequently a violation of HIPAA.
8. Never post anything that you would be uncomfortable reading re-printed in the newspaper.
9. Take time to reflect on an email or tweet before sending it because more often than not, responses online are immediate.
10. Be careful about your tone, as written words can easily be misconstrued.

See on doctors.seton.net