The Security Scrutinizer with Howard Anderson

Social Media Policy: Lessons Learned

Healthcare System Cracks Down After X-ray Posted on Facebook
Social Media Policy: Lessons Learned

The Savannah Morning News broke the story about the privacy incident at St. Joseph's/Candler Health System. In a statement, the organization confirmed that employees used a camera phone to take a picture of an X-ray and text it to one another. The image also was posted to one employee's personal Facebook page, but has since been removed. And no information identifying the name or other information about the patient was displayed with the image, according to the two-hospital system.

A St. Joseph's/Candler spokesman told HealthcareInfoSecurity.com that the organization had a social media policy in place before the incident occurred and had blocked access to Facebook on its network. In the wake of the incident, he said, "One of the issues we are reviewing is the use of personal electronic equipment in certain parts of the hospital."

Make sure that you address employees' personal use of social media and spell out sanctions for violations of all policies. 

In its statement, the health system said it's "reviewing policies regarding use of personal electronic equipment, use of system equipment, and social media policies to ensure the policies are appropriate, constructive, enforceable and provide guidance to employees regarding appropriate use of emerging technologies like cell phone cameras and social networking sites."

So, if your organization doesn't have a detailed social media policy in place to ensure patient privacy, don't delay. In addition to a policy for your organization's official use of social networks, make sure that you address employees' personal use of social media and spell out sanctions for violations of all policies. And while you're at it, you might want to spell out that the use of personal cell phone cameras in the workplace is banned.

Also, be sure to learn from the good example of the folks at St. Joseph's/Candler and follow through with tough sanctions when incidents occur.

For more advice, see our recent story on expert tips for social media policies, as well as an upcoming webinar about Adventist Health System's social media strategies.



About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.