Knowledge Library

The benefits of using social media in a medical practice are becoming increasingly recognized, which makes the pressure to get involved even greater. As medical practices become more and more sophisticated at using social media for knowledge sharing, marketing, and other forms of communication, those who fail to participate will fall behind. These social media tips for medical practices can help you get started.

The use of social media in healthcare settings has expanded far outside the scope of marketing. Today, physicians are increasingly using social media for professional networking, communicating with colleagues, collaborating with researchers, improving patient outcomes, and professional development.

In 2017, sexual harassment claims dominated news coverage and social media forums. Claims of sexual misconduct and harassment have certainly clouded — if not ended — the careers of once powerful and publicly respected celebrities, and the #MeToo movement has encouraged and empowered many ordinary people to come forward with their stories of being harassed and treated inappropriately. The healthcare field is not immune to claims of sexual harassment.

“The Healthcare vertical is rife with Error and Misuse. In fact, it is the only industry vertical that has more internal actors behind breaches than external.”¹

While large and costly data breaches perpetrated by criminal hackers (such as the Equifax breach in 2017) make for splashy headlines, data breaches in healthcare caused by employee error and misuse are far more common.

A common scenario in email security breaches is seen when a billing service sends a bill to an incorrect email address. In most practice arrangements, a third-party billing company will have signed a business associate agreement. According to HIPAA, business associates must inform covered entities when they discover a security breach; however, HHS gives covered entities and business associates flexibility in defining, in the business associate agreements, how and when a business associate should notify the covered entity of a potential breach.¹ Consider the following case. (Please note that the following case focuses on the clinic’s responsibility to analyze the risk and perform the breach notification, even though the breach was caused by a business entity.)