One of core requirements of The Health Insurance Portability and Accountability Act (HIPAA) is the protection of Patient Health Information (PHI). This is a requirement on which there is no compromise or exception. Breach of PHI can result in fines ranging up to $250,000 and/or imprisonment of up to a decade. This makes the prospect of a HIPAA violation very dangerous.
HIPAA violations in the social media have the potential to cause terrible harm to a healthcare organization, because the social media offer tremendous scope for data breaches. A data breach in the social media can happen with the simplest of things like a healthcare worker in the hospital leaking out the patient's name and condition to the social media, making it public. This has been the case with many HIPAA violations in the social media.
Does all this mean that hospitals and other healthcare settings should stay away from the social media? Not at all. Escaping from them is not the solution, because the social media are a very powerful medium that hospital and other healthcare settings can use to their advantage. With the social media having made forays in the most unexpected and dramatic of ways into all spheres, including healthcare; it is but natural for practitioners to look at ways by which to avoid HIPAA violations in the social media. Eschewing the social media is not the solution; learning ways by which to deal with them is.
Healthcare settings can avoid HIPAA violations in the social media, if they exercise a little restraint and judiciousness. The most important first step healthcare organizations can take is to publish guidelines and policy documents for everyone in the organization who uses social media.
Anyone in the organization who uses the social media has to be made aware of the consequences of being lax and wayward in sending out information about the healthcare organization or patients on the social media.