Staying Social While Staying HIPAA Compliant

Client success stories are not only our biggest inspiration but also our best marketing strategy. However, with HIPAA regulations, it can be a tangled web of do’s and don’ts when it comes to posting on social media. As a healthcare provider, it is extra important for you to understand what is allowed and what isn’t when it comes to your patients and your practice. NARA has put together 5 ways you can stay HIPAA compliant while still creating great social content.  

Stick to cases instead of specific patients. 

Your clients are the heart of what you do, and their success is directly responsible for your success. However, when talking about their amazing stories, simply stick to the facts of the case instead of the details of the individual. This is important because often, you may need to do more than just remove a patient’s name from the story. Someone could potentially recognize the patient from the story by info you discuss. By sticking to the facts of the case, you can avoid any chance of releasing private information.  

Secure written consent before you post pictures or testimonials.  

If you do decide to highlight a client, it is very important to get their written consent. Even using a moniker or blurring out details of a picture can still lead to disclosure. Have a consent form on-hand for clients to sign before you post a client’s success story or pictures on social media. There are even options for remote signing if your office is still working via remote appointments. 

Keep your private and professional life separated.   

Sometimes, lines between your professional and personal relationships can get blurred. Even if you’ve become friends with a patient outside of work, adding them to your personal social network can reveal more about yourself or your practice than you intended. It’s best to keep work life and personal life as separate as possible when it comes to social media.    

Double-check any photos you post. 

Posting pics of your office events, coworkers and even new holiday décor can really add some personality to your social media page. But be careful. Even if you’re taking a picture of your teammates at the office or a picture of a co-worker doing something fun, you still need to be cognizant if you’re giving anything away. Is there private information displayed on a computer monitor in the background? Is there private paperwork viewable in the photo? These are all things you need to look for before you post.   

Always ask yourself “Would I say this in public?”  

An easy way to distinguish what you should and should not post on social media is by asking yourself “would I say this in front of a patient?” If the answer is no, then there is no reason you should be posting it online in any form. Keep posts relevant about your services but be sure to always second guess your verbiage to prevent any mishaps. 

Although this list gives you a good start on how you should keep yourself HIPAA compliant online, there is even more info here. For everything else regarding compliance, NARA is here for you. Our webinars and conferences follow legislative action and can help you understand what new government regulations mean for you and your business.