After doing some research and discovering recent events that resulted in harsh punishment due tothe compromising of patients’ privacy, protected under the HIPAA (Health Insurance Portability andAccountability Act), It has me questioning as a sonographer how well we are trained to understand this law and the consequences that come along with it. In talking with many sonographers’, during a new hire process they were instructed to sign a HIPAA document basically stating that you understand the law exists and that you are willing to abide by it. Other sonographers’ watched a short orientation video and had to pass a short quiz that followed. So the lack of education on this topic including continuing education is concerning considering the consequences that can occur if a violation is reported are detrimental. The severity of punishment for violating this law can be as little as a verbal or written warning and as severe as jail time.
To improve the efficiency and effectiveness of the health care system, the HIPAA law (Health Insurance Portability and AccountabilityAct) was originally adapted in 1996. A privacy rule was established in 2000 and later modified in 2002 and in 2003 compliance was added to this rule. Finally in February of 2003 HHS published a Security rule that sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information. In 2013 HHS combined all these regulatory standards creating the HIPAA Administrative Simplification Document we as healthcare professionals follow today.
The purpose of this discussion today is to bring awareness to not only students but also practicing sonographers who may be surprised on the boundaries of posting about their day on social media sights. One social media site in particular, Facebook, has created a forum in which individuals, businesses, schools, and other professions are able to connect with one another, share information, and express opinions across a wide network of users. Those who frequently post are more likely to violate the standards than those that post less frequently. Discussing the day’s events or unusual situations or sharing images are acts that potentially violating patient privacy right. It is still unclear how personal use of social media overlaps with professional use or if individuals identify the difference. The information that health care workers post online not only affects others opinions of them and the reputations of their employers but also creates the potential to violate patients’ privacy and trust.
Even if no names are disclosed on a post, there is often enough information included to make it possible for the person to be identified by others. There may be no intent to violate the HIPAA law, but it can easily happen when we are not fully aware of what constitutes as a violation when it comes to social media. Just the lack of thinking that any harm can be done just by complaining about that obese patient they had to scan that day, or maybe the floor nurse put in the wrong diagnosis to have the study done. The point is, a simple statement made by a sonographer concerning a scan can easily violate theHIPAA rules and jeopardize patient safety. Consider how easy it is to go online and discuss a day in clinical training or a day at work. If you wrote about it, and anywhere at any time you posted where you’re doing your clinical rotation, or where you work, chances are it can be traced back to you, and you unknowingly violated a HIPAA law.
Although, it’s no wonder that sonography students want to share their experiences in the healthcare industry because they are excited about working with patients and getting close to starting a new career. However, there is a growing concern that students and professionals alike are violating HIPAA rules on social media and are not aware they are doing so. HIPAA breaches are not merely intentional violations of the law but a stark reminder that violating HIPAA can result in more than just civil monetary penalties, but the financial and reputational fall-out that results from a breach too may have us thinking before we post next time.
For more information please visit https://www.hhs.gov/hipaa.