Six Real-World Examples of Social Media HIPAA Violations
Articles,  Blog

Six Real-World Examples of Social Media HIPAA Violations


If you accidentally post a picture that
contains protected health information in the background of a social media post
it’s still a breach. Posting videos or pictures of patients is also a breach if
you don’t have proper, authorized written consent. Sharing any stories about
patients can violate HIPAA even if it doesn’t include the patient’s name or if
it’s within a private group of people who are permitted to know the
information. If it includes any information about a patient don’t post
it. It’s necessary that you keep work and personal life separate so that you don’t
face any kind of charges, fees, or even lose your job. Unfortunately, some
healthcare employees still fail to follow HIPAA when it comes to social
media. Hi everyone I’m Matt Moneypenny and today I’m going to give you 6
real-world examples of social media HIPAA violations, each of which were
officially reported by local news stations. [uplifting music] Before diving deeper into the
subject, make sure that you subscribe to our YouTube channel. Also, click on the
alert bell icon so that you’re notified when we post new, helpful content. A dental practice replied to patient
reviews on Yelp!, a business review platform, it doesn’t sound very harmful
but their responses included PHI. A patient complaint led to an
investigation that uncovered that this wasn’t the first comment the company
made containing PHI. The healthcare company had to pay $10,000
to settle the complaint. A medical group failed to an
patient that her medical information was breached. The patient originally learned
of the breach herself when she saw her information posted on Twitter. A hospital
employee was dating the patient’s ex-boyfriend and looked up her
information without authorization. She then shared this with her current
boyfriend who posted it on his Twitter. The employee that illegally looked up
the information told police that someone else must have looked up the information
after she logged into the system but this just wasn’t true. The employee was
fired for the incident A hospital nurse was fired for posting
details of a measles patient. The patient was too young to receive the
vaccinations before contracting the disease, which caused the painful rash
and a high fever. The nurse was also an anti-vaxxer and posted details on
child’s condition to a private anti-vaccination Facebook group. The problem
was her profile listed where she worked and it turns out that one parent in the
group had a child in the very same hospital that she worked. Worried about
the exposure to the disease this parent posted screenshots to the hospital’s
Facebook page. This launched an entire investigation and the hospital
immediately suspended the nurse. She deleted some of her comments because she
realized she had made the mistake, but it was too late the hospital fired her for
sharing those details. A patient care technician in Northwest
Indiana posted PHI from a former high school friend. The technician posted the
patient’s full name, date of birth and that the patient had a sexually
transmitted disease, specifically HPV. The post stated that the employee wanted to
expose the friend. The patient received a letter stating that the hospital took
action based on its policies and prcedures. An employee from a massive medical
center in North Carolina posted a photo of an infant patient with words printed
across her face. The employee did not have permission and the medical center
immediately informed the family of the breach and that appropriate action was
taken. The company didn’t release specifics about the breach but they did
say that they have a zero tolerance policy and have fired employees in the
past for breaches. This was the health care companies sixth violation related
to social media in three years. A reality TV show star worked as a
hospice nurse in a home healthcare aid where she lived in South Carolina. She sent a video with a pediatric patient to one of her fans over
Instagram direct messaging. The fan reported her to South Carolina Board of
Nursing for violating HIPAA. Other fans would encourage her to post pictures
with her patients and although the star said that this would be a violation of
HIPAA regulations she posted some anyway. some employees post PHI personal
agendas or simply because they don’t understand what makes something a HIPAA
violation in the first place. Even though the details might be interesting you
should always keep them to yourself so you don’t face fines, criminal charges or
even job loss. If you want to learn more information about social media HIPAA
violations reach out to Etactics. And if you enjoyed the video and you made it
already this far you might as well share it, like it, and comment below

Leave a Reply

Your email address will not be published. Required fields are marked *