I was scrolling through my Facebook newsfeed the other day when I saw a post by someone on a nursing group page. The nurse had posted a photograph of his own daughter’s neck, not in a hospital setting, with a funny caption. What followed was a storm of comments from people lecturing about the dangers of posting on social media. “That is a HIPAA violation!” many commenters proclaimed, warning the nurse he could lose his job. He responded that it was his daughter, not a medical setting, and there was no information posted, but commenters still seemed to think he could get in trouble for even posting at all.

Many health professionals have been penalized for accidental violations of the Health Insurance Portability and Accountability Act (HIPAA), which includes strict health information privacy regulations. But warnings about posting on social media don’t stop with patient information—many health professionals have also been terminated for speaking about their employers or their profession in a negative way. Perhaps most notably, nurse “celebrity” Katie Duke (who was featured on the TV program “NYMed”) was fired from her position in a New York City ER because she posted an “after photo” of a trauma bay on Instagram. Although the photo did not violate HIPAA or patient privacy, her hospital reportedly terminated her for posting a photo that someone could find offensive.

Many hospitals and organizations are developing clear and strict guidelines for posting—most along the lines of “do not do it, ever, about any patient, any time.” When in doubt, that is certainly good advice to follow. Why do people use social media at all? On blogs, Facebook, or other social media sites, sharing experiences can be a powerful way to connect with others, learn from anecdotes, and experience a sense of community about one’s profession. Medical community share sites, such as Figure 1, aim to educate medical professionals by sharing interesting cases, rare conditions, or innovative treatments. (Figure 1 is both private and secure, using HIPAA-compliant messaging with encryption and user verification.) Many health professionals incorrectly believe that simply by removing a patient’s name from a photo of an x-ray or a wound that they are not violating privacy laws, not realizing that protected health information is defined as up to 17 pieces of information that can be potentially identifying of an individual. 

So what can you do as a nurse if you wish to participate in knowledge-sharing on social media? First, educate yourself about what is and is not considered a HIPAA violation on social media, as well as the 17 possible identifiers of protected health information (PHI). Second, educate yourself on the policies in place at your specific employer, as they may be even more strict than HIPAA. The third is to use careful judgment and discretion, and if you must post, use only secure sites that are specifically HIPAA compliant. 

Here are some tips to keep in mind before posting something on social media:

  1. Nothing is private. Do not assume that if you send any health information electronically that it will go only to your intended recipient. Anything sent online (even if something is posted and then deleted) can be held on a server or disseminated to others.
  2. As a nurse you have an ethical and a legal obligation to keep patient private information safe at all times. This includes discussing an individual patient or their care, even if all identifying information is removed.
  3. Nurses must not speak in a disparaging manner of any patient at any time, even if there is no patient information in a post or comment.
  4. Nurses may not “gossip” about other patients, or share any photographs without written consent from a patient. Nurses should not take any photos, at any time, on their personal cell phones.

Remember, a breach of HIPAA can result not only in termination from your job, but also heavy fines and loss of your medical license. For additional information about HIPAA and social media for nurses, you can read a pamphlet put forward by the National Council of State Boards of Nursing here.

Laura Kinsella

Laura Kinsella, BSN, RN, CEN, is an emergency room nurse in Washington, DC.

More Nursing News

  • In April, the MedStar Health system of 10 hospitals and hundreds of physician-affiliated offices around the Maryland and Washington, D.C., area became the latest hospital system targeted by ransomware. Ransomware is a type of virus or malware that blocks access to a computer system until a payment is rendered. The…

  • Earlier this week the Pennsylvania College of Technology dedicated its Nursing Education Center during National Nurses Week. The college’s nursing program was previously housed on the second floor of the Health Sciences Center, sharing a wing with four other majors, but the new Nursing Education Center now occupies the entire…

Share This