Accessibility Tools
How to Be HIPAA Compliant on Social Media
How to Be HIPAA Compliant  on Social Media

Hippa Compliant

When talking to healthcare professionals, maintaining HIPAA compliance on social media is usually a concern.  Social media brings many benefits to the healthcare industry helping educate and communicate important information about your practice and specialities. Social media provides another touchpoint with your patients and ultimately impacts your brand in the community.

The HIPAA Privacy Rule prohibits the disclosure of ePHI on social media networks without the express consent of patients.¹  Busy providers often find it difficult to navigate and monitor social platforms with HIPAA regulations.  However, with 82% of Americans using social media, physicians recognize the need and expectation for a social media presence.

Social media  is a powerful marketing tool and represents your practice online. So how do providers utilize social media for the benefit of their practice and their patients while maintaining HIPAA compliance? It is not rocket science, but you do need to take it seriously.

Stay intentional and instructional

Often HIPAA violations on social media are the result of quick, casual posting.  For example, sharing a fun photo inside an office without realizing patients or private health information is visible.  Intentionality is key.  Ensure you have patient permission forms signed and on file for any posts that contain patient  health information. Employees must be trained on HIPAA compliance on social media.

Stay separate and streamlined

Physicians can get confused about the differences between a personal social profile versus a business profile. Personal and practice platform accounts should remain separate. There should be a clear distinction between your practice and your own personal private posts.  Standardize your marketing messaging on social media accounts to ensure HIPAA compliance across any social platforms you use.

Stay wise and watchful

Do not post without monitoring. Ensure that someone is reading comments and posts weekly for activity. Encourage patients who have disclosed private health information (PHI) online to contact your office directly. Always take the conversations about healthcare offline.  Even if your patients disclose their health issues and violate HIPPA, you cannot confirm or acknowledge their comments on a public platform.  Encourage your staff to stay watchful and report any issues.  Review and approve any social media content before posting to ensure it is HIPAA compliant.

Be intentional.  Implement policies for your practice and train your staff to use social media to inform, educate and engage.  Streamline your content to maintain HIPAA compliance across platforms and stay watchful.  When used properly and consistently, social media can help your brand standout while engaging and educating patients.

Too busy to manage your social media? We can help. SoClients curates customized content for your practice that is HIPAA compliant using a strategic content calendar and monitoring to meet your goals.  We help physicians tell their stories, so they can see more patients.

Holly Breen Olds
Founder & Client Marketing Director

Holly Breen Olds has served the healthcare industry with over 20 years of expertise in healthcare marketing for physicians, hospitals and the medical device sector across the US.

https://www.hipaajournal.com/hipaa-social-media/
https://www.statista.com/statistics/273476/percentage-of-us-population-with-a-social-network-profile/