Let’s say you’re a nurse at a local hospital. For the past several weeks, you’ve been caring for a young boy who needs a heart transplant.
One day, you learn that a donor organ has become available. You are elated – and you decide to share the news on your Facebook page.
“Great news! A new heart has been found for my five-year-old patient at Children’s. Be brave, Aiden – we’re all rooting for you!”
Good idea? Not really.
That’s because a post like this – while well intentioned – is a breach of confidentiality. There’s enough information here to identify the patient, his condition and the hospital where he is receiving treatment. Put it all together, and you’ve got yourself a HIPAA violation.
The truth is, there can be real consequences to nurses’ irresponsible use of social media. State boards of nursing may investigate reports of inappropriate disclosures on Facebook and other social media sites. If the allegations are found to be true, nurses can face reprimands, sanctions, fines, or temporary or permanent loss of their nursing license.
Many organizations have social media policies that govern employees’ use of social media, even if it’s for personal purposes. If yours is one of them, be sure to read and understand the guidelines.
Even if your employer does not have a specific policy, the main rule of thumb should be familiar to you: as a nurse, you have the legal and ethical obligation to maintain patient privacy and confidentiality.
The Health Insurance Portability and Accountability Act (HIPAA) specifically defines “identifiable information” and when and how it can be used. Such identifiable information could cover the past, present or future health of a patient, or it could be something that would lead someone to believe that it could be used to identify a patient. Brush up on your understanding of HIPAA.
How do you avoid problems? Do you need to stop using Facebook altogether if you’re a nurse? No, but you do need to be careful. Here are a few general guidelines:
- Simply put: Don’t reveal any personal health information about your patients in your posts. (And don’t think that it’s OK if you reveal their details but give them a fake name.)
- Don’t post any photos of your patients, even if they are cute kids. Photos are specifically called out in HIPAA as identifiable information.
- Maintain professional boundaries, even online. Friending your patients or patients’ families is, in most cases, a no-no. The Mayo Clinic’s guidelines for employees say, “Staff in patient care roles generally should not initiate or accept friend requests except in unusual circumstances such as the situation where an in-person friendship pre-dates the treatment relationship.”
- Don’t rely on privacy settings. No matter how meticulous you are about privacy settings, there’s no guarantee that a friend won’t like your post so much that she takes a screenshot and posts your “private” message elsewhere.
- Remember that anything online will be there forever, even if you delete it. Someone may have taken a screenshot before you took your post down. If you are under investigation, your posts can be still found on servers.
For more information, read A Nurse’s Guide to the Use of Social Media from the National Council of State Boards of Nursing.
These guidelines are for informational purposes only and are not legal advice.
National Council of State Boards of Nursing. (2011). A Nurse’s Guide to the Use of Social Media [Brochure]. Retrieved from https://www.ncsbn.org/NCSBN_SocialMedia.pdf
Pagana, K. (2014, January 21). Facebook: Know the Policy Before Posting [Webinar]. In Nurse.com Continuing Education series. Retrieved from http://ce.nurse.com/course/ce630/facebook/.