You might think, “it can’t happen here,” but it keeps happening everywhere: From hospitals to nursing homes, healthcare employees are using social media inappropriately, violating patients’ rights to privacy, potentially running afoul of HIPAA regulations, and tanking organization’s reputations.
If you don’t have a workplace social media policy already, now is the time to write one.
What Is a Social Media Policy?
“A social media policy is one of your employment-oriented policies,” explains Elizabeth Spainhour, a communications attorney with the Brooks Pierce law firm in Raleigh, N.C. “It’s focused on the rules of the road with respect to what employees can and cannot do on social media.”
And having one in place has become very important to healthcare organizations. “It’s all about managing risk,” Spainhour says.
First, a social media policy can help your organization avoid costly HIPAA violations. It can also protect your reputation as a healthcare provider. Patients and family members need to believe they are physically and socially safe in your care, and that their privacy is respected. They need to be able to trust your organization and know that intimate details of their lives will not become fodder for an employee’s Twitter feed.
What to Include in Your Workplace Social Media Policy
As a healthcare HR manager, you’re probably a talent expert, but might not be a social media whiz. At the very least, your workplace social media policy should cover:
- People: “Make sure you’re covering all the folks who may be using social media in a way that impacts your business,” says Spainhour. This could include all employees, from independent contractors to volunteers, and everyone in between.
- Scope: “Be careful to be broad enough to capture what’s here today in terms of social media and what may pop up tomorrow,” she advises. Make sure your wording is broad and flexible enough to account for future developments.
- Activities: Identify appropriate and inappropriate uses of social media across the organization. Examples of acceptable and objectionable social posts give employees a clear sense of what’s right and wrong.
- Compliance: Outline specific standards and requirements related to federal and state regulations that apply to HIPAA and PHI.
- Enforcement: “Some people forget about the consequences of not complying with the policy,” Spainhour says. To give your policy teeth, clearly state the actions that will be taken when guidelines aren’t followed.
Enlist Others When Creating Your Social Media Policy
Spainhour suggests an internal working group for developing your workplace social media policy. This should include HR, internal counsel (if you have one), IT, and a few of the employees who will be living under the rules. You should also include a representative from marketing or PR, since they’re heavy users of social media on the organization’s behalf. Task this group with creating a draft policy that can be reviewed by outside counsel, if desired.
Use this advice to start — or update — a social media policy for your workplace that protects your organization and the people it cares for.
Are you interested in learning more about how you can use social media in your own work?
Download our white paper to learn how healthcare talent acquisition professionals can improve their efforts with modern marketing tactics!