Twitter for Healthcare Professionals
HIPAA and Twitter don’t mix. So, how can you use Twitter to promote your practice without violating HIPAA? Use Twitter to build awareness and your brand.
You can post things such as:
- Health tips that patients might find useful
- Upcoming events patients might like to attend
- New research or findings related to your field
- Honors or awards your organization has been granted
- Profiles or bios of your staff
- Discounts or special offers on services you provide
- Advertisements of your services as long as they DO NOT contain the PHI of any of your patients (including names, photos, or any other personally identifiable information)
What shouldn’t you post on Twitter:
- Don’t create ads or posts using patient information or PHI (including names, photos, or treatment information) without obtaining explicit permission from the patients involved.
- Don’t allow staff members to take photos within the practice if there is the potential that PHI (such as documents, fax sheets, print-outs, or computer screens) will be visible.
If you are going to use Twitter to promote your practice, it is vital that staff members who manage your social accounts know how they can and cannot share information. To do so, you should create HIPAA marketing policies and procedures for social media use by employees, capturing the necessary regulatory standards, with limitations on what they can and cannot post.
Patient Testimonials and Authorization
If you’d like to share patient testimonials or success stories on Twitter, you can, but only with patient authorization. You need signed patient consent before you share any of their information on social media. The patient authorization form must explicitly state what their information will be used for. If you’d like to use their information for a different purpose, you must have them sign another authorization form that states that purpose.