HIPAA & Online Communications – What are the rules?

Most health care providers have become accustomed to working in an environment where protected health information (PHI) is appropriately handled on a day-to-day basis. Knowing when to require patient signatures prior to releasing records and finding private areas to have conversations with and about patients now seem to be second nature and follow common sense rules. However, one area that may be more challenging to providers and patients are electronic communications – including texting, e-mailing, and using social media.

While these methods might provide an easy way of communicating with patients directly – especially when responding to reviews on various social media sites such as Yelp or Facebook – there are HIPAA privacy concerns that outweigh any perceived benefits.

ProPublica published an article about providers responding to negative reviews online – it outlines the realities faced by healthcare providers when trying to defend themselves online and is a good reminder for all providers that a patients’ protected health information must not be disclosed by the provider in any public forum.