Facebook has come under heavy scrutiny for the way personal data has been misused by third-parties like Cambridge Analytica. More than ever, it’s important to protect your practice and your patients from potential missteps that could expose protected health information and open your practice to HIPAA violation.
Here are a few tips for dentists to effectively use Facebook while protecting your dental practice and patient privacy.
Keep Your Patient List Private
Did you know that you should never identify someone as a patient on Facebook without their express consent? Always treat your Facebook fans as a general audience, and don’t specifically identify anyone from your account unless you have signed permission to do so.
NEVER Share Sensitive Patient Information on Social Media
There is never a good reason to share a patient’s medical history on Facebook. Nor should you discuss a patient on your personal Facebook account. This is especially true when responding to reviews. While it may be tempting to explain more about a negative situation, revealing more than a patient has revealed can lead to a HIPAA violation.
Create a Comprehensive Photo Policy
A detailed photo policy will help your dental practice share fun content from inside the office. If your staff wants to photograph a patient for use on social media, be certain to obtain written consent from the patient and parent or guardian before taking that patient’s picture.
Many practices now designate a photo area where pictures are allowed. This helps prevent someone from having their image accidentally shared without their consent.
The Savvy Share app is a great tool for securely collecting signature consent for every photo you post online.
Communicate Sensitive Documents Safely
Communicating sensitive patient information should NEVER take place in a public forum like social media, or even through unsecure chat services like Facebook Messenger. Instead, always use a secure, encrypted connection for sensitive documents like x-rays, treatment history or other ePHI.
If a patient contacts you on Facebook and requests advice or medical information, direct them to call your office or use your encrypted email services.
Smile Savvy offers an encrypted email service to help dentists share patient information easily and securely. Our encrypted email service is 100% HIPAA compliant, and works with most major email services like Gmail, GSuite or Office 365.