How to Keep Social Media from Ruining Your Career
Three things to know before you post
It’s been a tough day at work and you just want to vent. So, you log into Facebook and post something in a huff — only to realize too late the HIPAA rules you’ve broken or how upset your employer will be when someone points out your rant.
It’s a familiar scenario that happens more than you might think, even in our own backyard. According to a recent article in the Journal of Nursing, there have been several instances of California hospitals firing nurses for breaches of patient privacy on social media sites. One of the most blatant examples was when several nurses chose to take photos of a patient who was nearly decapitated in a nursing home stabbing in Long Beach.
Another incident occurred at Tri-City Medical Center in Oceanside, where five hospital employees were fired for posting patient information on Facebook, leading to an investigation by the California Department of Public Health.
Since California is the birthplace of some of the world’s most popular technology, including Facebook, Twitter and LinkedIn, healthcare providers here have some of the highest rates of social media use in the nation. Even the California Nurses Association, which has its own Facebook page, understands the power of posting and tweeting to reach an audience.
It’s not that nurses should avoid using social media entirely, but it’s important to be cautious and to use it appropriately. The various issues surrounding the use of social media really boil down to three major areas: employee rights, employer rights and patients’ right to privacy. Consider the following:
Yes, you absolutely have a right to your privacy. However, the decision to meander into the online world is a game changer that could also alter your career.
When you’re propping your throbbing feet on the sofa after that last horrible shift, sighing and sipping at your wine, it might seem like a perfectly good idea to post your withering words about your supervisor’s shortcomings. Then, a friend shares it with a friend who is a friend of your boss and the next thing you know, your boss is glaring at you across her desk and you’re hoping she didn’t also see your Disneyland pictures from the weekend you called in sick.
Back in the seeming Stone Age of pen and paper, you might have been able to set a match to your regrettable words and watch them turn to irretrievable ash. Unfortunately, that possibility is nonexistent in a digital world where footprints remain forever in the electronic sand. Once you post it, you own it — for good.
It’s not that your employer wants to know the private details of your life, but if you choose to put them out there, they can no longer be defined as private. In fact, the use of social media sites to screen potential employees has become common practice in the human resources world.
According to the job website Careerbuilder, the following types of online posts become reasons not to hire someone:
- Inappropriate photographs or information
- Information about alcohol and drug use
- Negative comments about previous work relationships
- Evidence of poor communication skills
- Evidence of discrimination
- Indication that the candidate has misrepresented qualifications
- Sharing confidential professional information.
Some employers have even been known to ask candidates for access to their private accounts. However, in 2012, California became one of only three states in the nation to explicitly outlaw that practice except in certain very specific circumstances. So, if you’re asked for your social media passwords, know that in most cases, the law will back you up if you decline to hand over that information.
Employers have many rights when it comes to how employees conduct business. This includes activity that occurs on any equipment the company owns as well as social media (or email) accounts that the company creates.
If you name your employer in a post on your personal account, you should still be careful in what you say — depending on the situation, you could create a lot of trouble for yourself. The National Labor Relations Board (NLRB) has surprised employers by sometimes siding with employees about negative social media posts where the employees appeared to be attempting to improve workplace conditions. However, in other cases, the NLRB has ruled against employees whose posts were viewed as being downright offensive.
Use common sense when posting and know your employer’s social media policies. With today’s murky waters regarding social media and employment law, you might win a fight that results from a social media post, but you could certainly endure a lot of hardship trying to make your point.
If you’re looking for solid ground on which to stand in the midst of all the social media uncertainty, you can find solace within the arena of patients’ privacy rights. Hopefully, there’s not a practicing nurse in the country who isn’t thoroughly versed on HIPAA.
However, not everyone may realize all the subtle ways in which the rules can be broken. It’s not just about standing on the street corner with a bullhorn, reading off patient names and diagnoses. A serious violation can occur in the quiet of your living room when you post the juicy details of an “anonymous” ER nightmare that ends up in the next morning’s headlines.
Think you’re abiding by the HIPAA privacy rule if you don’t use a patient’s name in your post? Think again. Many types of patient identifiers are covered by HIPAA (see the sidebar for a run-down) and your employer won’t take kindly to the fine it’ll have to pay when it’s discovered that you used one or more of those identifiers when you decided to go online with your words — not to mention the legal consequences that could result if a patient or family feels their privacy has been breached.
Basically, if a patient’s identity can be associated with a health identifier, the HIPAA rule has been violated. This includes texting about a wheelchair delivery to a Mrs. Smith at 301 Douglas Avenue or mentioning the room number of a patient whose death you tweeted about on Twitter.
The Department of Health and Human Services defines protected health information (PHI) as “individually identifiable health information held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper or oral.” This includes information and associated identifiers related to:
- Past, present or future physical or mental health conditions of an individual
- Provision of healthcare to an individual
- Past, present or future payment for the provision of healthcare to an individual.
A patient’s name, address or phone number alone does not necessarily constitute PHI, but using these and other identifiers in combination with the patient’s health or healthcare in any manner does count as PHI and that’s what can get you into trouble.
So, the next time you’re tempted to log in and rant about your patient, think before you post — and consider the rights on which you may be about to trample. You could negatively impact a patient. You could create pain for a family. You could upset your hospital. And once the dust settles, you could find that your impulsive electronic tongue has hurt you most of all.
Combining these common identifiers with patient health information can violate HIPAA:
- Names of individuals
- Geographic subdivisions smaller than a state
- Dates directly related to an individual
- Telephone numbers
- Fax numbers
- Email addresses
- Social Security numbers
- Medical record numbers
- Health plan beneficiary names
- Account numbers
- Certificate/license numbers
- Vehicle identifiers
- Device identifiers
- IP addresses
- Biometric identifiers
- Other unique identifying numbers.
Sue Montgomery, RN, BSN, is a critical care and hospice nurse who writes on healthcare issues. She is a member of the Hospice and Palliative Nurses Association and American Medical Writers Association.
This article is from workingnurse.com.