Legal considerations for social media in healthcare

At this point it seems hard to imagine a world without social media, which facilitates patient engagement and practice marketing efforts, not to mention its vital role in communication within the industry. Yet with the growth of these tools come other issues to keep in mind — like the legal ramifications of using outlets such as Twitter, Facebook, and LinkedIn within a healthcare setting.

"These social media sites have moved beyond the novelty stage and into the mainstream," read a recent whitepaper by Actiance. "They have become so pervasive that they have emerged as effective tools within the corporate setting as well. The line separating the recreational use of these tools from legitimate business purposes has become increasingly blurred."

"The potential legal issues that can arise from social networking activities run the gamut," it continued. "Privacy, unauthorized activities, and intellectual property issues stand top-of-mind for many individuals and enterprises. Other areas, such as content ownership, regulatory compliance, and even criminal activity, are impacted by social media, too."

Here are five keys to the legal issues of social media, as outlined in the report.

1. Privacy. According to the report, no issue resonates so strongly with the legal aspects of social media as privacy. "With so much content out there, and so many ways to access these social media tools, privacy has become somewhat elusive for many," it reads. "From a legal standpoint, whether an individual has a reasonable expectation of privacy or not is the critical factor in determining whether one’s actions are protected by privacy laws." When thinking about social media in the workplace, the report notes that determining if an employee has a reasonable expectation of privacy hinges on whether or not the website is password-protected. "If it is, then the argument that the employee has a reasonable expectation of privacy is strengthened. If not, then employers may have the justification to monitor the activities of that site." The key takeaway, the report concludes, is that individuals should always be mindful of privacy settings on these sites, along with the corporate policy for using social media tools within the enterprise.

2. Content ownership. As with many sites that are "content-rich," the issue about who owns the content is inevitable, according to the report. "Typically, each site has its own Terms of Use page, detailing the extent of its rights over end users' content," the report reads. "Great care must be taken by end users to fully understand what they are getting into." For example, it continued, when you close a Facebook account, do you no longer own the rights to your content? "At the very least, end users should think twice about disclosing sensitive or proprietary information on social networking sites," it notes.

3. Intellectual property infringement. "Not surprisingly, given the abundance of content and the myriad ways to access it, intellectual property infringement is an area generating much legal interest," reads the report. For example, copyright infringement comes into play when there are photos, videos, graphics and blogs being exchanged and posted on social media sites. "From posting someone else's photo on a Facebook wall to sending a song to a friend via Twitter, using any third-party content without permission can result in both criminal and civil liability." It adds that protection of trade secrets is another aspect of intellectual property infringement that warrants attention. For example, if an ex-employee shares a former employer's confidential information, the ex-employee would be held liable.

4. Unauthorized activities. Several legal issues fall under the umbrella of unauthorized activities, according to the report, with many of these issues evaluated under the same criteria that existed before the advent of social media platforms. The report outlined several unauthorized activities – including harassment, discrimination, defamation, disclosure of confidential information and criminal activity – all of which are addressed in the same manner as if they happened offline.

5. Regulatory compliance. The last key area where social sites have gained more scrutiny is in regard to regulatory compliance. "The high-profile financial scandals of the last 10 years have brought to the forefront tighter regulation of certain industries," the report reads. "The rapid growth of social networking sites has driven these industries to develop or refine guidelines specifically for social networking, or, at the very least, electronic communications." When looking at healthcare, HIPAA requires a patient's identity and personal health information to be protected. "Specifically, it applies to 'covered entities' and 'business associates' – essentially anyone with patient demographic or clinical information."