FEB 2014

EyeWorld is the official news magazine of the American Society of Cataract & Refractive Surgery.

Issue link: https://digital.eyeworld.org/i/274531

Contents of this Issue


Page 95 of 114

S o cial networking tech- nologies like MySpace, Facebook, Flickr, Twitter, etc., have occasionally been accused of blunting the intelligence and discrimination of their (especially younger) users. One complaint is that users come to identify themselves as part of an i nput-output communicational loop in which they aren't assigned formal roles of responsibility or authority. Be- cause they know that they are only one of possibly thousands of users connected at any moment, they come to feel like anonymous nodes within vast networks of information processors. Furthermore, the way the i nformation is distributed—from the most banal or trite comments imagi- nable to Edward Snowden's recent leaks of up to 200,000 National Se- curity Agency classified documents —makes it seem that no information is more important, more protected, more private, or more confidential than any other information. Social networking technologies tend to homogenize information, such that we lose a critical sense of the infor- mation's importance or significance. If true, the increasing use of social networking technologies in healthcare environments is particu- larly troubling because health pro- fessionals have an obligation, going back to Hippocrates, to be exquis- itely discriminating and protective of patient health information. Even so, virtually all health professionals learn early in their careers how that responsibility is occasionally dis- missed or forgotten, such as when their colleagues loudly discuss inti- mate details about a particular pa- tient in the hallways or elevators, or leave patient charts lying carelessly about the nurses' station, or use their computer passwords to access patient information in unauthorized ways. So if social networking tech- nologies threaten an insensitivity to information generally, they provide us with considerable cause for worry. If I was an office manager in any kind of healthcare facility where protected health information is kept, I'd make a concentrated effort to teach staff what could happen from abusing their patient confiden- tiality or privacy obligations, especially with social networking technologies. For example, I'd tell them a bout the case of Candace Yath vs. Fairview Clinics [767 N.W.2d 34 (2009)], wherein a clinic employee accessed a patient's medical records multiple times without authoriza- tion and then sent an email from the clinic to a relative revealing confidential information about the patient. The patient (who was the e mployee's sister-in-law) learned about the breach of privacy and had her grandmother call the clinic and complain. After initially denying but then admitting her wrongful behav- ior, the employee was summarily fired, but the day after her dismissal, one of her relatives created and posted an embarrassing webpage about the patient on MySpace that referenced the original, confidential information. A very nasty lawsuit followed where multiple parties, including the clinic, were sued for invasion of privacy, breach of confidentiality, and infliction of emotional distress. Admittedly, this may be an extreme case, but again, if I was an office manager, I'd be very worried about the possibility of office staff discussing—especially via social networking—any protected health information with unauthorized per- sons. For example, I would worry about my employees discussing or commenting on patients or other health professionals on their Facebook pages. Of course, it has be- come commonplace for patients to "rate" their doctors and clinics on various websites, which has not only infuriated some physicians who got low grades from patients but moti- vated them to sue for defamation. Just so, it is easy to imagine a frus- trated physician or clinic employee writing unflattering posts about cer- tain patients on their networking pages and then getting sued for having disclosed confidential health information about those very persons in their posts. Some of the basic things that of- fice managers can do to reduce the likelihood of unethical (or illegal) information sharing are to 1) sensi- tize staff on how even seemingly in- nocent information sharing can turn into a serious privacy or confiden- tiality breach, and 2) create an over- all attitude of caution and discretion in disseminating any health-related information in any form. Employees m ust be impressed with the fact that when health-related information is shared in any way, but especially through social networking technolo- gies, they lose the ability to control that information. Even when I con- fide information to my most trusted friend, I have no control over what he or she will ultimately do upon h earing that information. For that reason, law and ethics generally rec- ommend that protected health in- formation only be disseminated to individuals who have a right and a need to know it. Thus, related infor- mation shared with medical or tech- n ical consultants involved in the patient's care is perfectly allowable, but someone reading a patient's chart out of a sense of personal cu- riosity, such as occurred in the Yath case, is not. Clinics and hospitals need to have strict policies on social net- working and data sharing. These will i nclude policies on the use of smart- phones in the office; what data, if any, can be transmitted through social networking instruments; who EW Ophthalmology Business 93 by John Banja, PhD Social networking in an office practice F ebruary 2014 continued on page 94 91-97 OB_EW February 2014-DL2_Layout 1 1/30/14 11:51 AM Page 93

Articles in this issue

Archives of this issue

view archives of Eyeworld - FEB 2014