Legal Risks in Social Media for Healthcare Providers

Duration: 90 Minutes
Instructor: Chris Apgar
Webinar Id: 800053


One Attendee


The purpose of this webinar is to review the use of social media by health care organizations to better assist patients and health plan members and more broadly communicate to patients, health plan members, families and the community. The risks associated with social media will be reviewed along with a social media policy and procedure and a social media plan. Also, the webinar will include tips regarding how to minimize social media risks and better education for health care organizations’ workforce members.

Social media represents a low cost effective way to reach out to consumers of health care, industry colleagues and business-to-business customers. A number of health care organizations have implemented social media programs but many have also not through the adverse implications. Social media may represent one of the most significant risks to the unauthorized disclosure of patient information, especially if not managed with security in mind.

It is important to roll out social media programs in a structure fashion rather than rolling out a program "because the competition is." Planning is key to significantly reducing risk to the organization and patients and should occur prior to rolling out a social media program. Even if a social media program has been rolled out without sufficient pre-planning, it does not mean it’s too late to develop that plan and communicate it to employees, physicians, case workers, marketing and communications and so forth.

Social media stretches beyond what many see as the common social media sites such as Facebook, LinkedIn and Twitter.  Social media programs should also address the use of web-based personal mail, blogs posted on websites and white papers that are written and published on the web for educational purposes. The organization needs a plan to reasonably ensure no identifiable patient information is included in the plethora of posting out there, even if it is a white paper outlining treatment practices related to the care of certain conditions.

It's all too easy for patient information to leak out through social media. Web mail, as an example may be used to email patient specific information to another person or even to oneself. This may represent a breach of patient information, it may represent theft of patient information and, at the very least, it usually involves sending patient information un-encrypted over the internet.  If intercepted, that would be considered a breach.

This webinar will address the multiple facets of social media and how to use the tools available while minimizing risk. There is no such thing as risk free social media but the risk can be significantly reduced with sufficient planning and employee education.

Participants will walk away with a template plan, a template policy and procedure and knowledge of the pitfalls of social media that can be very expensive.  This is not just a webinar focused on risk and regulations. It is intended to provide the tools needed to protect health care organizations and their consumers.

The bottom line is once information makes it out to the Internet, it is very difficult if not impossible to get back.  Also, if the posting is of high interest to even a few people, the information will travel way beyond the intended group. It's important again to remember it's not just the posting of a patient's name. It also includes posting enough information that a "reasonable person" can identify the patient. A sound social media program will go a long way to limiting any unauthorized disclosure of patient/consumer information.

Areas Covered in the Session:

  • Social networking review
  • Privacy and security threats related to social media (e.g., texting, webmail)
  • Use and risks
  • Legal consequences – HIPAA, HITECH Act, Oregon law, financial and medical identity theft and legal risk
  • What individuals may do with their health information
  • Reasonable steps to protect against privacy and security breaches
  • What workforce members should know
  • viii. Summary and Discussion
Who Will Benefit:
  • Physicians, dentists & health care professionals
  • Practice management
  • CIOs
  • CFOs
  • HIM directors & managers
  • Privacy officers
  • Security officers
  • Risk managers
  • Compliance officers
  • Legal counsel
  • Marketing & communications
  • Researchers

Speaker Profile
Chris Apgar , CISSP, CEO and President of Apgar & Associates, LLC and former HIPAA Compliance officer for Providence Health Plans, is a nationally recognized information security, privacy, national identifier, HIPAA & electronic health information exchange expert. He has over 13 years of experience assisting health care organizations comply with HIPAA, HITECH and other privacy and security regulations. Mr. Apgar also has assisted health care, utilities and financial organizations implement privacy and security safeguards to protect against organizational harm and harm to consumers.

Mr. Apgar is a member of the Workgroup for Electronic Data Interchange (WEDI) Board of Directors member and has served on the Board for more than six years. Mr. Apgar continues to Chair the Oregon & SW Washington Healthcare, Privacy and Security Forum for the 12th year. Mr. Apgar recently joined the State of California Office of Privacy Protection project team charged with developing educational material for health care providers, health plans and consumers regarding medical identity theft and prevention. He is also a member of the Oregon Prescription Drug Monitoring Program Advisory Commission.

Apgar & Associate, LLC clients range from small to large health plans, providers, healthcare clearinghouses, vendors, non-profits, government agencies and health care associations. He has been endorsed by the Oregon Medical Association to assist members with privacy, security and regulatory compliance. Mr. Apgar is also a nationally known speaker and author. More information about Mr. Apgar and Apgar & Associates, LLC can be found at

You Recently Viewed