HIPAA Ignored: Doctors And Nurses Are Sharing Embarrassing Photos of Patients On Social Media
Visiting the doctor can be … well, awkward. No one enjoys donning an onionskin gown and waiting in a chilly room for a pelvic exam or prostate probing and testicular palpation. Perhaps a colonoscopy will be performed or a catheter placed. Fresh humiliations lie at every turn and within every orifice.
Medical emergencies thrust us into even less dignified circumstances, without the luxury of a mental rehearsal. But what’s the worst that can happen? The nurses notice you haven’t kept up with your manscaping? Dr. McDreamy has to cut away your shapewear to plug a sucking chest wound? Totally worth it.
We shake off these humbling experiences the moment we leave the physician’s office or hospital, confident that what happened behind the privacy curtain will stay there. But now we have a different kind of exposure to worry about: becoming some doctor’s 140-character case study or the latest trophy on his Facebook wall. That’s what happened to a 23-year-old model admitted to Chicago’s Northwestern Memorial Hospital last June for excessive alcohol consumption. An emergency department physician allegedly took photos of her in which she appears anxious and disheveled. He’s accused of having posted the unbecoming shots on Facebook and Instagram.
In a similar incident in August, an off-duty employee of Spectrum Health in Grand Rapids, Mich., photographed an attractive female patient in the emergency department and posted the image on Facebook, with the blandly pervy caption “I like what I like.” He and several colleagues implicated in the misconduct are now free to seek upskirt opportunities elsewhere.
About 30 percent of state medical boards report having fielded complaints of “online violations of patient confidentiality,” according to a recent survey published in the Journal of the American Medical Association. More than 10 percent had handled an episode like the one at Northwestern Memorial, involving what the survey refers to as “online depiction of intoxication.” A study by QuantiaMD reports that 13 percent of physicians admit to having used public online platforms to hash out specific cases with fellow practitioners. Names are withheld, but providers may inadvertently supply other details that allow patients to be identified.
The immediacy and presumed anonymity of online sharing make it easy for a patient to become a doctor or nurse’s chief complaint. According to the Federation of State Medical Boards, one patient took offense at a blog entry in which a physician branded another patient “lazy” and “ignorant” for repeatedly failing to control her glucose level. The FSMB cites this grievance as an example of how “use of social media and social networking may undermine a proper physician-patient relationship and the public trust.”
A Missouri doctor’s criticism of a habitually tardy mother-to-be outraged many patients but drew sympathy from her colleagues at St. John’s Mercy Medical Center: “So I have a patient who has chosen to either no-show or be late (sometimes hours) for all of her prenatal visits, ultrasounds, and NSTs,” the OB-GYN fumed to her Facebook friends. “She is now 3 hours late for her induction. May I show up late to her delivery?” The doctor also revealed that the patient had previously had a stillbirth.
At University Medical Center in Jackson, Miss., an administrative employee resigned in December 2009 after tweeting a water-cooler rumor she’d heard involving then-Gov. Haley Barbour. The tweet intimated that the hospital had once opened after hours, at taxpayers’ expense, to accommodate an exam at the governor’s convenience. Federal privacy regulations are so strict that without explicit permission, it’s a violation even to disclose that a person has received care at a particular facility.
A lack of compassion sometimes spawns disregard of patients’ privacy rights. At Mercy Walworth Hospital and Medical Center in Lake Geneva, Wis., two nurses were terminated in February 2009 for posting the X-ray of a patient who had presented for treatment with a sexual device lodged in his rectum. The nurses, who apparently had no other duties to attend to, snapped cellphone pics on the sly and shared at least one of the images on Facebook.
When online privacy breaches first began to occur, many institutions had no applicable rules governing the use of electronic content. At Stony Brook University Medical Center on Long Island, development of such a policy quickly became a priority in January 2010, when a photo began to circulate showing a medical student posing with a dissected corpse in the anatomy lab. (Federal privacy protection does, in fact, extend to deceased people under most circumstances.)
Lots of unauthorized disclosures can be attributed to technological naiveté or sheer carelessness. A piece in Clinical Obstetrics and Gynecology points out that many social media sites have followed the lead of Google Plus in simplifying privacy settings, allowing even techno-rubes to shield their conversations from public view. Yet a recent article in Teaching and Learning in Medicine laments that 62 percent of medical students and 67.5 percent of residents on Facebook neglect to modify the default visibility preferences.
Despite the flak over these and other indiscretions, a recent Harris Interactive poll indicates that 79 percent of Americans trust health care professionals to safeguard sensitive information. Providers will have to be more cautious than ever, though, as new crowdsourcing apps are introduced. The collaborative nature of popular platforms like Sermo may tempt clinicians to volunteer confidential details about their patients. Other apps use crowdsourcing to generate shared medical image databases. Figure 1 automatically detects and blocks out faces on uploaded images but relies on users themselves to obscure tattoos, moles, and other distinguishing features.
Some doctors have misgivings about employing social media in the service of patient care: “What if one finds something that is not warm and fuzzy?” frets resident physician Haider Javed Warraich in a post this week on the New York Times’ Well blog. Despite his reservations, Warraich defends the practice, pointing out that doctors have used online intel to gauge suicide risk, discover relevant undisclosed criminal histories, and contact the families of unresponsive patients.
Social networking was also helpful on the day of the Boston Marathon bombing. Doctors near the finish line tweeted accounts of the attack to local emergency personnel six minutes before official announcements were made, giving staff critical time to prepare for the arrival of victims.
But until the utility of online sharing in health care contexts becomes obvious to hospital operatives, they’ll continue to view it the way the rest of us regard twerking—if we ignore it long enough, surely it will just go away. Nearly 60 percent of the health care professionals surveyed by InCrowd report having no social media access in clinical settings at work.
The American Nurses Association, American Medical Association, and other trade groups have tried to soften administrators’ hard line by setting standards for social media use in the workplace. They’ve published guidelines packed with nuggets like “Pause before you post” and “Be aware that any information [you] post on a social networking site may be disseminated (whether intended or not) to a larger audience.” These insights will undoubtedly be useful to CompuServe subscribers. In addition, the AMA urges its members to maintain separate personal and professional identities, a strategy that’s likely to work as well for doctors as it has for Anthony Weiner.
In 1999 the California HealthCare Foundation issued a report titled “The Future of the Internet in Health Care: Five-Year Forecast,” by Robert Mittman and Mary Cain of the Institute for the Future. Some of the authors’ predictions fell short—notably, they failed to anticipate The Google. (“Weaknesses in Web browser and search engine technologies,” they observe, “will limit the appeal of the Internet to health care providers.”) But overall, the forecast proved remarkably prescient. Its conclusions about online privacy foreshadow the equilibrium most contemporary patients and providers have reached: “[T]here will inevitably be several well-publicized incidents of people being harmed by public releases of their health care information—those exceptional cases will shape the debate,” the report predicts. “[I]n the end, people and organizations will have to learn to live with a less-than-perfect combination of technologies and policies.” Even health care executives must eventually relent and entrust doctors and nurses with the weighty responsibility of unfettered social media access. For now, their duties will be limited to saving lives.
Articles in this issue:
- Debunked: Red Wine Antioxidant Will Not Help You Live Longer
- HIPAA Ignored: Doctors And Nurses Are Sharing Embarrassing Photos of Patients On Social Media
- Long Term Safety of ADHD Medication is Still Unknown
- Larry Page: 100,000 Lives Could Be Saved Next Year If We Opened Up Healthcare Information
- Nursing Jobs Not As Easy To Find As New Nurses Expected
Leave a Comment
Please keep in mind that all comments are moderated. Please do not use a spam keyword or a domain as your name, or else it will be deleted. Let's have a personal and meaningful conversation instead. Thanks for your comments!
In This Issue
Liz Di Bernardo