Episode 3: Social Media Dos and Don'ts
In episode 3 of our New-to-Practice series, TMLT's Vice President of Marketing, Laura Brockway, offers advice and guidance on how to maneuver social media and your online presence.
Episode 3: Social Media Dos and Don'ts
In episode 3 of our New-to-Practice series, TMLT's Vice President of Marketing, Laura Brockway, offers advice and guidance on how to maneuver social media and your online presence.
Laura Brockway, TMLT's Vice President of Marketing, offers best practices for managing online comments and reviews, and covers frequently asked questions such as, "Should I Google my patients?" Running time: 16:21
Also available on Apple podcasts.
Transcript:
Tony Passalacqua:
Hello and welcome to this edition of TMLT's podcast, TrendsMD. I'm your host, Tony Passalacqua. This season our topic is New-to-Practice Physicians: What you need to know. Today, Laura Brockway, TMLT's Vice President of Marketing, will join us for a discussion on what you need to know regarding social media.
Welcome, Laura.
Laura Brockway:
Thank you, Tony.
Tony Passalacqua:
I was wondering if you could tell us a little bit about yourself and your role at TMLT.
Laura Brockway:
I'm the Vice President of marketing at TMLT and in our department, we're in charge of TMLT's website and a lot of outreach to policyholders' education. We help promote a lot of risk management courses to policyholders. So that's why I'm here today, to talk about social media and how physicians can avoid risk when it comes to posting and responding to social media.
Tony Passalacqua:
So we all know what social media is, but what are some special considerations for health care professionals?
Laura Brockway:
Like you said, we all know what social media is, but social media includes a lot more than just the platforms of Instagram or TikTok or LinkedIn. Everybody knows those. Social media can also be any form of electronic communication where people form an online community. So something like Reddit where people will post reviews and will post responses to questions on Reddit.
And then there's also other online review sites like Zocdoc or Health Grades, where people specifically go to give information about doctors and then to also read reviews of doctors' practices or hospitals or other health care professionals. So, what doctors need to know about all of this is that they need to just take extra care when it comes to interacting on social media to protect patients' privacy.
For example, a patient who left an online review of a physician's office. If the doctor then wanted to respond on social media and say, "Thank you for visiting us, it was great treating you," or something like that, that would not really necessarily be the something they could do because of HIPAA. Because of HIPAA laws and privacy regulations that you can't really mention on social media that somebody is a patient.
So it's things like that that doctors need to be wary of. That they can't treat social media, like other people can treat it and use it. And so these risks not only lead to risk for HIPAA but also possible increased liability risks. If they were to mention something about a patient online and then that were to come out in a lawsuit or something like that, that can also be very risky.
So doctors just need to take a step back from social media and think before they post.
Tony Passalacqua:
I'm going to ask you about some common pitfalls for physicians in navigating social media. How should a physician respond to a negative online review?
Laura Brockway:
First off, physicians need to consider is that they cannot respond publicly.
So while it's very tempting to want to maybe correct somebody or apologize if they post something negative about your practice, HIPAA laws and privacy rules really say we can't do that. So what I think is most important to do if you encounter a negative online review: take a minute and step back and don't respond immediately.
Give yourself time to reflect. It doesn't feel good to read something negative, but think, is there any truth to that comment? Can you learn anything from it? And then never acknowledge, like we talked about earlier, that the person is a patient in any kind of public response. That would be a violation of HIPAA. But consider calling that patient and responding offline and you know, telling them maybe you're sorry they had that experience at your practice, and what can we do to make it right?
But just don't mention online that they're a patient.
If you do decide that a response is necessary, use a general uniform statement that maintains HIPAA compliance while responding to what the patient said. And so something like that could say, "Thank you for your comment. Due to patient privacy regulations, we can't discuss details mentioned in your comment. If you're a patient, please contact our office to discuss this further." And then give your office phone number. You could also say something like, "In order to protect our patients' privacy, all patient concerns and complaints are resolved directly by our practice and not through social media. If you are a patient, please contact us."
So those are some alternatives to just responding to the person. Also, remember, never disclose any patient information; don't confirm or allude to the commenter having received care at your practice; and also don't ask the patient to remove their comment.
Tony Passalacqua:
Why wouldn't you ask a patient to remove their comment?
Laura Brockway:
First of all, it's not necessarily very ethical to ask a patient to remove a comment. That experience was true at the time when they posted it. So it's important that they feel they can make an honest comment. But what you can do instead is ask them to go back and leave another comment. Maybe the issue was resolved and they're very, you know, satisfied how things worked out so you could ask them if they would like to go back and, and post another comment online. Also, a lot of times patients will just do that normally. So they'll go back and follow up on their original comment that says, "Hey, they, I talked to them and they fixed this for me," and that actually has a lot better of a result for you if a patient posts a comment and then they post again that the comment got resolved. That's actually a lot more socially ... not necessarily socially acceptable, but more believable that that occurred than if you just asked them to remove a negative comment. Does that make sense?
Tony Passalacqua:
Yes, that makes a lot of sense. What if a patient, well, on the topic of comments, what happens if it suggests a medical emergency?
Laura Brockway:
Oh, so if someone posts something and it seems like maybe they're having an issue?
Tony Passalacqua:
Right.
Laura Brockway:
I think what's really, really important is that you contact them either by phone and have them call 911 or instruct them to go to the emergency department.
So if someone is posting something that makes it sound like they're not having a great reaction to something, or maybe they're having trouble breathing, um, very important for them to call 911 or go to the emergency department. And then be sure and document that this occurred in their medical record.
Tony Passalacqua:
How much can a negative review online really affect a physician's practice? Are there any stats on that?
Laura Brockway:
There is some research to suggest that patients actually give more weight to recommendations from family and friends. And we know this intuitively, that it's more important that they hear good things or bad things from people they trust, family and friends, rather than strangers online.
And so what the research is saying, 55% of online users give more weight to personal recommendations compared to 43% to give more weight to online reviews. And, um, another thing to consider is social media and online review sites have been around a long time, and people kind of know how they work. And so one negative review is really unlikely to cause any damage, any permanent damage to your practice, because people kind of understand that the internet and those review sites are places where people go to vent and post things that aren't necessarily a hundred percent accurate. So most people will take negative comments with a grain of salt.
Tony Passalacqua:
Okay, well, what causes most negative online reviews?
Laura Brockway:
So about 50% of negative reviews stem [00:08:00] from complaints related to poor communication or poor staff interactions. And this can mean different things to different patients, from not getting a preferred appointment time or maybe someone was short with them on the phone and they thought that was rude. So while we're talking about this particular topic about negative experiences, another thing you can think about maybe even before you respond to a post, is feedback from a patient, though it can be difficult to hear, can be a gift. And I know nobody wants to hear that when you're in the middle of reading something negative. But is the reviewer alerting you to something that you can easily address?
Is it something you can take care of and make things easier for your patients? So for example, I was recently making an appointment for my mother with a new physician, and when I called to leave a message to make the appointment, their message said - they gave instructions and they said - please note it may take up to a week to return your call.
And so that set my expectation and I understood that it was gonna take a while for them to get back to me. And I didn't spend that week wondering, are these people ever gonna get back to me? It helped me realize that, okay, they will call me back and this is what to expect. And so sometimes setting those expectations can prevent problems from occurring down the line.
So maybe that's something you could learn from your patient reviews.
Tony Passalacqua:
So even though it's best practice to not respond to online criticism, what if you do respond online or feel like you really need to.
Laura Brockway:
So if you decide a response is necessary, use a general uniform statement that still maintains HIPAA compliance, but says to the patient, "Hey, we'll take care of this. We're gonna call you or you call us." So, something you could say would be, "Thanks for your comments. Due to patient privacy, we can't discuss details here on social media. Please call our office and we'll talk further." One thing you could also say, um, you could also just talk about a policy.
"In our practice, all patient concerns and complaints are resolved directly and not on social media. If you're a patient, please contact us." And again, remember when this happens, never disclose any patient information, never confirm that they've received care in your practice, and then don't ask the patient to remove their comment.
Tony Passalacqua:
That's really important. Not naming a patient online or in any public space.
Laura Brockway:
Yes. So often for new physicians, new to practice physicians, that's something difficult to understand that HIPAA is not a two-way street. And yes, the patient can state publicly that they're your patient. You can't confirm this in return.
Tony Passalacqua:
What are some other common HIPAA violations related to social media or online presence?
Laura Brockway:
So in addition to responding to online reviews with specific information, I would say it's also very, very important to be careful when you're using patient photographs. A lot of times plastic surgeons or other kinds of physicians will use "before and after" photographs of patients.
And so it's okay to do that. It's just you definitely need to get permission from that patient to use their photo. And then something that's really, really important that can be overlooked is - on a website, what you name that photo and any sort of other tags in the background of your website, those can be publicly available.
So for example, if you named the patient photo Laura Brockway jpeg, um, someone could technically find a photo of Laura Brockway by doing a search. So you just need to make sure that you don't use any identifying information when you save the photos, when you tag the photos, or when you place those on your website.
So if you do plan on taking or posting patient photos, always obtain written authorization for the photo you're going to use. And then once you have consent, it's really, really important to remove all the medi metadata from the image files. Don't save or name the photo of the patient's name. When you store that photo in your system, be sure it's stored in the encrypted portion of your system, and then be sure to audit your website regularly and check for tags, meta tags, alt text, or keywords that have that patient name.
Tony Passalacqua:
Laura, what should a physician do if they suspect a HIPAA violation has occurred on social media, whether it be either a post or even a photo?
Laura Brockway:
So, um, if you're concerned that maybe you have inadvertently violated HIPAA, the first thing you can do is contact your medical professional liability insurance company, like TMLT. They often have resources available, someone you can talk to, and then sometimes your coverage with your insurance company will help you with cyber-related events. So you might have coverage if there was a HIPAA violation and there was some kind of coverage for that. And then could also consult an attorney, a health care attorney who's familiar with HIPAA, and then state specific privacy laws.
Tony Passalacqua:
Laura, what are some of the most important takeaways you'd like our listeners to leave with?
Laura Brockway:
Okay, so number one, when in doubt, don't respond publicly when a patient comments online. Number two, and I know this is hard, but remember that HIPAA is not a two-way street. You can't confirm that someone is a patient publicly, even if they post and say they're your patient.
Number three, most situations can be resolved and should be resolved with offline communication. Don't be afraid to pick up the phone and call the patient. Number four, follow your practice's social media policy if they have one. Um, and I guess within that social media policy, if you have templated responses that you can use to respond, um, online to a comment from a from a patient, be sure and use those.
And then, number five, consult with your, uh, medical association, your liability insurer, or your health care attorney if you need help, or if you're in a sort of a sticky situation that you're not sure what to do. Those people can be great resources for you. And then finally, number six, is for physicians to be cautious and use common sense when it comes to personal posts on social media.
In this day and age, it's really hard to separate what you post on your personal social media from what you post on your professional social media. So, think about that. Think about what a patient would think about what you are about to post on your personal accounts.
Tony Passalacqua:
Thank you so much, Laura. Those are some really great takeaways. And one of the things that I was doing at least before we prepped for this specific podcast was looking through just our resources we had online, and I noticed that there was one specific OCR, I believe, report that, that I found on there about a dental practice releasing information online and it ended up with a fine and penalty.
Laura Brockway:
Yes. So there is a case and it was a dental practice. It's a few years back. I believe that the patient posted some information and then they, I think they copied and pasted from the medical record in their response to this patient. And so they were investigated by the OCR and fined.
And so we have that case posted on our website. And also there are a few other cases related to social media. So if you go to TMLT.org and do a search under social media, those will appear and you can read those and see, uh, how these played out in real life.
Tony Passalacqua:
Thank you so much again, Laura, for all your time. I appreciate it.
Laura Brockway:
Thank you, Tony.
Tony Passalacqua:
As always, thank you to our listeners. Please [00:16:00] feel free to contact us with any questions at 1-800-580-8658 or by checking out our resources by visiting us at www.tmlt.org.
Additional episodes in this series:
Disclaimer
Laura Brockway, TMLT's Vice President of Marketing, offers best practices for managing online comments and reviews, and covers frequently asked questions such as, "Should I Google my patients?" Running time: 16:21
Also available on Apple podcasts.
Transcript:
Tony Passalacqua:
Hello and welcome to this edition of TMLT's podcast, TrendsMD. I'm your host, Tony Passalacqua. This season our topic is New-to-Practice Physicians: What you need to know. Today, Laura Brockway, TMLT's Vice President of Marketing, will join us for a discussion on what you need to know regarding social media.
Welcome, Laura.
Laura Brockway:
Thank you, Tony.
Tony Passalacqua:
I was wondering if you could tell us a little bit about yourself and your role at TMLT.
Laura Brockway:
I'm the Vice President of marketing at TMLT and in our department, we're in charge of TMLT's website and a lot of outreach to policyholders' education. We help promote a lot of risk management courses to policyholders. So that's why I'm here today, to talk about social media and how physicians can avoid risk when it comes to posting and responding to social media.
Tony Passalacqua:
So we all know what social media is, but what are some special considerations for health care professionals?
Laura Brockway:
Like you said, we all know what social media is, but social media includes a lot more than just the platforms of Instagram or TikTok or LinkedIn. Everybody knows those. Social media can also be any form of electronic communication where people form an online community. So something like Reddit where people will post reviews and will post responses to questions on Reddit.
And then there's also other online review sites like Zocdoc or Health Grades, where people specifically go to give information about doctors and then to also read reviews of doctors' practices or hospitals or other health care professionals. So, what doctors need to know about all of this is that they need to just take extra care when it comes to interacting on social media to protect patients' privacy.
For example, a patient who left an online review of a physician's office. If the doctor then wanted to respond on social media and say, "Thank you for visiting us, it was great treating you," or something like that, that would not really necessarily be the something they could do because of HIPAA. Because of HIPAA laws and privacy regulations that you can't really mention on social media that somebody is a patient.
So it's things like that that doctors need to be wary of. That they can't treat social media, like other people can treat it and use it. And so these risks not only lead to risk for HIPAA but also possible increased liability risks. If they were to mention something about a patient online and then that were to come out in a lawsuit or something like that, that can also be very risky.
So doctors just need to take a step back from social media and think before they post.
Tony Passalacqua:
I'm going to ask you about some common pitfalls for physicians in navigating social media. How should a physician respond to a negative online review?
Laura Brockway:
First off, physicians need to consider is that they cannot respond publicly.
So while it's very tempting to want to maybe correct somebody or apologize if they post something negative about your practice, HIPAA laws and privacy rules really say we can't do that. So what I think is most important to do if you encounter a negative online review: take a minute and step back and don't respond immediately.
Give yourself time to reflect. It doesn't feel good to read something negative, but think, is there any truth to that comment? Can you learn anything from it? And then never acknowledge, like we talked about earlier, that the person is a patient in any kind of public response. That would be a violation of HIPAA. But consider calling that patient and responding offline and you know, telling them maybe you're sorry they had that experience at your practice, and what can we do to make it right?
But just don't mention online that they're a patient.
If you do decide that a response is necessary, use a general uniform statement that maintains HIPAA compliance while responding to what the patient said. And so something like that could say, "Thank you for your comment. Due to patient privacy regulations, we can't discuss details mentioned in your comment. If you're a patient, please contact our office to discuss this further." And then give your office phone number. You could also say something like, "In order to protect our patients' privacy, all patient concerns and complaints are resolved directly by our practice and not through social media. If you are a patient, please contact us."
So those are some alternatives to just responding to the person. Also, remember, never disclose any patient information; don't confirm or allude to the commenter having received care at your practice; and also don't ask the patient to remove their comment.
Tony Passalacqua:
Why wouldn't you ask a patient to remove their comment?
Laura Brockway:
First of all, it's not necessarily very ethical to ask a patient to remove a comment. That experience was true at the time when they posted it. So it's important that they feel they can make an honest comment. But what you can do instead is ask them to go back and leave another comment. Maybe the issue was resolved and they're very, you know, satisfied how things worked out so you could ask them if they would like to go back and, and post another comment online. Also, a lot of times patients will just do that normally. So they'll go back and follow up on their original comment that says, "Hey, they, I talked to them and they fixed this for me," and that actually has a lot better of a result for you if a patient posts a comment and then they post again that the comment got resolved. That's actually a lot more socially ... not necessarily socially acceptable, but more believable that that occurred than if you just asked them to remove a negative comment. Does that make sense?
Tony Passalacqua:
Yes, that makes a lot of sense. What if a patient, well, on the topic of comments, what happens if it suggests a medical emergency?
Laura Brockway:
Oh, so if someone posts something and it seems like maybe they're having an issue?
Tony Passalacqua:
Right.
Laura Brockway:
I think what's really, really important is that you contact them either by phone and have them call 911 or instruct them to go to the emergency department.
So if someone is posting something that makes it sound like they're not having a great reaction to something, or maybe they're having trouble breathing, um, very important for them to call 911 or go to the emergency department. And then be sure and document that this occurred in their medical record.
Tony Passalacqua:
How much can a negative review online really affect a physician's practice? Are there any stats on that?
Laura Brockway:
There is some research to suggest that patients actually give more weight to recommendations from family and friends. And we know this intuitively, that it's more important that they hear good things or bad things from people they trust, family and friends, rather than strangers online.
And so what the research is saying, 55% of online users give more weight to personal recommendations compared to 43% to give more weight to online reviews. And, um, another thing to consider is social media and online review sites have been around a long time, and people kind of know how they work. And so one negative review is really unlikely to cause any damage, any permanent damage to your practice, because people kind of understand that the internet and those review sites are places where people go to vent and post things that aren't necessarily a hundred percent accurate. So most people will take negative comments with a grain of salt.
Tony Passalacqua:
Okay, well, what causes most negative online reviews?
Laura Brockway:
So about 50% of negative reviews stem [00:08:00] from complaints related to poor communication or poor staff interactions. And this can mean different things to different patients, from not getting a preferred appointment time or maybe someone was short with them on the phone and they thought that was rude. So while we're talking about this particular topic about negative experiences, another thing you can think about maybe even before you respond to a post, is feedback from a patient, though it can be difficult to hear, can be a gift. And I know nobody wants to hear that when you're in the middle of reading something negative. But is the reviewer alerting you to something that you can easily address?
Is it something you can take care of and make things easier for your patients? So for example, I was recently making an appointment for my mother with a new physician, and when I called to leave a message to make the appointment, their message said - they gave instructions and they said - please note it may take up to a week to return your call.
And so that set my expectation and I understood that it was gonna take a while for them to get back to me. And I didn't spend that week wondering, are these people ever gonna get back to me? It helped me realize that, okay, they will call me back and this is what to expect. And so sometimes setting those expectations can prevent problems from occurring down the line.
So maybe that's something you could learn from your patient reviews.
Tony Passalacqua:
So even though it's best practice to not respond to online criticism, what if you do respond online or feel like you really need to.
Laura Brockway:
So if you decide a response is necessary, use a general uniform statement that still maintains HIPAA compliance, but says to the patient, "Hey, we'll take care of this. We're gonna call you or you call us." So, something you could say would be, "Thanks for your comments. Due to patient privacy, we can't discuss details here on social media. Please call our office and we'll talk further." One thing you could also say, um, you could also just talk about a policy.
"In our practice, all patient concerns and complaints are resolved directly and not on social media. If you're a patient, please contact us." And again, remember when this happens, never disclose any patient information, never confirm that they've received care in your practice, and then don't ask the patient to remove their comment.
Tony Passalacqua:
That's really important. Not naming a patient online or in any public space.
Laura Brockway:
Yes. So often for new physicians, new to practice physicians, that's something difficult to understand that HIPAA is not a two-way street. And yes, the patient can state publicly that they're your patient. You can't confirm this in return.
Tony Passalacqua:
What are some other common HIPAA violations related to social media or online presence?
Laura Brockway:
So in addition to responding to online reviews with specific information, I would say it's also very, very important to be careful when you're using patient photographs. A lot of times plastic surgeons or other kinds of physicians will use "before and after" photographs of patients.
And so it's okay to do that. It's just you definitely need to get permission from that patient to use their photo. And then something that's really, really important that can be overlooked is - on a website, what you name that photo and any sort of other tags in the background of your website, those can be publicly available.
So for example, if you named the patient photo Laura Brockway jpeg, um, someone could technically find a photo of Laura Brockway by doing a search. So you just need to make sure that you don't use any identifying information when you save the photos, when you tag the photos, or when you place those on your website.
So if you do plan on taking or posting patient photos, always obtain written authorization for the photo you're going to use. And then once you have consent, it's really, really important to remove all the medi metadata from the image files. Don't save or name the photo of the patient's name. When you store that photo in your system, be sure it's stored in the encrypted portion of your system, and then be sure to audit your website regularly and check for tags, meta tags, alt text, or keywords that have that patient name.
Tony Passalacqua:
Laura, what should a physician do if they suspect a HIPAA violation has occurred on social media, whether it be either a post or even a photo?
Laura Brockway:
So, um, if you're concerned that maybe you have inadvertently violated HIPAA, the first thing you can do is contact your medical professional liability insurance company, like TMLT. They often have resources available, someone you can talk to, and then sometimes your coverage with your insurance company will help you with cyber-related events. So you might have coverage if there was a HIPAA violation and there was some kind of coverage for that. And then could also consult an attorney, a health care attorney who's familiar with HIPAA, and then state specific privacy laws.
Tony Passalacqua:
Laura, what are some of the most important takeaways you'd like our listeners to leave with?
Laura Brockway:
Okay, so number one, when in doubt, don't respond publicly when a patient comments online. Number two, and I know this is hard, but remember that HIPAA is not a two-way street. You can't confirm that someone is a patient publicly, even if they post and say they're your patient.
Number three, most situations can be resolved and should be resolved with offline communication. Don't be afraid to pick up the phone and call the patient. Number four, follow your practice's social media policy if they have one. Um, and I guess within that social media policy, if you have templated responses that you can use to respond, um, online to a comment from a from a patient, be sure and use those.
And then, number five, consult with your, uh, medical association, your liability insurer, or your health care attorney if you need help, or if you're in a sort of a sticky situation that you're not sure what to do. Those people can be great resources for you. And then finally, number six, is for physicians to be cautious and use common sense when it comes to personal posts on social media.
In this day and age, it's really hard to separate what you post on your personal social media from what you post on your professional social media. So, think about that. Think about what a patient would think about what you are about to post on your personal accounts.
Tony Passalacqua:
Thank you so much, Laura. Those are some really great takeaways. And one of the things that I was doing at least before we prepped for this specific podcast was looking through just our resources we had online, and I noticed that there was one specific OCR, I believe, report that, that I found on there about a dental practice releasing information online and it ended up with a fine and penalty.
Laura Brockway:
Yes. So there is a case and it was a dental practice. It's a few years back. I believe that the patient posted some information and then they, I think they copied and pasted from the medical record in their response to this patient. And so they were investigated by the OCR and fined.
And so we have that case posted on our website. And also there are a few other cases related to social media. So if you go to TMLT.org and do a search under social media, those will appear and you can read those and see, uh, how these played out in real life.
Tony Passalacqua:
Thank you so much again, Laura, for all your time. I appreciate it.
Laura Brockway:
Thank you, Tony.
Tony Passalacqua:
As always, thank you to our listeners. Please [00:16:00] feel free to contact us with any questions at 1-800-580-8658 or by checking out our resources by visiting us at www.tmlt.org.
Additional episodes in this series:
Disclaimer
Want to save this article for later?
Download the full issue as a PDF for future reference or to share with colleagues.
Subscribe to Case Closed to receive insights from resolved cases.
You’ll receive two closed claim studies every month. These closed claim studies are provided to help physicians improve patient safety and reduce potential liability risks that may arise when treating patients.
Related Resources
Discover more insights, stories, and resources to keep you informed and inspired.
.jpg)
