Avoiding Social-Networking Snafus
Insights
11.01.09
(Healthcare Update, No. 4, November 2009)
On September 15, 2009, Facebook announced that it served 300 million users worldwide. By comparison, on October 1, 2009, the United States Census Bureau's website indicated that the population of the United States was approximately 307.5 million.
According to their website, over 50% of the site's users log onto Facebook in a given day, and the fastest growing demographic is users age 35 and older. Facebook also reports that worldwide, each day, more than 6 billion minutes are spent on Facebook, 2 billion photos are uploaded to the site and there are 40 million status updates. MySpace's website reports that it has nearly 125 million active users, including 65 million users in the United States.
The statistics leave little doubt that before you finish reading this article, one or more of your company's employees will have logged into Facebook, MySpace or another social networking website. Are they using social-networking sites appropriately or are they updating their status to complain about a patient or post pictures of a patient's x-ray?
The Twitter Trend
Despite the explosion in the popularity of social networking sites, a survey released in August, 2009, by the Health Care Compliance Association, and the Society of Corporate Compliance and Ethics, found that 50% of respondents' companies "[did] not have a policy for employee online activity outside of work" and only 10% reported having "a policy specifically addressing these types of social networking sites." Similarly, the survey results indicate that nearly half of the individuals surveyed reported that their company does not actively monitor Facebook and other social networking sites.
Despite the dearth of employer regulation of social-networking activities by employees, according to the HCCA survey, nearly one quarter of respondents have disciplined an employee as a direct result of activities on a social networking website. This figure proves that there are a significant number of employees who use social networking sites in a manner that can negatively impact the business and community reputation of an employer. Employers need to take proactive steps to manage the risks of inappropriate use.
Facebook Follies
Over the past year, the news has been filled with examples of employees who have imperiled the reputation of their employer through inappropriate postings, accidentally or intentionally, on social-networking websites. No industry has been immune. For example, in August last year a nurse at a Swedish medical facility posted over two dozen pictures of surgical operations on her Facebook account. In February, nurses at a Wisconsin medical center were discharged after they took and posted on a social-networking site, pictures of a patient's x-rays showing the presence of an embarrassing foreign object in the patient.
And in June, another healthcare provider came under fire when a patient's relative accessed the webpage of a Facebook group comprised of nurses who worked at a facility that had recently treated his relative; he intended to leave a message thanking the nurses for the great care they provided. He never left his message because what he found on the website was at least one picture of a nurse making an inappropriate gesture over a patient.
These stories underscore the need to regulate use of social-networking sites and online activity. The need to adopt policies outlining the company's expectations for employee behavior is particularly important in the healthcare industry due to the obligations to protect patient privacy and laws such as HIPAA.
Balancing Interests
The popularity of sites such as Facebook and MySpace is a symptom of a larger growth of net-based activity by both employers and employees. Many employers have embraced the growth of net-based activity and the popularity of social-networking sites to develop a corporate presence in cyberspace. Social-networking websites offer an opportunity to improve your hospital's community presence, launch new marketing campaigns, and improve patient access to information. Sites such as Facebook and MySpace offer your employees opportunities to interact with individuals in the same field, to exchange knowledge and ideas, and network.
Social media and net-based communication can be a positive and effective form of communication for both employers and employees; completely banning or significantly limiting employee use of social-networking websites, outside of work, can negatively impact employee morale and hurt business. When adopting any policy or procedure to monitor and police harmful online activity, weigh the risks of inappropriate online activity against the potential harm to employee relations if the company's efforts go too far and are perceived as excessively intruding into employees' private lives outside of work.
In other words, your approach must fall between the extremes of ignoring the problem and over-policing it. You don't want to emulate either the see-no-evil monkey, or Big Brother.
An Effective Approach
To manage the risk of employee use of social-networking sites, you must develop a specific policy governing usage of such sites, train employees on its requirements, and insist on appropriate use of sites such as Facebook. All employers should already have policies governing employee use of the Internet at work and the sharing of information in a public forum. But most of the policies we've seen do not extend these rules to social media. Here are some ideas for an effective social-networking policy:
-
require that all information posted or published by an employee comply with your existing policies governing use of confidential and proprietary information;
-
prohibit reference to patients, directly or indirectly;
-
ban use of the logos or trademarks of the company;
-
require employees to have disclaimers clearly stating that views expressed belong to the author and do not represent the company;
-
remind employees that their activities online reflect the company and its practice to patients and the greater community; and
-
remind employees to be respectful of patients, co-workers, and the company's reputation at all times.
In addition to adopting a policy specifically governing social networking, employers should train employees on your expectations regarding use of internet-based social media and educate employees on appropriate vs. inappropriate use of social-networking sites.
More and more employees have grown up in an age where their eyes are affixed to a computer most of the day, but they have had little or no training on the risks and perils of oversharing in cyberspace. Employees who understand the personal and professional risks of inappropriate activity will be much more likely to self-regulate their online behavior.
Finally, in addition to adopting a policy on social-networking sites and training employees on appropriate use of web-based communication tools, you should routinely monitor your employees' online presence. Websites such as Google, allow companies to set up alerts that will send an email when the search terms identified in the alert appear in new web-based content. Monitoring online content allows companies to take proactive steps to address negative content or comments, while also providing an opportunity to respond to positive content or comments with a note of appreciation or follow-up communication. Early notification of positive or negative commentary allows companies to have sufficient time to formulate an internal and/or external response to the communication.
Logging Off
All healthcare employers should carefully review their policies, as well as their practices for monitoring and handling postings on social networking sites, to ensure they are effectively managing the risks and maximizing the virtues of social networking and web-based communication. If you'd like help, give us a call.