Sharing patient information on social media without patient consent is a HIPAA violation.

Recently, this type of HIPAA violation became an issue when employees at Thompson Health’s M.M. Ewing Continuing Care Center in Canandaigua, New York, took pictures and/or videos of at least one of the residents and shared it on Snapchat. Now, the Department of Health and the attorney general’s office are looking into the incident.

The employees involved in the incident have been fired.  However, that doesn’t seem to be enough, as families of the affected patients were outraged by the incident and the fact that Thompson Health didn’t notify the families quickly enough.  Thompson Health issued a statement saying that they regret this breach of trust and are reaching out to the affected families to offer their sincerest apologies.

Thompson Health is also implementing more training to protect against such a breach in the future.  Currently, all new hires receive HIPAA compliance training, but Thompson Health is requiring additional training “on requirements for respecting resident privacy and exploring additional measures to ensure compliance.”

The statement also let the public know that as soon as Thompson Health discovered the HIPAA violation, they reported it to authorities for investigation.  They do not believe that these images and videos were used outside of this group of employees, and therefore should not affect the patient’s personal identity or financial standing.

If you are looking for the right HIPAA compliance training for your employees, the HIPAAgps employee training portal and videos specifically addresses social media.  To learn more, contact us today.