While social media can be a useful tool, both personally and professionally, it is not without its risks – especially if you’re a health and human services organization. With the proliferation of social media platforms on which people document every dramatic, and more often, mundane aspect of their lives, protecting your patients’ or clients’ information is no easy task. Over the past year, there have been numerous news stories about the dangers of social media in healthcare organizations, in which healthcare professionals have engaged in behavior on social media that put their employers at risk. Whether it’s sharing a photo of an x-ray on Twitter or complaining on Facebook about having to treat a particular patient’s ailment, the line between people’s personal and professional lives has become blurred and employers need to take the necessary precautions to protect their organizations and those they serve.
The best way to address this issue is by developing a comprehensive social media policy and making sure your organization has sufficient Cyber Liability coverage.
Below are five considerations that should be kept in mind when drafting a social media policy for your organization:
Get the Right People Involved
While social media policies should start with a company’s risk management department, human resources and legal counsel should also be consulted. You may also want to involve representatives of your IT Department.
Be Clear
Don’t leave anything open to interpretation. Make sure all of the language in your social media policy is clear and direct so there is no mystery regarding what is appropriate and what is considered a violation.
Explain the Consequences
If you want to increase the amount of employees that adhere to your social media policy, make it known what the consequences are – for your company and them – if they don’t.
Keep it Current
Social media policies shouldn’t be created and forgotten. Knowing that social media is constantly evolving, updating the policy on a regular basis to reflect these changes is crucial. Take it one step further and have employees sign off on new versions of the policy each time updates are made.
Remind Employees of the Policy
What good is a policy if employees forget about or aren’t aware of it in the first place? Rather than let it collect dust in a binder on the shelf, remind your employees about the current social media policy at least annually so it’s fresh in their minds.
A Second Layer of Defense
While creating a social media policy is an essential first step to addressing the pitfalls of social media use by your organization and employees, purchasing a Cyber Liability policy should be right up there on your to-do list. If you are relying on your General Liability, Property, Crime or some other commonly-held insurance policy to provide this coverage for you, you will likely find yourself on the wrong end of an uninsured claim. A growing number of insurers are adding cyber liability exclusions to their General Liability, Crime, and other insurance policies. Even if you are able to get some cyber coverage under one of these policies, it won’t be anywhere near as robust as a stand-alone Cyber policy. A Cyber policy can provide, among other coverages, media liability, public relations and investigative costs to deal with the fallout of oversharing by your employees on social media and the costs associated with fines for not adequately protecting the private information of those you serve.
As social media use continues to increase so will the risks associated with it. Health and human services organizations need to be prepared and take the necessary precautions. Two ways to mitigate these risks include developing a comprehensive social media policy and working with an insurance broker to get a Cyber Liability policy that has the coverage your organization needs to make sure it’s protected.
Philadelphia, PA, 19102
