Use of Social Media

A Nurse’s Guide to the

Use of

Social Media

A nurse must

understand and apply

these guidelines for the

use of social media.

he use of social media and other

electronic communication is expanding

exponentially as the number of social media

outlets, platforms and applications available

continue to increase. Individuals use blogs,

social networking sites, video sites, online

chat rooms and forums to communicate both

personally and professionally with others.

Social media is an exciting and valuable tool

when used wisely. The very nature of this

medium, however, can pose a risk as it offers

instantaneous posting opportunities that allow

little time for reflective thought and carries

the added burden that what is posted on the

Internet is discoverable by a court of law even

when it is long deleted.

Nurses are welcome to use social media in

their personal lives. This may include having

a Facebook page, a Twitter feed or blogging

on various websites. Nurses can positively

use electronic media to share workplace

experiences, particularly those events that

are challenging or emotionally charged, but

it is imperative not to mention patients by

name or provide any information or details that

could possibly identify them in order to protect

patients’ right to privacy.

SOCIAL MEDIA IN THE WORKPLACE

Social media can benefit health care in a variety of ways,

including fostering professional connections, promoting

timely communication with patients and family members,

and educating and informing consumers and health care

professionals. Social media provides nurses with a way to

express their feelings, and reflect or seek support from

friends, colleagues, peers or virtually anyone on the Internet.

Journaling and reflective practice are recognized as effective

tools in nursing practice, and the Internet provides an

alternative media for nurses to engage in these helpful

activities. Without a sense of caution, however, these

understandable needs and potential benefits may result in

the nurse disclosing too much information, and violating

patient privacy and confidentiality.

Health care organizations that utilize electronic and social

media typically have policies governing employee use of

such media in the workplace. Components of these policies

often address personal use of employer computers and

equipment, personal computing during work hours, and

the types of websites that can be accessed from employer

computers. Health care organizations also maintain careful

control of websites maintained by or associated with the

organization, limiting what may be posted to the site and

by whom.

The employer’s policies, however, typically do not address

the nurse’s use of social media to discuss workplace issues

outside of work on home computers, personally owned

phones and other handheld electronic devices. It is in

this context that the nurse may face potentially serious

consequences for the inappropriate use of social media.

Jamie has been working in hospice care for the

last six years and one of her patients, Maria,

maintained a hospital-sponsored communication

page to keep friends and family updated on her

battle with cancer. One day, Maria posted about her

depression. As her nurse, Jamie wanted to provide

support, so she posted, “I know the last week has

been difficult. Hopefully the new happy pill will help,

along with the increased dose of morphine.

I will see you on Wednesday.” The site automatically

listed the user’s name with each comment. The next

day, Jamie was shopping at the local grocery store

when a friend stopped her to ask about Maria’s con-

dition. “I saw your post yesterday. I didn’t know you

were taking care of Maria,” the friend said. “I hope

that new medication helps with her pain.”

This is an example of a violation of confidentiality through

social media. While Jamie had Maria’s best intentions

at heart by trying to offer her words of support, she

inadvertently disclosed information about a patient on

a social media site. Everyone who read that post now knows

about Maria’s medication and increase in morphine,

violating her right to privacy and confidentiality. Instances of

inappropriate use of electronic media by nurses such as this

have been reported to boards of nursing (BONs) and, in

some cases, to the media.

CONFIDENTIALITY AND PRIVACY

To understand the limits of appropriate use of social media,

it is important to have an understanding of confidentiality

and privacy in the health care context.

Confidentiality and privacy are related, but distinct concepts:

Any patient information learned by the nurse during the

course of treatment must be safeguarded by that nurse.

Such information may only be disclosed to other members

of the health care team for the purpose of providing care

for the patient.

Confidential information should be shared only with the

patient’s informed consent, when legally required or where

failure to disclose the information could result in significant

harm. Beyond these very limited exceptions, a nurse is

obligated to safeguard confidential information.

As a licensed practical nurse for more than 20 years,

Bob knew the importance of safeguarding a patient’s

privacy and confidentiality. One day, he used his

personal cell phone to take photos of Claire, a

resident in the group home where he worked. Bob

received permission from Claire’s brother to take the

photo since she was unable to give consent due to

her mental and physical condition. That evening,

Bob ran into William, a former employee of the group

home. While catching up, he showed William the

photo of Claire and discussed her condition with him.

The administrator of the group home later learned of

Bob’s actions and terminated his employment for

breach of confidentiality.

Bob thought it was okay for him to take Claire’s photo

because he had the consent of a family member. He also

thought it was acceptable for him to discuss Claire’s condi-

tion because William previously worked with Claire. So why

was this behavior wrong? Because, first, merely asking

Claire’s brother for permission is not obtaining a valid

consent. Second, confidential information should not be

disclosed to persons no

longer involved in the care of

a patient. Even though Bob

made an honest mistake,

confidentiality rules must be

strictly enforced to protect a

patient’s right to privacy.

Privacy relates to the

patient’s expectation and

right to be treated with

dignity and respect. Effective

nurse/patient relationships

are built on trust. Patients

need to be confident that

their most personal informa-

tion and their basic dignity

will be protected by the

nurse. Patients will be

hesitant to disclose personal

information if they fear it will

be disseminated beyond those who have a legitimate

“need to know.” Any breach of this trust, even inadvertent,

damages the nurse/patient relationship and the general

trustworthiness of the profession of nursing.

Federal law reinforces and further defines privacy through

the Health Insurance Portability and Accountability Act

(HIPAA). HIPAA regulations are intended to protect patient

privacy and confidentiality by defining individually identifiable

information and establishing how this information may be

used, by whom and under what circumstances. The

definition of individually identifiable information includes

any information that relates to the past, present or future

physical or mental health of an individual, or provides

enough information that leads someone to believe the

information could be used to identify an individual.

Breaches of patient confidentiality or privacy can be

intentional or inadvertent and can occur in a variety of

ways. Nurses may breach confidentiality or privacy with

information they post via social media sites. Examples may

include comments in which patients are described with

enough sufficient detail to be identified, referring to patients

in a degrading or demeaning manner, or posting videos or

photos of patients.

Privacy is the patient’s

expectation to be treated

with dignity and respect.

Condentiality is

safeguarding patient

information.

Emily, a 20-year-old nursing student, wasn’t aware

of the potential repercussions that could occur

when she took a photo of Tommy, a 3-year-old

leukemia patient in a pediatric unit, on her personal

cell phone. When Tommy’s mom went to the cafe-

teria, Emily asked him if she could take his picture,

and Tommy immediately said yes. Emily took his

picture as she wheeled him into his room. She

posted Tommy’s photo on her Facebook page with

this caption: “This is my 3-year-old leukemia

patient who is bravely receiving chemotherapy!

He is the reason I am so proud to be a nurse!”

In the photo, Room 324 of the pediatric unit was

visible. Days later, the dean of the nursing program

called Emily into her office. A nurse from the

hospital found the photo Emily posted of Tommy

on Facebook and reported it to hospital officials

who also contacted Emily’s nursing program.

While Emily never intended to breach the patient’s confiden-

tiality, the hospital faced a HIPAA violation. From Emily’s

post, people were able to identify Tommy as a cancer patient

and the hospital where he was receiving treatment. School

officials expelled Emily from the nursing program for

breaching patient confidentiality and HIPAA violations.

The nursing program was also barred from using the pedi-

atric unit for their students. Emily’s innocent, yet

inappropriate, action of posting a patient’s photo had

repercussions for her, the nursing program and the hospital.

But what if Emily removed the photo hours later? If it’s taken

down, no harm, no foul, right? No. Anything that exists on a

server is there forever and could be retrieved later, even after

deletion; therefore, it would still be discoverable in a court

of law. Further, someone could have taken a screenshot

of her Facebook page and posted it on a public website.

Patient information and photos should never be posted on

social media websites. Even after being deleted, the photo

is still on a server and possibly posted somewhere else on

the Internet.

POTENTIAL CONSEQUENCES

As we’ve seen with Jamie, Bob and Emily, potential conse-

quences for inappropriate use of social and electronic media

by nurses vary. Consequences depend, in part, on the

particular nature of the nurse’s conduct.

Instances of inappropriate use of social and electronic

media may be reported to the BON. Laws outlining the

basis for disciplinary action by a BON vary between

jurisdictions. Depending on the laws of a jurisdiction, a

BON may investigate reports of inappropriate disclosures

on social media sites by a nurse on the grounds of:

Unprofessional conduct;

Unethical conduct;

Moral turpitude (defined as conduct that is considered

contrary to community standards of justice, honesty or

good morals);

Mismanagement of patient records;

Revealing a privileged communication; and

Breach of confidentiality.

If the allegations are found to be true, the nurse may face

disciplinary action by the BON, including a reprimand or

sanction, assessment of a monetary fine, or temporary or

permanent loss of licensure.

Improper use of social media by nurses may violate state

and federal laws established to protect patient privacy and

confidentiality. Such violations may result in both civil and

criminal penalties, including fines and possible jail time. A

nurse may face personal liability and be individually sued for

defamation, invasion of privacy or harassment. Particularly

flagrant misconduct on social media websites may also

raise liability under state or federal regulations focused on

preventing patient abuse or exploitation.

If the nurse’s conduct violates the policies of the employer,

the nurse may face employment consequences, including

termination. Additionally, the actions of the nurse may

damage the reputation of the health care organization,

or subject the organization to a lawsuit or regulatory

consequences.

SOCIAL MEDIA’S IMPACT ON PATIENT

SAFETY AND CARE

Another concern arising from social media misuse is its

effect on team-based patient care. Online comments by

a nurse regarding co-workers, even if posted from home

during nonwork hours, may constitute lateral violence.

Lateral violence includes disruptive behaviors of intimidation

and bullying, which may be

perpetuated in person or via

the Internet. This is sometimes

referred to as “cyberbullying.”

Such activity is a cause for

concern for current and future

employers, and regulators

because they negatively affect

team-based care, thus creating

patient-safety ramifications.

The line between speech protected by labor laws, the

First Amendment and the ability of an employer to

impose expectations on employees outside of work is still

being determined.

Nonetheless, negative comments can be detrimental to

a cohesive health care delivery team and may result in

sanctions against the nurse.

… negative comments

can be detrimental to

a cohesive health care

delivery team and may

result in sanctions

against the nurse.

COMMON MYTHS AND

MISUNDERSTANDINGS OF SOCIAL MEDIA

While instances of intentional or malicious misuse of

social media have occurred, in most cases, inappropriate

disclosure is unintentional. A number of factors may

contribute to a nurse inadvertently violating patient privacy

and confidentiality while using social media, including:

A mistaken belief that the communication or post is private

and accessible only to the intended recipient. The nurse

may fail to recognize that content once posted or sent can

be disseminated to others.

A mistaken belief that content deleted from a site is

no longer accessible. The moment something is posted,

it lives on a server that can always be discoverable in a

court of law.

A mistaken belief that it is harmless if private information

about patients is disclosed if the communication is

accessed only by the intended recipient. This is still a

breach of confidentiality.

A mistaken belief that it is acceptable to discuss or refer

to patients if they are not identified by name, but referred

to by a nickname, room number, diagnosis or condition.

The patient can still be identified so this too is a breach

of confidentiality and demonstrates disrespect for patient

privacy.

Confusion between a patient’s right to disclose personal

information about himself or herself and the need for

health care providers to refrain from disclosing patient

information without a care-related need for the disclosure.

The ease of posting and the commonplace nature of sharing

information via social media may appear to blur the line

between one’s personal and professional lives. The quick,

easy and efficient technology enabling use of social media

reduces not only the time it takes to post, but also the time

to consider whether the post is appropriate and what ramifi-

cations may come from posting inappropriate content.

HOW TO AVOID DISCLOSING CONFIDENTIAL

PATIENT INFORMATION

With awareness and caution, nurses can avoid inadvertently

disclosing confidential or private information about patients.

The following guidelines are intended to minimize the risks of

using social media:

Nurses must recognize that they have an ethical and legal

obligation to maintain patient privacy and confidentiality at

all times.

Nurses are strictly prohibited from transmitting by way

of any electronic media any patient-related image. In

addition, nurses are restricted from transmitting any

information that may be reasonably anticipated to violate

patient rights to confidentiality or privacy, or otherwise

degrade or embarrass the patient.

Nurses must not share, post or otherwise disseminate

any information or images about a patient or information

gained in the nurse/patient relationship with anyone

unless there is a patient care-related need to disclose

the information or other legal obligations to do so.

Nurses must not identify patients by name, or post or

publish information that may lead to the identification

of a patient. Limiting access to postings through privacy

settings is not sufficient to ensure privacy.

Nurses must not refer to patients in a disparaging manner,

even if the patient is not identified.

Nurses must not take photos or videos of patients on

personal devices, including cell phones. Nurses should

follow employer policies for taking photographs or videos

of patients for treatment or other legitimate purposes using

employer-provided devices.

Nurses must maintain professional boundaries in the use

of electronic media. Like in-person relationships, the nurse

has an obligation to establish, communicate and enforce

professional boundaries with patients in the online

environment. Use caution when having online social

contact with patients or former patients. Online contact

with patients or former patients blurs the distinction

between a professional and personal relationship. The fact

that a patient may initiate contact with the nurse does not

permit the nurse to engage in a personal relationship with

the patient.

Nurses must consult employer policies or an

appropriate leader within the organization for guidance

regarding work related postings.

Nurses must promptly report any identified breach of

confidentiality or privacy.

Nurses must be aware of and comply with employer

policies regarding use of employer-owned computers,

cameras and other electronic devices, and use of personal

devices in the workplace.

Nurses must not make disparaging remarks about

employers or co-workers. Do not make threatening,

harassing, profane, obscene, sexually explicit, racially

derogatory, homophobic or other offensive comments.

Nurses must not post content or otherwise speak on

behalf of the employer unless authorized to do so, and

must follow all applicable policies of the employer.

Nurses may want to consult NCSBN’s “A Nurse’s Guide to Professional

Boundaries” for more information on this issue.

Like in-person

relationships, the nurse

has an obligation to

establish, communicate

and enforce professional

boundaries with

patients in the online

environment.

CONCLUSION

Social media has tremendous potential for strengthening

personal relationships and providing valuable information

to health care consumers, as well as affording nurses a

valuable opportunity to interface with colleagues from around

the world. Nurses need to be aware of the potential conse-

quences of disclosing patient-related information via social

media, and mindful of employer policies, relevant state and

federal laws, and professional standards regarding patient

privacy and confidentiality and its application to social and

electronic media. By being careful and conscientious, nurses

may enjoy the personal and professional benefits of social

media without violating patient privacy and confidentiality.

NCSBN SOCIAL MEDIA RESOURCES

NCSBN offers additional resources pertaining to social media

including the “Social Media Guidelines for Nurses” video, at

ncsbn.org that highlights guidelines for nurses and nursing

students for using social media responsibly. This video

summarizes key points of these guidelines along with

dramatization of potential scenarios of inappropriate social

media use.

THE NURSE’S CHALLENGE

Be aware.

Be cognizant of feelings and behavior.

Be observant of the behavior of other

professionals.

Always act in the best interest of the patient.

111 E. Wacker Drive, Suite 2900

Chicago, IL 60601-4277

312.525.3600

ncsbn.org

To find the board of nursing in your state/territory,

visit ncsbn.org/contactbon.

To order additional copies of this brochure,

visit ncsbn.org/order.

06/18

)

disseminated to any third party without written permission from NCSBN.