By Gil Vidals, , HIPAA Blog

When Israeli-based Onavo came under the ownership of Facebook in 2013, the move was touted as providing a boost to CEO Mark Zuckerberg’s Internet.org initiative to “help bring web access to the world’s underserved communities.”

The mobile analytics company would essentially provide Facebook users with a VPN, or Virtual Private Network, a secure connection to protect their browsers from malicious sites. The app, which is prompted by Facebook with a “protect” Banner on iPhone (already active on Android since 2016), calls on users to download the VPN for online security purposes; essentially, to prevent other ISP’s and websites from tracking them.

What many users miss is that they are also agreeing to let Facebook “track them” and share their data, specifically, how they use Facebook on their phones. This, Onavo’s founders report, is how Facebook can learn to use “data more efficiently, to allow more people around the world to connect and share.”

Whether or not one is in favor of allowing this kind of “spyware” on their devices, this latest news should serve as a reminder, especially for medical practices and professionals bound by HIPAA regulations, how widely social media information is being disseminated.

Certainly, health blogs, videos, and articles posted on Facebook and other social media platforms can be a great way of providing excellent information, as well as marketing to the general public. But doctors, healthcare practices, and all “covered entities” must exercise added caution when posting or messaging on social media sites like Facebook.

One careless post of a personal nature – even if done “anonymously” for teaching purposes – may cause an unintentional disclosure of protected health information, causing damage far beyond what might have been
first envisioned.

For this reason, remember to follow this “practical wisdom” regarding how to engage social media with HIPAA in view.

 

Avatar photo

Gil Vidals is the president and CTO of HIPAA Vault. He is a passionate, subject matter expert on HIPAA compliance and the healthcare cloud, and co-host of the HIPAA Vault podcast. Since 1997, Gil’s mission has been to provide uncompromising and affordable HIPAA compliant hosting solutions to commercial and government clients, helping protect their sensitive health information from data breaches and security vulnerabilities. HIPAA Vault has been recognized as an Inc. 5000 company and a Clutch Top B2B company. He can be reached here on Linkedin.