Massage Practice Builder

You Know How to Massage, Now Learn How to get Clients

You are here: Home / Social Media / Nothing is Private on Facebook

By

Nothing is Private on Facebook

NOTHING on Facebook is ever PRIVATE!   NOTHING! No matter what settings you have or where you post.

Your Facebook profile and business page really is open to exposure by the public no matter how you have your privacy settings.   Anytime you post anything on Facebook it is open game, even in closed groups.  Even if you post something by mistake or post something that you later want to change, deleting a post does not always mean it goes away.  Someone may have seen it and maybe even taken a screen shot of it.

 

Facebook and HIPAA/Privacy

The one very big problem with Facebook and every Social Media Website is that the risk of compromising your clients Personal Health information and Privacy is a very big concern that no one seems to be talking about.   HIPAA of course is mainly for massage therapists who are health care providers but Social Media now goes way beyond HIPAA.  If you don’t think you need to be HIPAA compliant, think again.  If you are a person doing business, you have to be aware of clients privacy.  There are some states that have stricter privacy laws than HIPAA.   Just keep clients information private.

NOTHING on Facebook or any social media site is Private no matter what your settings.  Any post you make anywhere can be copied and pasted or a screen shot can be taken and used later.

HIPAA specifically deals with Personal Health Information (PHI).

Personal Health information is any of these details:

  1. Names;
  2. Geographic information;
  3. Dates (e.g. birth date, admission date, discharge date, date of death);
  4. Telephone numbers;
  5. Fax numbers;
  6. E-mail addresses;
  7. Social Security numbers;
  8. Medical record numbers;
  9. Health plan beneficiary numbers;
  10. Account numbers;
  11. Certificate/license numbers;
  12. Vehicle identifiers and serial numbers, including license plate numbers;
  13. Device identifiers and serial numbers;
  14. URLs;
  15. IP address numbers;
  16. Biometric identifiers (e.g. finger and voice prints);
  17. Full-face photographic images and any comparable images; and
  18. Other unique identifying numbers, characteristics, or codes.

A few years ago, an attorney who taught a class at AMTA-WA Convention, John Conniff actually recommended that the comments option on Facebook Business Pages be turned off completely because he thinks it is that big of a risk.  That defeats the whole purpose of being on Facebook though so here are some things you will want to watch for and be careful with:

  • You can not ask clients anything about their session or how they are doing publicly on Facebook.   Take everything to a private message or email them directly.
  • If clients ask questions about their health or condition even though they are willingly doing so, it is still up to you to protect their privacy.  Consider deleting the post and contacting them privately.
  • You can not acknowledge that individuals are your clients or have been your clients in a public forum.
  • You can not talk about cases online publicly.   If people can tell that it is them from some specific detail, you are at risk.  If you are posting in groups, change everything about the situation and Never say their name, sex, age.
  • Never take photos of clients, let alone post them on social medial.  Even if you get their consent in taking a photo, it is just an additional risk.
  • Never talk about a clients condition anywhere online even if they start the discussion.

 

I found one such hospital posting this in an ad on Facebook.  It says: Welcome to our page.  We invite you to post on our wall, but do not post personal Medical information!

Talking about client cases on Facebook even if it is a closed group also is a big risk.  It really is a small world and if one person can connect the dots and identify a person from one of the specifics you might have talked about it could end up as a big Privacy issue/HIPAA issue.   You can even change the sex of the person and the details but often there is usually some identifying factor.   Anything you post anywhere has serious implications.  As I said, Nothing is private, EVEN in a Closed Group!  Referring to people with a negative connotation is very unprofessional and may put you at risk and your client.  Referring to clients as lazy or as problematic in any way (difficult to get along with, demanding, offensive body odor or body functions) or in any way, you are at risk!

Privacy relates to the patient’s expectation and right to be treated with dignity and respect.

Any breach of this trust, even inadvertent, damages the Client/massage therapist relationship and the general trustworthiness of the whole massage profession.

Facebook is also a great opportunity for networking.

People may look at your profile to see more about you.   Having your business name and website in your about section of your profile can make it easy for people to find out what you do and where you do massage.   You just never know when an opportunity may arise.  I have seen many missed connections and opportunities for networking.

Last year I also set up a Facebook Group (closed) where I am having to approve people to join.  I can’t tell one way or another if they are a real person or even a massage therapist.   So far I just have had to set the parameters for who can join and I simply go through people’s profiles and if I can’t tell they are a massage therapist or in massage school in 2 clicks, I ignore their requests.  Now I know many will get mad when they hear that but I just don’t have time to email them and wait for them to reply and approve their request to join.   Yes it does sound ruthless probably to some but that is just the way it is today.  I know other groups are doing that but frankly that is not how I want to be spending my time!

Save