The main rule that governs healthcare privacy is derived from a 1996 Federal Law called the Health Insurance Portability and Accountability Act, or HIPAA.

It was fleshed out by the Department of Health and Human Services, which began enforcing it as a regulation in 2002 and although the rule predates the rise of social media, its provision applies to what the regulations call “protected health information” in either digital or paper form.

The rule applies to all so-called "covered entities" -- which includes individual and group health plans, health care clearinghouses or really any health care provider who transmits health information -- and its implications extend to the worlds digital and social media.

A major goal of the Privacy Rule is to assure that an individuals’ health information is properly protected without restricting the flow of that information needed to facilitate high-quality health care.

Social Media Policy Analysis
The New FDA Social Media Policy [PDF] is unlikely to achieve its stated purpose of encouraging “…the use of school media technologies to enhance communications."
Developing a social media policy for employees is tough business. Anyone who's done it will tell you. If you want to save yourself a ton of time, start with my social media policy template or take my free, online social media policy training course.
Still, given that many social media policies that have violated the National Labor Relations Act so far, I’m surprised to see the isnew policy make what appear to some pretty basic mistakes with respect to NLRA compliance, particularly since the FDA is among the last big US Federal Agencies to publish a social media policy, which means they’ve had a good deal of time to develop governance standards.

As organizations realize that instead of tweeting solicitous sales pitches, the true benefit of social media is empowering everyone in the enterprise to serve as unofficial brand ambassadors, explaining the rules of public disclosure to employees has become increasingly important.

Pre-Internet, elaborate, detailed corporate policies on public disclosure weren’t necessary.

A line or two in the corporate code of conduct policy sufficed.

Companies hired marketing and public relations professionals and let them do their jobs.

They were professional spokespeople who understood that impact a public record has over brands.

But a world where a public disclosure is as easy as a Facebook status update or a tweet, setting forth clear-cut guidelines and boundaries for what is, and is not permissible through corporate social media policy has become central to effective online communications strategy.

After reviewing dozens of corporate social media policies, I created this free Social Media Policy Template to accelerate policy development initiatives for organizations of all sizes.

Online communications channels have become intricately interwoven into our social fabric. The overwhelming majority of young people use Facebook regularly and adoption among older audiences continues to rise.

Just as we use the telephone and e-mail to communicate with our colleagues, friends and family, people of all ages are increasingly using social media to communicate as well. that means most of your company's employees are using social media throughout the course of the day to contact friends and associates, make plans and organizes activities.

Since those interactions are often discoverable after-the-fact, organizations are developing social media policies to provide employees with clear-cut guidelines of what is and is not permissible use.

Prior to social media, issues of public disclosure were often relegated to a paragraph in an organizations code of conduct policy that was written to restrict unofficial spokespersons from releasing official company statements through conventional channels like the mainstream media or press releases.