About once every two weeks a worker at MD Anderson Cancer Center in Houston gets flagged by a team of about a dozen monitors for violating the hospital's strict policy on social media. The policy prohibits employees from doing such things as griping about having to go to work on their Facebook page. Even people who post under anonymous handles are usually identified and given a copy of the policy.
"Usually, it stops after that," says Jennifer Texada, who manages MD Anderson's social media efforts. The hospital has yet to go so far as to block social networking sites because, says Texada, it trusts its employees to follow the rules. Thus far, she says, the infractions have been minor.
But at other hospitals, the infractions have not been so minor. The Los Angeles Times recently published a story about workers at St. Mary Medical Center who snapped pictures of a mortally wounded man whose throat was "slashed so savagely he was almost decapitated" and posted them on Facebook. Four staff members were fired and four were disciplined, a St. Mary spokeswoman told the paper. Last year, a New York City Emergency Medical Technician was fired for posting pictures of a murder victim on Facebook.
MD Anderson, the largest U.S. cancer treatment center, is one of a growing number of hospitals that are placing restrictions on what employees can say on social networking sites such as Facebook and Twitter. The hospital even monitors patient blogs. The reasons are obvious. Messages on social networking sites could be used against the hospital in a lawsuit. There's also the strict federal Health Insurance Portability and Accountability Act (HIPAA ), which places restrictions on the dissemination of patient information.
Though conduct policies have been around for decades, employers are only beginning to develop them for social media -- and the approaches vary widely. At the Mayo Clinic, the guidelines remind workers that they represent the hospital even in their off-duty hours. "Where your connection to Mayo Clinic is apparent, make it clear that you are speaking for yourself and not on behalf of Mayo," the policy states.
In March, officials at the University of Iowa Hospitals and Clinics decided to block access at clinical workstations (computers on nursing units, in outpatient clinics, and other clinical/procedural areas) to "Web sites that are inappropriate in the health care workplace. These include online social networking sites, gaming sites, and 'malicious' sites that attempt to infect computer workstations," according to Tom Moore, a hospital spokesman.
The blocks, which were put in place after complaints by visitors, patients and staff members, does not apply to machines in non-patient work areas and in patient rooms. The hospital, though, would prefer people skip the sites there as well. "...viewing inappropriate Web sites for non-work-related purposes consumes employee time and organizational resources," he says. "Moreover, access to inappropriate sites creates the potential for a negative experience for patients, visitors, employees, and students."
Paul Levy, CEO of Beth Israel Deaconess Medical Center, argues that placing restrictions on social media is not the answer. "If you block Facebook on the hospital server, will it nonetheless be used in the wrong way by misguided people?" he writes on his blog. "Yes. They will use their iPhones or some other such handheld devices."
For its part, Facebook's Statement of Rights and Responsibilities, the site's governing document, prohibits people from taking any action on Facebook that infringes or violates someone else's rights or otherwise violates the law. "If we become aware of any breach of this policy, we take immediate action and remove the offending content," says spokeswoman Nicky Jackson Colaco.
Tweeting from the OR: How hospitals are dealing with social media