Healthcare News & Insights

Social media policies that comply with the law: Key rules

Many healthcare providers are writing social media policies to protect themselves from the dangers of employees’ social networking use. But those organizations will need to make sure they aren’t getting themselves into any compliance trouble. 

Providers with no rules at all could be leaving themselves open to some critical social networking dangers, including:

  • Damaged reputations from employees’ actions
  • Leaks of sensitive patient information because employees share too much online, and
  • IT security threats from malware and phishing attacks.

But while a policy is important, going too far with those rules can create new dangers of its own — including legal trouble due to the government’s regulatory crackdown on social media policies.

The gist of those efforts, according to a recent New York Times article: The law protects employees’ right to discuss their working conditions, and the National Labor Relations Board (NLRB) says that includes things that are said online.

And the board is enforcing that stance: Several companies have been forced to reinstate employees that had been fired due to protected social media use, and those organizations have been told to rewrite their social networking policies.

So where do employers cross the line when enforcing social networking policies? According to the NLRB’s rulings, employers can’t:

  • Enforce broad or vague rules, such as those banning employees from “disparaging” or “defaming” the organization online — The National Labor Relations Act allows employees to freely discuss the conditions of their employment, whether or not it’s flattering to the organization.
  • Over-zealously protect information — The NRLB has shot down policies against the disclosure of “any non-public company information,” since that broad category could include information related to employees’ working conditions.
  • Ban the use of the provider’s name — Again, doing so could interfere with employees’ rights under the law, the NLRB says.

As for what employers can do, the board says it’s okay to take action when an employee merely expresses a personal gripe about a supervisor, intentionally defames a person or the organization (for example, by making knowingly false accusations), or uses a social network to commit unlawful harassment, violations of privacy, etc.

Providers can help avoid costly legal battles by reviewing policies to make sure they’re in compliance and training managers about when employees can and can’t be disciplined.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.