Case 01

You see this tweet from an anesthesiologist (an anonymous account) you follow:

On call. Urology resident told me there's a 36 hour priapism that will likely goto the OR. 8o

Followed by this:

I'm dreading having to go talk to him, poor thing must be freaking mortified.

There is some chatter about the case:

Holy. Cow. I don't even have a penis and that makes me hurt.
Sorry had to say it...r u sure the pat wasn't staring at you for 36hrs..

In reply to a question the original tweeter states:

Apparently he has no risk factors (sickle cell, cocaine, etc) except for having a penis. :(

Discussion

Is this a violation of patient privacy?

Is this a HIPAA violation?

How would you handle this?


Case 02

You see this tweet from a nephrologist you follow:

Few things in medicine still take my breath away.
Seeing a patient who turned HIV+ in 1985 and is still healthy, is one of them.

Discussion

Is this a violation of patient privacy?

Is this a HIPAA violation?

How would you handle this?


Case 03 Beware the nudge from friends

Often in these situations, the initial tweet or post is coded. But then as the post gets some traction, people start talking back and forth and additional details slip out.

From Facebook

So I have a patient who has chosen to either no-sow or be late (sometimes hours) for all of her prenatal visits, and NSTs. She is now 3 hours late for her induction. May I show up late to her delivery?

Her friends replied

I'm surprised u see a patient that late. I came 30 min late to my Gyne once and they made me reschedule even though I once waited 2 hrs to be seen by this dr.

It it's elective, it'd be cancelled!

I agree with Dr. Lasser. Cancel the induction.

Then the doctor slipped

here is the explanation why I have put up with it/not cancelled induction: prior stillbirth.

An anonymous onlooker, took a screenshot and posted the conversation to the hospital's moms to be portal. A firestorm erupted with calls to fire the doctor. It made headlines around the English speaking world.


Resources

Unprofessional Physician Behavior on Twitter at 33 Folders

@Doctor_V vs @mommy_doctor: Storm in a #Tweetcup or #HCSM Debate at Scepticemia

Nice discussion of the Priapism Privacy case by AAMC

Great counter point to the 33 Folders article at Movin' Meat. Do not miss the comments

A nice view on how HIPAA is not what we should be shooting for and is it legal should not be the goal of physician social media behavior.

KevinMD weighs in

Facebook and the tardy patient.

Remember the role of the First Follower in building a movement

Official transcript at http://sivers.org/ff --- If you've learned a lot about leadership and making a movement, then let's watch a movement happen, start to finish, in under 3 minutes, and dissect some lessons: A leader needs the guts to stand alone and look ridiculous. But what he's doing is so simple, it's almost instructional.

HIPAA

HIPAA list of protected health information

  1. Names
  2. All geographical identifiers smaller than a state*
  3. Dates (other than year) directly related to an individual
  4. Phone numbers
  5. Fax numbers
  6. Email addresses
  7. Social Security numbers
  8. Medical record numbers
  9. Health insurance beneficiary numbers
  10. Account numbers
  11. Certificate/license numbers
  12. Vehicle identifiers and serial numbers, including license plate numbers;
  13. Device identifiers and serial numbers;
  14. Web Uniform Resource Locators (URLs)
  15. Internet Protocol (IP) address numbers
  16. Biometric identifiers, including finger, retinal and voice prints
  17. Full face photographic images and any comparable images
  18. Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data

De-identification under the Health Insurance Portability and Accountability Act Privacy rule occurs when data has been stripped of common identifiers:

The removal of 18 specific identifiers (Safe Harbor Method):

  1. Names
  2. Geographic data
  3. All elements of dates
  4. Telephone numbers
  5. FAX numbers
  6. Email addresses
  7. Social Security numbers
  8. Medical record numbers
  9. Health plan beneficiary numbers
  10. Account numbers
  11. Certificate/license numbers
  12. Vehicle identifiers and serial numbers including license plates
  13. Device identifiers and serial numbers
  14. Web URLs
  15. Internet protocol addresses
  16. Biometric identifiers (i.e. retinal scan, fingerprints)
  17. Full face photos and comparable images
  18. Any unique identifying number, characteristic or code