There is a closed Facebook group for Medical Staff professionals in which members seek advice on practitioner credentialing, privileging, and peer review matters. Although these posts don’t identify the practitioners involved, they may include specific details about problematic credentialing files or behavior incidents. Also, the name of the professional, hospital email address, or place of employment may appear in the posts. Does this raise any legal concerns?
OUR ANSWER FROM HORTYSPRINGER ATTORNEY PHIL ZARONE:
We don’t mean to discourage professional interactions among Medical Staff professionals, but there are legal risks to discussing credentialing and peer review issues about individual practitioners on social media.
First, there is never any guarantee that anything posted on social media will remain private, even if a group is “closed.” A member of the group could have a reason for disclosing information outside the group, and a screenshot can easily be sent around the world.
Second, efforts to “de-identify” information don’t always work. It’s surprising – and unsettling – how seemingly small bits of information can be put together so that a supposedly de-identified post becomes identifiable. By comparison, many HIPAA violations have resulted when hospital employees thought they were removing all information that could be used to identify a patient only to learn later that they were wrong. One of my favorite stories is of a physician blogger who posted an account of exemplary care provided to a supposedly de-identified ED patient. The physician was proud of the team and wanted to share the good news. He didn’t use names and even changed certain facts of the case to further protect the patient’s identity. Shortly after he posted, someone commented on the post by stating (accurately) that he was a relative of the patient.
There are a variety of legal risks if a post about a credentialing or peer review matter gets back to the practitioner who is the subject of the post. First, the practitioner could claim that the post was defamatory because it disclosed unfavorable information in a public setting. Also, the practitioner could argue that the post constituted a breach of the confidentiality obligations set forth in the Medical Staff Bylaws, “tortiously interfered” with his employment prospects, or constituted a “breach of contract” under state law.
Social media posts could be problematic even if they are disclosed to individuals other than the practitioner in question. For example, plaintiffs’ attorneys could use such posts as a reason to look for problems at a hospital. Also, attorneys representing plaintiffs in malpractice or negligent credentialing cases could argue that the disclosure of peer review information on social media resulted in a waiver of the peer review privilege under state law of any information related to that matter.
Again, we don’t mean to discourage professional interactions among Medical Staff professionals. There are certainly many topics that could be discussed that don’t raise the potential problems discussed above. However, recognize that there are risks to disclosing practitioner-specific information on social media.