05.15.2019 Back to News

HIPAA Alert: Facebook, Twitter and Instagram, Oh My!

With social media it's too easy to write something and regret it after it has been sent. But by that time it's too late, and control of the information released has been lost.

For example, a medical professional did not post the patient’s name in a Facebook post, which would be an immediate violation of HIPAA rules, but posted sufficient information to enable the person to be identified.

Another individual who visited the medical professional's Facebook page was able to determine the identity of the patient from the information written on the page, even in the absence of the patient’s name.


  • Information about patients, employees and covered entity (CE) itself is confidential.
  • Please review the NMHS Social Networking policy.                                                               

If you have any questions about how Methodist handles HIPAA security, please contact HIPAA Privacy Officer Zorana Vojnovic at (402) 354-6863 or zorana.vojnovic@nmhs.org.