Column: Ignore social media at your own risk

By Cara Ceraso and Aimee Wood

There”™s no question that the advent of social media has changed the way we communicate. However, the use of social media raises a number of legal issues and potential liabilities of which every organization should be aware.

Regardless of whether an organization or provider chooses to employ social media, chances are that it is already the subject of on-line chatter. In fact, software providers monitor social media for just that reason ”” to determine and report to an organization how it is being discussed in ongoing social media dialogues. The legal issues and risks attendant to third party use of social media, while not necessarily controllable by an organization, can no longer be ignored.

For example, whether an employer or health care organization makes a conscious decision to use social media, its employees are probably already using it. This use raises issues of patient confidentiality, disclosure of confidential and proprietary business information, copyright or trademark infringement, e-discovery risks, risks associated with endorsements, and defamation issues. What is posted about an organization through social media can also undermine morale and impact the company reputation.

While an internal policy may prohibit disclosure of patient information or proprietary business information, a developing strand of labor law holds that a policy cannot prohibit employees from expressing their views toward their employer or for critical or even “insubordinate” posts. This notion of protecting employees who engage in “concerted activity” for their mutual aid or protection has ensnared employers both big and small.

Thus, it is vital for companies to have a social media policy that complies with applicable law and the company should designate a point person responsible for the use of social media. Monitoring and ensuring compliance with the organization”™s policy with respect to employees is also key.

Some businesses, such as health care providers, face additional concerns. For instance, it is easy to (inadvertently) disclose individually identifiable information through social media. For example, a hospital employee may have posts on his or her Facebook page that include a reference to a patient, or pictures from work in which a patient is in the background. It is important to remember that any reference to protected information requires a HIPAA-compliant signed authorization.

Other social media issues specific to health care include malpractice, the unlicensed practice of medicine and/or the creation of physician-patient relationships. Blogs and chats could be deemed to be creating a physician-patient relationship; and/or could raise issues of unlicensed practice of medicine. Same time use of social media can be a powerful tool, but it raises issues of potential malpractice should something go wrong.

To safeguard against copyright and trademark infringements, any organization using social media should take care not to create an impression that it owns, endorses or is affiliated with anything that it does not. An organization should not use another”™s copyrighted material without permission by the owner, but pictures, text and videos are easily copied to social media sites. If content is used without the permission of the owner, a trademark or copyright violation may occur.

There are also risks associated with defamation for statements made on an organization”™s social media sponsored page or platform, and rules that should be followed for any endorsements appearing on social media.

Cara Ceraso, Cceraso@pullcom.com; and Aimee Wood, Awood@pullcom.com, are members of the Social Media, Privacy and Internet Law practice at Pullman & Comley L.L.C.