2. Themes for today:
My Background
Current Realities of Social Media
Perceived Risks vs. Actual Risks
Framing the Social Media decision
Opening Access at UMMC
3. Page 3
My Background
Pre-1980
Juggler & Street Performer
Core Web Management Skills
4. My Background
Pre-1980
Juggler & Street Performer
1980 - 1994
Microfilm Technician, Software
Trainer
http://www.flickr.com/photos/zigazou76/6310027720/
5. Page 5
My Background
Pre-1980
Juggler & Street Performer
1980 - 1994
Microfilm Technician, Software
Trainer
1994 - 1999
Web Consultant
6. Page 6
My Background
1999 - Now
University of Maryland
Medical System
All Things Web
Technical Infrastructure
Content Development
Application Development
Web Marketing Strategy
Analytics / Mobile / SEO / Video
Social Media
9. Current Realities of Social Media
• It’s not going away
• It will replace email
(and that's good)
• Smart phones = constant access
• Preferred tool for many users
10. Current Realities of Social Media
Primary Reasons for Visiting Professional
Online Networks
• Access to thought leadership
• Showcase myself or company
• Keep track of peers/colleagues
• Brand tracking/management
• Research business decisions
• Improve reliability of information
• Inform the development of strategy
• Increase speed of collaboration with customers & employees
• Accelerate decision-making processes through peer input
• Reduce travel costs
- Society for New Communications Research study
11. Patient Expectations
When it comes to Social Media:
• They trust healthcare providers
• They are influenced by our messages
• They want us to respond
• They want support afterwards
Source: PwC HRI Social Media Consumer Survey, 2012
12. Consumers are more likely to share social media
information from healthcare providers
Doctor Hospital
Health Insurer Drug Company
Source: PwC HRI Social Media Consumer Survey, 2012
N = 1,060
13. Consumers value information and services that make
healthcare easier to manage
Source: PwC HRI Social Media Consumer Survey, 2012
N = 1,060
Percentage of respondents finding value in services
offered by healthcare providers in social media
14. HIPAA & privacy violations
IT security
Loss of message control
Employee productivity
Perceived Risks of Social Media
15. B I N G O
Productivity Privacy
Not
Professional
Bandwidth
IT
Rules
Security HIPAA Reputation
No
Rules
Viruses
Liability Time Waster
Staff
Morale
Risky
Hackers Lawsuits For Kids Costly
Data
Loss
No
Control
Malware Scary
HR
Policy
Patient
Safety
Web
Blocking
Bingo!
16. 1. Staff can access social media on personal devices.
2. Access is a management decision, not just one by IT or HR.
3. Create social media polices and guidelines, then enforce them.
4. Provide training about social media risks and opportunities.
5. Social media sites are web sites, so virus and malware risks are
similar and can be managed.
6. Even if you block social media, staff can and will visit other sites.
7. Educate users about managing security risks (e.g., creating
passwords, recognizing suspicious emails, messages, links, etc.)
Answers to Common Objections
17. 1. Staff can access Social Media on personal devices
2. Access is a management decision, not just one by IT or HR.
3. Create social media polices and guidelines, then enforce them.
4. Provide training about social media risks and opportunities.
5. Social media sites are web sites, so virus and malware risks are
similar and can be managed.
6. Even if you block social media, staff can and will visit other sites.
7. Educate users about managing security risks (e.g., creating
passwords, recognizing suspicious emails, messages, links, etc.)
B I N G O
Productivity
Not
Professional
Reputation Time Waster
No
Control
18. 1. Staff can access Social Media on personal devices.
2. Access is a management decision, not just one by IT or HR.
3. Create social media polices and guidelines, then enforce them.
4. Provide training about social media risks and opportunities.
5. Social media sites are web sites, so virus and malware risks are
similar and can be managed.
6. Even if you block social media, staff can and will visit other sites.
7. Educate users about managing security risks (e.g., creating
passwords, recognizing suspicious emails, messages, links, etc.)
B I N G O
Privacy HIPAA Liability Lawsuits Data Loss
19. 1. Staff can already access web on personal devices during work
day.
2. Access is a management decision, not just one by IT or HR.
3. Create social media polices and guidelines, then enforce them.
4. Provide training about social media risks and opportunities.
5. Social media sites are web sites, so virus and malware risks are
similar and can be managed.
6. Even if you block social media, staff can and will visit other sites.
7. Educate users about managing security risks (e.g., creating
passwords, recognizing suspicious emails, messages, links, etc.)
B I N G O
IT Rules Hackers
Malware
Viruses
Security Bandwidth
20. Real Risks of avoiding Social Media
• Web adoption lessons from 1998-2001
• Not meeting employee / patient expectations
• Loss of visibility
23. Patient Expectations
“You trust your staff with my life, but
think they can’t handle Facebook?”
“You cut off my support network when
I needed it the most”
Patient responses to UMMC blocking Social Media
25. Social Media Policy Basics
Social Media sites are not HIPAA
controlled services
But staff must follow existing rules:
Patient Privacy
HIPAA
Behavior Standards
Official policies and procedures limit
liability
26. Staff Policies and Guidelines
“No hospital has been sued for HIPAA
violations on social media. Some employees
have been in violation but all issues have been
resolved through HR means.”
David Harlow, JD MPH
Principal, The Harlow Group
27. A 12-Word Social Media Policy
Don’t Lie, Don’t Pry
Don’t Cheat, Can’t Delete
Don’t Steal, Don’t Reveal
Farris Timimi, M.D.
Medical Director
Mayo Clinic
Center for Social Media
28. Social Media Policy and Employee Guidance
First and Foremost, Respect the Privacy of our Patients
Live the Ministry Promise and Values When Online
Be a Productive, High-Performing Workforce Member
Realize That Social Media Posts are NOT Private
Don’t Jeopardize Your Reputation and/or Future Employment
Opportunities
By Will Weider, CIO of Ministry Health Care
29. Education and Best Practices
Require annual training for all staff
Provide tools for managers
Packaged presentations
Videos
FAQ’s
Encourage discussion
Acknowledge gray areas
35. Opening Access at UMMC
Websense in place since 2004
Blocked Facebook
Most Blogging platforms
Broke many non-social media sites
Blocked patient education / professional
resources
36. Opening Access at UMMC
Why Change?
Patient Satisfaction – #1 Driver
Respect for Hospital Staff
Lessons learned from the first Web cycle
Opportunity to reach & build communities
37. Opening Access at UMMC
The Process – all of 2010
Driven by our CEO
Lots of meetings and memos with
Legal / Compliance / IT / HR
Clinical Leadership
Policies and staff guidelines
Education and training
39. Opening Access at UMMC
Results
A “No Drama” launch
Decreased patient complaints
Increased employee awareness
Social media = business as usual
40. Open access = new services
Examples from UMMC:
Patient support groups on Facebook
Department groups on Facebook
Fundraising
41. Patient Support Groups on Facebook
Liver Transplant
Digestive Diseases
Launched in March 2011
Between 50 and 75 members each
Hepatitis C
Trauma Survivors
43. Outgrowth of traditional IRL groups
Managed by the same group leader
Mix of closed & secret groups
Posts are private to the group
Set up & sanctioned by the
UMMC Communications Department
Patient Support Groups on Facebook
47. Huge media
relations effort
New Fundraising
Website
Video production
Facebook, Twitter,
YouTube and Blogs
Monitoring
Hundreds of blog posts, tweets and shares
Local / national / international media coverage
Over 500,000 YouTube views
$30,000 raised from 700 donors
The Sum:
The Parts:
48. Resources:
The Mayo Clinic Center for Social Media
http://socialmedia.mayoclinic.org
HIMSS White Paper
Social Media in Healthcare: Privacy and Security Considerations
http://hcsm.me/10QkEzS
Bryan Vartabedian, MD - Pediatric Gastroenterologist at Texas
Children's Hospital/Baylor College of Medicine
http://33charts.com
Price Waterhouse Coopers
Social Media “Likes” Healthcare
http://hcsm.me/pwchealth
49. Thank You
Ed Bennett
Director,
Web & Communications Technology
University of Maryland Medical System
410-328-0771
ebennett@umm.edu / ed@ebennett.org
umm.edu / ebennett.org
Twitter: @edbennett
www.ummsfoundation.org/dozer
Notas del editor
The biggest risk in health care social media is not participating in the conversation. Simply putting “find me on Facebook” or “follow me on Twitter” badges on your website does not equate with health care social media. Having noted this, among the most common concerns that seem to limit participation are those regarding professionalism. So let’s make this as easy as possible, with 12 words to light your way: Don’t Lie, Don’t Pry Don’t Cheat, Can’t Delete Don’t Steal, Don’t Reveal Following these simple rules can prevent most social media miscues, and keep you out of the Friday Faux Pas series. Don’t lie: a good rule in general, it is particularly important online, where nothing is transient and everything is searchable. Don’t pry: Do not seek out personal health care data or potential protected health information as a part of a social platform conversation. Don’t cheat: We’ve all heard the old proverb that “Cheaters never prosper,” but some harbor lingering doubts about whether it’s true. In social media, cutting corners is much more likely to be discovered and exposed, and when the truth is revealed it won’t be pretty. Everyone makes mistakes; confess yours immediately. Intentionally “gaming” the system, however, will not reflect well on you or your organization. Can’t delete: this is an important rule: if it’s still in Google’s cache, you can’t put it in the trash. The most effective tool to address this is a strategic pause before you post. Count to 3 and think: 1- To whom are you posting/Who is your audience? 2-Is this post appropriate for all ages? 3-Does my post add value to the ongoing conversation? Don’t steal, don’t reveal: Give credit where it’s due, and acknowledge those who inspired you or provided information you’re passing along. In Twitter it’s as simple as a retweet or a mention, while in a blog you can share link love. And if information is proprietary or confidential, don’t disclose it in social platforms. Keeping this simple is critical, but there are some additional rules that are worth remembering and applying . Don’t endorse as a matter of course. Supervisors: Don’t initiate an employee friend request at your own behest. Separate your circle of friends from patients you mend. Corporate logo in your username is a no go. Adding a disclaimer is probably saner. Don’t practice on the Internet, regardless of your good intent. Always surmise that HIPAA applies. Speak on your behalf, not that of staff. Anonymity is really gimmicky If you chat about your company, identify abundantly Here is the critical message. The same general rules that apply to offline behavior apply to online behavior. The difference is the platform online can leverage a mistake to a much wider audience. Errors will occur no matter how careful you are. That’s why you must develop a social media policy and provide orientation and training , and when you or others in your organization make mistakes, view them as learning opportunities. There is great power in the conversation. Know the risks and behave accordingly, but do not be so risk averse that you do not participate. You may want to elaborate in your social media guidelines or policy, but these 12 words provide a solid foundation.
The biggest risk in health care social media is not participating in the conversation. Simply putting “find me on Facebook” or “follow me on Twitter” badges on your website does not equate with health care social media. Having noted this, among the most common concerns that seem to limit participation are those regarding professionalism. So let’s make this as easy as possible, with 12 words to light your way: Don’t Lie, Don’t Pry Don’t Cheat, Can’t Delete Don’t Steal, Don’t Reveal Following these simple rules can prevent most social media miscues, and keep you out of the Friday Faux Pas series. Don’t lie: a good rule in general, it is particularly important online, where nothing is transient and everything is searchable. Don’t pry: Do not seek out personal health care data or potential protected health information as a part of a social platform conversation. Don’t cheat: We’ve all heard the old proverb that “Cheaters never prosper,” but some harbor lingering doubts about whether it’s true. In social media, cutting corners is much more likely to be discovered and exposed, and when the truth is revealed it won’t be pretty. Everyone makes mistakes; confess yours immediately. Intentionally “gaming” the system, however, will not reflect well on you or your organization. Can’t delete: this is an important rule: if it’s still in Google’s cache, you can’t put it in the trash. The most effective tool to address this is a strategic pause before you post. Count to 3 and think: 1- To whom are you posting/Who is your audience? 2-Is this post appropriate for all ages? 3-Does my post add value to the ongoing conversation? Don’t steal, don’t reveal: Give credit where it’s due, and acknowledge those who inspired you or provided information you’re passing along. In Twitter it’s as simple as a retweet or a mention, while in a blog you can share link love. And if information is proprietary or confidential, don’t disclose it in social platforms. Keeping this simple is critical, but there are some additional rules that are worth remembering and applying . Don’t endorse as a matter of course. Supervisors: Don’t initiate an employee friend request at your own behest. Separate your circle of friends from patients you mend. Corporate logo in your username is a no go. Adding a disclaimer is probably saner. Don’t practice on the Internet, regardless of your good intent. Always surmise that HIPAA applies. Speak on your behalf, not that of staff. Anonymity is really gimmicky If you chat about your company, identify abundantly Here is the critical message. The same general rules that apply to offline behavior apply to online behavior. The difference is the platform online can leverage a mistake to a much wider audience. Errors will occur no matter how careful you are. That’s why you must develop a social media policy and provide orientation and training , and when you or others in your organization make mistakes, view them as learning opportunities. There is great power in the conversation. Know the risks and behave accordingly, but do not be so risk averse that you do not participate. You may want to elaborate in your social media guidelines or policy, but these 12 words provide a solid foundation.
The biggest risk in health care social media is not participating in the conversation. Simply putting “find me on Facebook” or “follow me on Twitter” badges on your website does not equate with health care social media. Having noted this, among the most common concerns that seem to limit participation are those regarding professionalism. So let’s make this as easy as possible, with 12 words to light your way: Don’t Lie, Don’t Pry Don’t Cheat, Can’t Delete Don’t Steal, Don’t Reveal Following these simple rules can prevent most social media miscues, and keep you out of the Friday Faux Pas series. Don’t lie: a good rule in general, it is particularly important online, where nothing is transient and everything is searchable. Don’t pry: Do not seek out personal health care data or potential protected health information as a part of a social platform conversation. Don’t cheat: We’ve all heard the old proverb that “Cheaters never prosper,” but some harbor lingering doubts about whether it’s true. In social media, cutting corners is much more likely to be discovered and exposed, and when the truth is revealed it won’t be pretty. Everyone makes mistakes; confess yours immediately. Intentionally “gaming” the system, however, will not reflect well on you or your organization. Can’t delete: this is an important rule: if it’s still in Google’s cache, you can’t put it in the trash. The most effective tool to address this is a strategic pause before you post. Count to 3 and think: 1- To whom are you posting/Who is your audience? 2-Is this post appropriate for all ages? 3-Does my post add value to the ongoing conversation? Don’t steal, don’t reveal: Give credit where it’s due, and acknowledge those who inspired you or provided information you’re passing along. In Twitter it’s as simple as a retweet or a mention, while in a blog you can share link love. And if information is proprietary or confidential, don’t disclose it in social platforms. Keeping this simple is critical, but there are some additional rules that are worth remembering and applying . Don’t endorse as a matter of course. Supervisors: Don’t initiate an employee friend request at your own behest. Separate your circle of friends from patients you mend. Corporate logo in your username is a no go. Adding a disclaimer is probably saner. Don’t practice on the Internet, regardless of your good intent. Always surmise that HIPAA applies. Speak on your behalf, not that of staff. Anonymity is really gimmicky If you chat about your company, identify abundantly Here is the critical message. The same general rules that apply to offline behavior apply to online behavior. The difference is the platform online can leverage a mistake to a much wider audience. Errors will occur no matter how careful you are. That’s why you must develop a social media policy and provide orientation and training , and when you or others in your organization make mistakes, view them as learning opportunities. There is great power in the conversation. Know the risks and behave accordingly, but do not be so risk averse that you do not participate. You may want to elaborate in your social media guidelines or policy, but these 12 words provide a solid foundation.
The biggest risk in health care social media is not participating in the conversation. Simply putting “find me on Facebook” or “follow me on Twitter” badges on your website does not equate with health care social media. Having noted this, among the most common concerns that seem to limit participation are those regarding professionalism. So let’s make this as easy as possible, with 12 words to light your way: Don’t Lie, Don’t Pry Don’t Cheat, Can’t Delete Don’t Steal, Don’t Reveal Following these simple rules can prevent most social media miscues, and keep you out of the Friday Faux Pas series. Don’t lie: a good rule in general, it is particularly important online, where nothing is transient and everything is searchable. Don’t pry: Do not seek out personal health care data or potential protected health information as a part of a social platform conversation. Don’t cheat: We’ve all heard the old proverb that “Cheaters never prosper,” but some harbor lingering doubts about whether it’s true. In social media, cutting corners is much more likely to be discovered and exposed, and when the truth is revealed it won’t be pretty. Everyone makes mistakes; confess yours immediately. Intentionally “gaming” the system, however, will not reflect well on you or your organization. Can’t delete: this is an important rule: if it’s still in Google’s cache, you can’t put it in the trash. The most effective tool to address this is a strategic pause before you post. Count to 3 and think: 1- To whom are you posting/Who is your audience? 2-Is this post appropriate for all ages? 3-Does my post add value to the ongoing conversation? Don’t steal, don’t reveal: Give credit where it’s due, and acknowledge those who inspired you or provided information you’re passing along. In Twitter it’s as simple as a retweet or a mention, while in a blog you can share link love. And if information is proprietary or confidential, don’t disclose it in social platforms. Keeping this simple is critical, but there are some additional rules that are worth remembering and applying . Don’t endorse as a matter of course. Supervisors: Don’t initiate an employee friend request at your own behest. Separate your circle of friends from patients you mend. Corporate logo in your username is a no go. Adding a disclaimer is probably saner. Don’t practice on the Internet, regardless of your good intent. Always surmise that HIPAA applies. Speak on your behalf, not that of staff. Anonymity is really gimmicky If you chat about your company, identify abundantly Here is the critical message. The same general rules that apply to offline behavior apply to online behavior. The difference is the platform online can leverage a mistake to a much wider audience. Errors will occur no matter how careful you are. That’s why you must develop a social media policy and provide orientation and training , and when you or others in your organization make mistakes, view them as learning opportunities. There is great power in the conversation. Know the risks and behave accordingly, but do not be so risk averse that you do not participate. You may want to elaborate in your social media guidelines or policy, but these 12 words provide a solid foundation.
Here's are a few of the ways Hospitals are using Social Media right now. (focus on the Patient Ed / Customer Service / Brand monitoring points)
Here's are a few of the ways Hospitals are using Social Media right now. (focus on the Patient Ed / Customer Service / Brand monitoring points)