Attention Hospital Marketers with Social Media and Facebook. In light of Facebook privacy issues, strategic planning by hospitals is needed to effectively market and communicate with patients in online social communities. Recommendations / best practices for hospitals that are considering implementing social media tools to extend their online reach.

1. To Facebook or Not To Facebook? The question for hospitals today MyHealthCommunity Social Network, Inc 135 Market St., Portsmouth, NH, 03801 603-553-2997 www.myhealthcommunity.net Copyright © 2010 MyHealthCommunity Social Networks, Inc. All Rights Reserved I just found out I’m pregnant?

2. Tapping into the 400 million potential customers on Facebook Tweeting to your followers on Twitter Connecting with your customers 24/7 It seems like a slam dunk for an organization… Promise of Social Media Yet the decision is not so clear cut today for healthcare organizations.

3. Avoiding the risk of violating HIPAA, [1] many healthcare organizations have taken a wait and see approach. Turning to these turnkey- social media solutions can be risky for your users. This presentation will examine the significant changes to Facebook and other social media and their effect on your users’ experience. Issues that are specific to a patient or other health care user will be considered . Privacy Risks of Social Media for Health Care ? [1] Health Insurance Portability and Accountability Act (HIPAA) of 1996, HIPAA was enacted in part to maintain the privacy of patients' medical and personal information by creating national standards to protect individuals' medical records and other protected health information (PHI).

4. Examine why choosing only this approach to connecting with your online patients could in the long run be less effective and offer your patient’s a less secure environment. We will explore how best to use these social media tools, matching functionality with security of the system environment, eventually weaving them into a more coordinated and effective social media strategy. Best Path to Success with Social Media

5. Recently Facebook announced significant changes to user privacy as they were happening . Hospitals had little time to even warn their users to protect their PHI (confidential, personal, identifiable health information per HIPAA). Once warned, users were faced with a complicated and confusing opt-out process to keep private information from being shared with 3rd party websites. And Facebook continued to change the options. One significant change involved Facebook introducing a new “Instant Personalization Pilot Program” defaulting users to allow select Facebook business partners to access personal information of users, aggregate, use and share this information. User Privacy : Who Is In Control?

6. Privacy policies and procedures are not controlled by the healthcare organizations on Facebook. It is under the whim and control of management of these social media companies. Seemingly harmless to the CEO’s of these companies, these actions can reveal a personal health issue to one’s employer, family member, and social group without patient authorization. It can change the lives of some patients in devastating ways. And it could be in violation of HIPAA. User Privacy : Who Is In Control?

8. Facebook has reset users' privacy settings before. Users found information published to their Facebook “wall” and thus visible to anyone, not just friends, when they thought they had previously indicated in their settings not to have this information published publicly. Defenders of these actions profess that Facebook is not responsible for user privacy but the users themselves. They say users should know anything posted on Facebook can and will become public so users should not post anything that they don’t want the public to see. If this is true, then healthcare organizations must reconsider using Facebook in limited ways so followers of their page don’t inadvertently expose private information . User Privacy : Who Is In Control?

9. User Privacy : Who Is In Control? The recent actions of Facebook redefined privacy settings for users requiring that they opt out of exposing their personal information to the public. The greatest concern was that they made it so complex to opt out requiring numerous unchecks scattered in various privacy settings. This complexity would be a challenge for the senior users.

10. Facebook had reset their private instant personalization defaulting them to opt-in status. Users, potentially your patients, must go into their settings and turn off these settings. Unaware users will find that their profile information such as interests, work and school experience has been made public to certain services. The enticement to the user is that they will gain a more “customized experience” on Facebook. User Privacy : Who Is In Control?

11. Personal Health Information Shared If a patient had listed an interest in diabetes research the assumption could be made that they or family members have diabetes. The user may begin to receive information from Facebook businesses related to diabetes. Question is who else might see this and use this information?

12. Listing an interest in diabetes research the assumption could be made that they or family members have diabetes. The user may begin to receive information from Facebook businesses related to diabetes. To prevent this exposure, users must uncheck individually each setting to opt out: Users Must be Vigilant in Securing Privacy

13. Without their permission others are reading the sometimes personal and private information that the Facebook user thought they had an agreement with Facebook to keep private. Facebook and Twitter Get Headlines At the moment, only three sites have this extra ability, which Facebook calls “instant personalization” — they are Docs.com, the music site Pandora and the review site Yelp.

14. Facebook and Twitter Get Headlines These changes have not gone unnoticed: “ If Facebook believes that you "should have control over what you share," it should resolve this by giving users real control over whether their connections can be accessed by apps and pages. Doing so still won't resolve other issues, like the "app gap" that allows your friends' applications to view your personal information without your knowledge or consent, but it would be a step in the right direction .” ~ ACLU April 2, 2010 . “ Twitter has provided the following update to its status blog: “We identified and resolved a bug that permitted a user to “force” other users to follow them. We’re now working to rollback all abuse of the bug that took place.” ~ “Twitter Bug Lets You Control Who Follows You,” by Adam Ostrow http://mashable.com/2010/05/10/twitter-follow-bug/

15. Facebook Gains the Attention of Congress New York Senator Charles Schumer pressed the Federal Trade Commission (FTC) to provide guidelines for social networking sites like Facebook, MySpace and Twitter, on the dissemination of private information submitted by online users. Schumer wants the Federal Trade Commission to provide guidelines for sites like Facebook and Twitter on how a user's private information can be used. WABC TV (New York) reports that Schumer warns that these changes by Facebook change the relationship between the user and the social networking site . Before now, users had the choice to determine what information of theirs was shared and what was kept private. These new policy changes alter that relationship, and Schumer says there is little guidance on what social networking sites can and cannot do or what disclosures are necessary to consumers. http:// www.examiner.com/x-39476-NY-Cyber-Safety-Examiner~y2010m4d25-NY-Senator-Charles-Schumer-challenges-safety-of-Facebook-MySpace-and-Twitter

16. Facebook and Twitter Get Headlines Imagine, board members of your hospital having their event plans exposed to attend prolife or pro-choice events? Privacy loopholes even catch Facebook founder off guard: Ka-Ping Yee, a Google software engineer uncovered what appeared to be a privacy loophole in Facebook’s new strategy of connecting the Web. It seemed that others who were not accepted as a “friend” could view public events that the Facebook user had planned to attend despite the user adjusting their privacy settings. Events can contain revealing information such as home addresses, names of friends, political or religious activities and the like “ Yee demonstrated the flaw by showing how the API – which plugs directly into Facebook's databases – can show you a list of Facebook founder Mark Zuckerberg’s planned public events. Yee says that he was very disturbed by the discovery – because there seemed to be no way to prevent the events from appearing on the API, which is publicly accessible, except by saying you were "not attending" an event .~http://www.guardian.co.uk/technology/2010/apr/26/facebook-privacy-hole

38. Thank You ! [email_address] Visit us at: www.myhealthcommunity.net MyHealthCommunity Social Network, Inc 135 Market St., Portsmouth, NH, 03801 603-553-2997