Site moved to, redirecting in 1 second...

« March 2012 | Main | May 2012 »

3 posts from April 2012

April 18, 2012

HealthCare SocialMedia Review #2: The Privacy and Security Edition

Welcome to the latest edition of the HealthCare SocialMedia Review, the blog carnival that's all about health care social media. Today we take a look at some of the privacy and security issues relevant to the medium, and at some other current and topical posts from around the blogosphere. But first, pour yourself another cup of coffee, put your feet up, and have a listen to a lighthearted ode to an emblem of secrecy from an earlier age:

Tell some folks you have a secret, and they'll be all over you, cajoling it out of you.

When my late grandmother was an irrepressible little old lady in her late 90's, she would chat people up wherever she met them, and folks would invariably ask her how old she was.  She would smile and respond: "Can you keep a secret?"  As her next victim leaned in, nodding his or her head, she'd let loose the zinger: "So can I."

Responsible users of health care social media understand that a juicy anecdote can make a point far more effectively than a dry textbook recitation of facts and figures, but we also appreciate the need to make sure, sometimes, that "the names have been changed to protect the innocent," the need to keep some things secret.  This imperative exists in a relationship of dynamic tension with the need to share information in order to promote better understanding of disease and health at both the individual and population level.  Neither is an absolute; both need to be observed, and each has its exceptions. Welcome to the exciting world of health care social media!

6928038302_53d0c6937c_zLast week marked the first edition of the TEDMED conference in its new home, and one of the TEDMED talks highlighted this tension by essentially posing the question: Would you join the Facebook of medicine?  Leslie Saxon wants to "get 8 billion heartbeats on speed dial" via, bringing the Quantified Self movement to everyone, and her message was heard loud and clear across the pond by 3G Doctor, who blogged about her talk.  

Phil Baumann finds the prospect to be creepy.  

Mark Browne has another take on the QS approach, and the way in which patients may need to be engaged in their health care, inspired by a Google Street View car sighting.  (Let's assume the Google Street View car isn't listening in on patient data transmissions, though.)

6929103506_7447ebb33cRegina Holliday was at TEDMED too, sharing the action through her painting, and she gives voice to her art on her blog; a painting of hers from this conference is explicated through a post about spit. (Disclosure: The HealthBlawger is a member of The Walking Gallery.)

It's nice to see a new generation grappling with the issues raised by the use of social media in medicine. Medical student Emily Lu has a post up at on the ethics of social media use in medicine -- she offers more questions than answers, but the questions are key ones that demand our attention. As we work towards answering these questions for a new generation, an older generation (not that old), in the person of Bryan Vartabedian, says that when it comes to doctors and social media, the sky is not about to fall anytime soon

Physicians and patients are often the focus of discussions about health care social media, but other health care professionals are, of course, using these tools as well. Barbara Ficarra highlights their use by nurses, and calls attention to a nursing tweetchat (#APRNchat ... not to be confused with #RNchat).

Pinterest_Logo_RedMost of you have probably heard of Pinterest by now, and maybe some of you are using this platform. Marie Ennis O'Connor points out the good and the bad, and suggests (man, I love having a non-lawyer say this) actually reading the Terms of Service.  

For anyone considering dipping a toe in the health care social media waters, a top-of-mind question is always: Is it worth the time and effort?  At Walking the Path, Fard Johnmar suggests that ROI isn't the right metric, and that there are other ways to measure the full economic benefits of digital health content.

Pharma has a continuing love-hate relationship with social media, and last week, Boehringer US posted social media guidance for employees -- on YouTube.  Kinda cheesy feel to it, IMHO, but it distills it all down to four points: (1) You are responsible for your behavior, (2) Understand the tools, (3) Think about your audience and (4) You are our eyes, ears, and voice. 

TimimiIf we're looking for succinct, accessible policy statements on the use of health care social media, then personally, I prefer the 12-word social media policy of Dr. Farris Timimi, Medical Director of the Mayo Clinic Center for Social Media (disclosure: I'm on the Center's advisory board):    

  • Don’t Lie, Don’t Pry
  • Don’t Cheat, Can’t Delete
  • Don’t Steal, Don’t Reveal

(You might also want to check out this old chestnut, from Dan Hinmon of Hive Strategies and your humble HealthBlawger: 9 No-Nonsense Rules to Ensure a HIPAA-Compliant Social Media Strategy.)  

Responding in part to the FDA's issuance of incredibly limited social media guidelines, Laurie Gelb offers some thoughts on a way forward for pharma and social media on The Health Care Blog.

While we're on the subject of social media guidelines, be sure to check out the HIMSS social media workgroup white paper posted on the HIMSS blog with a call for comments and a nod to Lee Aase, Director of the MCCSM.

Aside from the do's and don'ts, U.S. health care organizations need more work in the whys and wherefores department.  A recent study shows that in the US of A, health care organizations use social media mostly for marketing, unlike their counterparts in a number of other countries, where use is more focused on communication -- among providers or otherwise. (Of course, our market-based health care economy may have just a little bit to do with that focus, no?)

Speaking of the market ...  "Free" is never really free, and we pay for some online tools by exposing ourselves to ads.  Context-sensitive ads based on health content are cause for concern over at David Williams' Health Business Blog.  This brings to mind the new Google privacy policy, which says the 'plex has a hands-off policy when it comes to "sensitive personal information," including "confidential medical facts" (gosh, did a lawyer write this policy?) -- but we've seen this movie too, in an earlier NY Times piece about Target and, well, targeting.

Pony expressFinally, please consider the relationship between the government and social media tools. Just as social media has lowered barriers, geographic and otherwise, between physician and patient, and among collaborators, so, too, has it lowered barriers to engagement with those elected and appointed to serve in our nation's capital.  Let's examine the activity related to Federal stimulus dollars focused on health care, as an example. First, the government, in the form of ONC, is blogging about state health information exchange grantees taking part in the ONC consumer innovation challenge. (See more about the ONC and consumer/patient engagement courtesy of Nikolai Kirienko.) Second, there are numerous tools to use in analyzing the proposed regulations on Stage 2 of Meaningful Use of Electronic Health Records (e.g., bookmarked regs and comparison chart shared socially) as well as exhortations to comment on the proposed regs (you may sample a few courtesy of Dave Chase, Brian Ahier and Project Health Design), tools to use in commenting officially and unofficially, and tools to be used in aggregating comments so that they may be filed officially (hat tip to Nate Osit), which have been shared socially. This is so very different from the bad old days of the Pony Express, which is what we used to communicate with Washington when I was starting out in practice. (Not really. Just checking to see if you're still awake.)

John Tlumacki The Boston Globe 2012 MarathonGentle reader: You did it!  This is the end of the line. Thanks for riding with us this week on the HCSMReview Express.  In the immortal words of Michael Dukakis, speaking about the run for the White House (not about enduring this lengthy edition of HCSMR), It's like running the Marathon (and yes, the Boston Marathon runners did wend their way through my leafy suburb on Monday, as they do each year). We hope you come back and try it again. 

HCSMR iconHealthCare SocialMedia Review has information about the next edition (which will be up in two weeks' time) and instructions on how to submit your posts for review in future editions. 

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

April 13, 2012

Call for Submissions: HealthBlawg Hosts HealthCare SocialMedia Review #2 Next Week

MP900401917Ladies and gentlemen, boys and girls, the floodgates are open: Please submit your posts for the upcoming sophomore outing of HealthCare Social Media Review -- the blog carnival for health care social media, featuring the most recent fortnight's crème de la crème of blog posts on the topic. (Follow the link for submission instructions via web form or via email to david AT harlowgroup DOT net.)  

We'll focus on privacy and security issues, but other topical submissions are welcome as well.  Just get everything in by 6 pm ET on Monday April 16 (earlier, if you'd like to be kind to your humble HealthBlawger).

Through the alchemy of the interwebs, the posts you submit will be transformed into golden flax, woven together into a seamless thing of beauty -- and you will count yourselves lucky to read it right here next Wednesday morning, April 18.

Tell your friends and neighbors, and we'll reconvene at HealthBlawg just a few short days from now . . . for the one, the only, HCSM Review #2.  

Be there! Aloha!

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

April 01, 2012

Context-Relative Informational Norms – Buzzword or Paradigm Shift?

A piece in The Atlantic highlighting Helen Nissenbaum’s approach to privacy has been whipping around the twittersphere over the past couple of days.  The breathless tone of the piece is a little off-putting, but the content, at first glance, is intriguing:

Nissenbaum argues that the real problem "is the inappropriateness of the flow of information due to the mediation of technology." In her scheme, there are senders and receivers of messages, who communicate different types of information with very specific expectations of how it will be used. Privacy violations occur not when too much data accumulates or people can't direct it, but when one of the receivers or transmission principles change. The key academic term is "context-relative informational norms." Bust a norm and people get upset. 

However, after reading this piece (and, admittedly, not having read Nissenbaum’s academic papers), the contention that this is the first and last word on the question of context-sensitive privacy and sharing -- “What you tell your bank, you might not tell your doctor.  What you tell your friend, you might not tell your father-in-law.” -- rings hollow for me (as it has for the Wall Street Journal Ideas Market blog, as well). 

A whole 'nother issue is the issue of whether norms have any lasting value: How long before today's privacy norms -- even assuming there are some shared norms in this arena -- are replaced by tomorrow's norms?  (On a related note, even the status of evidence-based medicine as a gold standard for guiding clinical practice has been questioned; contrarians hold that personalized medicine for an individual may require approaches that run counter to EBM as proven out over a population.)

Facebook and Google+ tout their context-sensitive sharing tools, which allow for limited sharing of posts to segmented audiences, and most of us understand that we barter personal data for the “free” services they provide; furthermore, this barter exchange usually benefits us as individuals as well -- we get better-targeted messages online as a result.  I would certainly prefer to see Facebook and Google+ be a little more transparent about their use of personal data, and other sites and services also need to be transparent.  At least some folks out in the wild are pretty sophisticated about their wants and needs when it comes to health care social media privacy and security, and I’m just not sure that we need a new paradigm fueled by jargon from the ivory tower -- though perhaps further inquiry would lead me to conclude otherwise.  

In the health care and health care social media context, we all need to be aware of our own needs and desires concerning sharing of personal information, and we all need to be aware of the ways in which personal information is shared and used, and re-shared and re-used, by the platforms and repositories that we use.  Armed with this knowledge, we can work to establish our own context-sensitive norms, and work to ensure that they are honored.

Many users of social media tools for health care purposes have already internalized context-relative informational norms that must be layered on top of existing privacy and security concerns unique to the health care arena.  To those who have not: the HealthBlawger hopes that this post will alert those who have not to avail themselves of the plethora of resources available to them: other health care social media privacy and security content here on HealthBlawg, the Mayo Clinic Center for Social Media (disclosure: I sit on its external advisory board), among many others -- please share any favorites in the comments. These resources should help folks fine-tune individual and institutional approaches to the use of these powerful tools.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting