LinkedIn is one of the largest social networks on the planet and a great place for professionals to connect online. Millions of healthcare providers are active on it. Does that mean LinkedIn is HIPAA compliant? We'll answer that question in the following post and also recommend precautions and best practices so you can use the platform confidently, effectively, and in a HIPAA compliant manner.
SEE ALSO: Social Media & HIPAA Compliance: The Ultimate Guide
Founded in 2002, LinkedIn is the world’s largest professional network. It has expanded to 690+ million users in over 200 countries worldwide. According to LinkedIn , “You can use LinkedIn to find the right job or internship, connect and strengthen professional relationships, and learn the skills you need to succeed in your career.” There are over 30 million companies present on the platform, including millions of healthcare practices and medical offices.
A business associate is a person or company that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) for a covered entity. If a business associate handles, stores, or in any way uses PHI for a covered entity, then a business associate agreement (BAA) must be in place. A BAA is a written contract between a covered entity and a business associate and is required by law for HIPAA compliance.
LinkedIn will not sign a BAA with covered entities. However, this does not mean healthcare providers cannot use it. It simply means that covered entities must steer clear of transmitting any PHI via the platform.
SEE ALSO: Social Media for Healthcare Professionals—What to Watch For
Conclusion: LinkedIn is not HIPAA compliant because it will not sign a BAA. However, covered entities can use it—as long as they do not share any PHI.
Another reason to leverage LinkedIn is for improving your company's search engine optimization (SEO). LinkedIn is highly optimized by search engines like Google and probably ranks higher than your company's website. Your LinkedIn company and personal profiles, plus the content you write and share, will put your business at the top of web search results— especially if you optimize your page. Why does SEO matter? The higher your site(s) rank, the more traffic they will attract. That means more eyes on your business and more visitors to your website. Just be sure to include keywords in your content and follow other SEO best practices for LinkedIn. LinkedIn is also a great place to check out your competitors. Since you can research and follow medical facilities , you can keep an eye on competitive developments.
As beneficial as LinkedIn can be, the platform can be a source of serious threats. The most obvious way a medical professional can violate HIPAA is by accidentally sharing a client’s protected health information ( PHI) . Be sure to avoid posting anything that includes any of the 18 PHI identifiers . A surprising way you could violate HIPAA is if you use your work email address for your LinkedIn login. Allowing LinkedIn to use this email might allow the platform to read, store, or modify your emails, even those with PHI. This is prohibited for healthcare providers!
SEE ALSO: The Complete Guide to HIPAA Violations
HIPAA places limitations on what healthcare practitioners can say online. That means you should educate yourself and your staff with best practices for Linkedin and all social media.
SEE ALSO: Is Instagram HIPAA compliant?
To stay HIPAA compliant on LinkedIn:
Simply put: If a patient might be identified, don’t say it on LinkedIn!
Fifty-nine percent of healthcare professionals find that LinkedIn is an essential marketing tool . You too can experience success with some basic marketing strategies , even if you’re just getting started. First, combine your social media strategy with other content marketing. This will help build your audience and amplify your message. Then, recycle the content that you produce. If you post on LinkedIn, consider repurposing that information into an email newsletter—and vice versa. A HIPAA compliant email marketing platform can amplify your brand online. Email marketing not only expands your reach, but it allows you to craft how others view you and your practice. You can use email marketing to advertise your social media pages and gain more followers.
SEE ALSO: How to Use Facebook to Market Your Medical Practice
Paubox Marketing makes email campaigns like this possible in a HIPAA compliant manner. You can send personalized marketing emails that include PHI directly to your recipients’ email boxes—no passwords or portals required. Read more about what sets Paubox Marketing apart from non-HIPAA compliant solutions (such as Mailchimp and Constant Contact ) here .