Embed Size (px)
Citation preview
Social Networking & PrivacyAdvanced Commercial Law: Law of Electronic Commerce
SMU Dedman School of Law
Edward Marx
SVP/CIO Texas Health
October 2010
Texas Health MissionTo improve the health of the people in
the communities we serve
Texas Health VisionTexas Health Resources, a faith-based
organization joining with physicians, will
be the health care system of choice
Innovative Technology SolutionsInnovate, transform, and serve
Flow
• Video
• Texas Health and Ed Marx
• Social Networking
• One Executive and Companies Journey
• Privacy & Policy
• The Key Challenge
• Discussion
Texas Health
Odessa
Amarillo
Lubbock
Austin
San AntonioHouston
Fort Worth/Dallas
One of the largest faith-
based, non-profit health care
delivery systems in the US
– 18,000 Employees
– 3,600 Active Staff Physicians
– 14 Hospitals
– 6 JV Hospitals
– 30 Ambulatory Healthcare Sites
– 3500 Licensed Hospital Beds
– 61 Counties (6.2M people)
4
IT Recognitions
Innovator
Innovator
2009-9th consecutive
appearance; 10th time overall
2008 Healthcare SIG
Project of the Year
Debbie Jowers
Ranked 34th
Top Technological Innovators across
America for the 10th consecutive year
Doug Hawthorne-20081st & 2nd place
Ed Marx
Supply Chain Innovator Award
Edward MarxServe, Shape, Study & Share
• Husband to Julie Harding Marx
• Father to Brandon & Talitha Marx
• Passion for God, Family, People, Triathlon & Tango
• Colorado State University (BS, MS)
• Army Combat Engineer Officer/Combat Medic
• Healthcare IT Leadership Career
• Texas Health Services Authority Board
• SMU Engineering School Advisory
• TCU Business School Advisory
• UTD School of Management/MIS Advisory
Social Network Primer
―Social networks will be like air‖
-- Charlene Li, Forrester Research
Why Pay Attention
• Mainstream
• Innovation
• Relevant Leadership
• Marketing
• Collaboration
• Communication
• Community
Personal/Professional Journey
• Intra Company Email/Blogs/IM
• ServeLists
• Triathlon Bulletin Boards
• SecondLife
• Twitter & Yammer
• Hosted Blog
build business
Blog
advancing ideas & concepts
Texas Health Journey
• The Mountain
– Culture
– Fear
– Security & Privacy
– Healthcare Regulations (HIPAA)
• The Climb
– Planning
– Base Camp
– Risk
YouTube Channel
FaceBook Site
Yammer
MOSS as Web 2.0
MySite
Social Media• THR has Assumed a Leading Role in Social Media
– New tools to directly reach online customers, potential patients
– Builds on image as open environment for potential employees
– New utilization; EHR ―Ask Dr. V‖ www.TexasHealth.org/Records
– System service-line approach with Texas Health Moms micro site
– Builds on ―Most-Wired‖ positioning as technologically-forward
• THR Leaders have Accepted and Endorsed
• Social Media is Vibrant & Growing (―Jump in and figure it out‖)
– Usage spreads quickly and organically
– Traditional planning processes are not as conducive to success as
iterative prototyping
• Social Media Users Determine Success by:
– Usage
– Content is the kingmaker
Current Situation
• FaceBook 1945 Friends/14 Sites
• Twitter 1377 Followers/3 Sites
• YouTube Channel 204 videos posted with 90,05 views
• Yammer 1945 users in 96 groups
• IM/Video
• Multiple Blog Presences – Healthcare Moms
– The “Care” in Health Care – THFW Live from a Hospital – THSW
– Keeping Pulse – THAM The Story Behind the Scrubs – THHEB
– Words from Winjie – Winjie Miao CIO Unplugged – Edward Marx
• Listening Posts
– Internal pulse checks with employees (Mail to the Chief, Pulse Panels)
– Active listening for hot button issues discussed externally
– Outside service bureau for more comprehensive reporting/monitoring
• Mobile Health Applications
Near Future Possibilities• Advances in Medicine “meet-ups” (FaceBook & Twitter)
• YouTube Video Press Releases
• Service-line Specific Blogs/Forums– Linking patients with common interests for support/networking
– Linking across communities
• Internal Tools– MySite employee pages
– Executive blogs, Wikis, discussion forums, etc.
– Tribal communities
• System Recruitment– FaceBook & LinkedIn pages + Events
– Mobile landing pages for mobile recruitment campaigns
• Augmented Reality, Mobile Apps and Google Wave
• Physician Engagement & Outreach – CareTube
– CareSuite
Privacy & Policy
• Texas Health Journey
• Policy / Guidelines
• National Survey Results
Sample Guidelines
• Follow All Applicable Company Policies
• Be a Responsible Social Media Citizen
• Disclose Your Connection with Company
• Write in the First Person
• Cite Your References
• Respect Your Audience
• Use a Personal e-mail Address
• Try to Add Value & Avoid Conflicts
• Ask Before You Publish
Privacy
• Too Much Information (TMI)
• Personal Health Information (PHI)
• Personal Rights
– Wired
– Christian Science Monitor
– Mashable
• IP Issues
• Brand Damage
• Securities
Social Network Survey
*8/2009 Health Care Compliance Association & Society of Corporate Compliance & Ethics
Social Network Survey
*8/2009 Health Care Compliance Association & Society of Corporate Compliance & Ethics
Social Network Survey
*8/2009 Health Care Compliance Association & Society of Corporate Compliance & Ethics
Gartner Opinion
• Social-networking (SN) sites provide new channels for marketing and CRM
• Uncontrolled use of SN sites by staff can expose internal corporate activities
and intellectual property to inappropriate audiences.
• SN sites provide mechanisms for rapid, viral distribution of active and
passive content that can include illegal, damaging and offensive material.
• Personal and corporate information posted on SN sites can be used to
support identity fraud and competitive espionage activities.
• Enterprises need to ensure that they maintain control over their content.
• SN firms that attempt to gain control over content through licensing or other
means should be avoided at all costs.
• Whether they "explicitly" try to take control now or not, there is no telling
who might buy their property and, typically, what safeguards they may put in
place to protect your content.
Discussion
• Personal & Professional
– What is the Right Balance?
– Who Decides the Balance?
• Do Fears Outweigh Risks?
• Can you Still Separate Life Roles?
• Other Thoughts?
Marx Contact
• Blog http://histalk2.com/category/ed-marx/
• Yammer http://bit.ly/dkH9ga
• Twitter http://twitter.com/marxists
• LinkedIn www.linkedin.com/in/edwardmarx
• FaceBook www.facebook.com/edwardmarx
• Email [email protected]
32
Appendix One
Social Media @ THR
Blogs, wikis, social networks, virtual worlds and Social Media
Strategy & Plans
September 2009
Blogs, podcasts, wiki articles, photos, videos
Comments, ratings, reviews
Tags, feeds, voting
Social networks
Read, watch, listen
Not a Fad
Appendix Two
Privacy in Healthcare Context
• Emerging Practice Given Ubiquitous
Technology Deployment
• HIPAA & Perverse Consequences
• Plethora of Proposed Laws
HIPAA 101
• HIPAA was designed to:– Ensure health insurance portability
– Reduce health care fraud and abuse
– Guarantee privacy and security of health information
– Provide standards for electronic exchange of health information
• Examples of HIPAA’s impact include:– Portability.
• Guarantees medical coverage renewal, prohibits discrimination based on health status, and eliminates some preexisting conditions exclusions.
– Transaction Standards and Unique Identifiers • Creates standard formats and code sets for all major digital transactions
and provides national identifiers for providers, employers and payors.
– Security Rule.• Provides a uniform level of protection of all electronic health information.
– Privacy Rule.• Addresses the rights of an individual, the procedures for exercising these
rights and the uses and disclosures of health information. Confidentiality.
HIPAA protects the rights of individuals, not just
patients. An individual is the subject of health
information. This can include patients and health plan
participants and their covered dependents. These same
rights extend to legally authorized representatives.
A covered entity's workforce
includes employees, volunteers,
people whose conduct is under
the direct control of a covered
entity, and people involved in a
covered entity's training
programs.
Individually Identifiable Health Information (IIHI) is
health information that either identifies an individual or
provides a reasonable basis for identifying an individual,
by virtue of containing one or more of 18 identifiers.
PHI stands for Protected Health Information. This is
health information—in any form—that can identify an
individual. HIPAA and Texas state law defines how PHI
may be used and disclosed.
HIPAA Glossary
National v. State Regulation
• Many states, including Texas, passed their
own versions of HIPAA.
• HIPAA resolved this issue by instructing that
when state and federal versions differ, the
more restrictive version applies.
• Texas Health has reconciled state and federal
law; more restrictive law is reflected in our
privacy policies and training.
Providers. Texas Health is a health care provider. Providers range from large hospital systems to individual nursing homes, labs, and pharmacies. Health care providers are also doctors, nurses, dentists, psychotherapists, and others who care for patients.
Plans or Payors. Examples include Cigna, United Health Care, Blue Cross/Blue Shield, and Aetna.
ClearinghousesThese are systems that process information for other companies such as most billing services like WebMD Envoy® .
Who is Included?
Protected Health Information
• Identifies the individual
• With respect to which there is a reasonable basis to believe that the information can be used to identify the individual
• If the following information is removed, it is presumed to be non-identifiable information:
-Name -Names of Relatives
-Street Name -Names of Employers
-City -Date of Birth
-County -Telephone Numbers
-Zip Code -Fax Numbers
-Equivalent Geocodes -E-Mail Addresses
-Social Security # -Medical Record #
-Health Plan # -Account #
-Certificate/License # -Vehicle or Device Serial #
-Finger & Voice Prints -Internet Protocol Address
-Photo Images
The Key Practical Challenge
• Caregiver v. Compliance
• Real Life Tension
• Los Angeles Times
• Jacksonville
• Harvard Journal of Law and Technology
• Obstacles to Success
• Hardcore Realities
Public/Private Solution?
• Regulatory Logjam
• Provider Paralysis and Bureaucracy
• Obama Impact?
• HITrust Collaborative; A Leading Approach
– Health Information Trust Alliance
– What is it and What can it Accomplish
– Texas Health Involvement
