The question today for healthcare facilities isn't "does your facility use social media?" It's "who is using social media, for what purpose, and what policies govern its use in your organization?"
Q.As part of its fundraising effort, Hybrid Entity's cancer center wants to send a patient list (demographic information only) to Hybrid's development office, which is not designated as a healthcare component of Hybrid. Is this permissible?
Paula Moran, MEd, and Jennifer Edlind, JD, CHC, know what they're talking about when they say having an incident response team in place when a data breach occurs is important. Moran is privacy and security manager at Massachusetts General Hospital (MGH) in Boston. Edlind is director of privacy and compliance operations at University Hospitals Health System (UH) in Cleveland.
