How to teach tomorrow’s doctors about social media privacy

Teaching the next generation of doctors about digital privacy can’t just be about punishment

Hospital worker using computer. Image courtesy ShutterstockSocial media and healthcare privacy may not mix well, but telling the trainees who have grown up with social media to simply “abstain – or else!” doesn’t help students structure their behaviour in the digital age.

Medical schools and universities are increasingly implementing policies regulating social media use.

Educause, a non-profit for post-secondary IT professionals, has a collection of social media policies.

Specific to medical schools, a 2010 study published in Medical Education Online reviewed US medical school websites and found thirteen US medical schools had a social media policy, the minority of which focus on what learners can’t do.

The majority of these policies encouraged thoughtful and responsible social media use.

Social media policies are positive when they help learners to secure or retain access to the next stage of their career. A 2010 study revealed that twenty percent of residency pharmacy directors looked at applicants’ social media profiles, and of these, 89% strongly agreed or agreed that information voluntarily published online was fair game for judgments on character, attitudes, and professionalism.

Social media policies are also positive when they help protect patient privacy. In the same review of pharmacy students’ profiles, and a separate study of medical students’ online postings, administrators found information that either outright or possibly compromised patient privacy.

Doximity and Sermo are two medical social media startups that claim to offer secure forums for MD-only discussions.

Sermo and Doximity

Policies which encourage thoughtful and responsible social media use do little to help students, however, when learners don’t know how to structure their profiles and postings in professional ways.

In 2008, the University of Florida looked at the Facebook profiles of over 800 medical students and residents to find that 83% listed some form of personally identifiable information, and only 37.5% protected the privacy of their profiles.

While students of health science professions may be confident in their medical learning, a 2009 UK report [PDF] noted they often lack real competence in making sense and appropriate use of the internet in their education, as well as in developing professional lives.

The challenge is to help learners adapt to the ever-changing landscape of social media.

The digital professionalism framework models positive behaviours and recognizes that a truer locus of control in protecting privacy online is in the hands of the individual:

Digital professionalism framework

As digital privacy mavens know, educating clients and the public is not a one-time deal. Ongoing vigilance is necessary.

Similarly, the digital professionalism framework cannot be taught once, or posted to a wall and expected to be followed.

Integrating the lessons into the students’ learning experiences, then returning to and building upon these lessons as students advance in the program is necessary to help learners incorporate digital professionalism into their daily routines.

An open access article outlining how such an integrated curriculum might work (sorry, registration required) serves as a guideline to help adoption by health profession schools.

While the focus has been on social media, hardware and wireless are just as much of a concern.

Policies and strategies for supporting the professional – whether at home, the office, the clinic, or in hospital – has to mean more than an encrypted connection or disabling all USB ports.

Students at computer. Image courtesy of Shutterstock

The end user must be educated as to the risks, or the “this won’t harm anyone” attitude may result in patient files being found on personal, not professional, devices – encrypted or geolocation-based hardware wipes notwithstanding.

Working at end-user root attitudes and behaviours, not band-aid policies, is more likely to result in long-term digital professionalism.

By repeating the lessons, and building on them each time in ways that students will encounter in clinical practice, the students learn the core issues as well as how to handle problems when they arise.

The key is to design a curriculum for medical students that can actively engage them in awareness of the issues – and their responsibility and ownership of how to manage their profiles.

The lessons of digital professionalism for medical professionals may be extended to all other types of training, even corporate. We each must take responsibility to learn about and stay on top of protecting our privacy.

Hospital worker with computer and Students at computer images courtesy of Shutterstock.