.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
What are health information exchanges?
Kapua Iao : September 2, 2022
Health information exchanges (HIEs) provide the channel with which healthcare organizations can safely share patients’ protected health information...
2 min read
Social media is a valuable asset to any organization, including in healthcare. However, physicians and others who handle protected health information (PHI) must not use social media in a way that violates HIPAA. Let’s look at Falcon for HIPAA compliance.
About Falcon
Falcon is a social media marketing platform. Features include social analytics, community engagement, and post-management. Falcon describes itself as “a SaaS platform for social media listening, engaging, publishing, advertising, measuring, and managing customer data.” Cision Ltd , a provider of earned media software and services, owns Falcon.Falcon and business associate agreements
A requirement for HIPAA compliance is a business associate agreement (BAA). A BAA is a written contract between a covered entity and a business associate . We found no mention of BAAs on Cision’s or Falcon’s websites.PHI and Falcon
Keeping PHI safe is an essential aspect of HIPAA compliance. As a reminder, PHI is any type of information that can be used to identify a patient and is used during patient care. There is no reference to PHI on Cision’s or Falcon’s websites. However, Cision states that it collects information from its users, through its services (including Falcon), and third parties. Types of information collected include names, IP addresses, device types, pages viewed on the website, social media logins, contact information, and tracking information (such as cookies). Cision or Falcon may share this information, including personal information, with subsidiaries, affiliates, service providers, and sub-contractors. Additionally, should the company be sold or acquired, Cision or Falcon may share that information with the buyer.Conclusion
We found no information about Falcon’s or Cision’s willingness to execute a BAA. Therefore, Falcon is not HIPAA compliant. Furthermore, Cision and Falcon collect information about their users. Therefore, those who choose to use Falcon should be conscious of the information shared on and with the platform.How to use Falcon in a HIPAA compliant way
As long as a covered entity is not sharing any PHI , it can use Falcon in a HIPAA compliant manner. To stay compliant, your practice must never:- Mention or address individuals or their health histories
- Use or imply information about an individual’s specific health conditions
- Imply information about an individual’s distinctive medical case
- Disclose anything that could be considered PHI
- Direct or private message patients (even if they message you first)
- Events or news about your practice
- General wellness tips
- COVID-19 updates
- Information about your practice’s offerings
Communicate easily with HIPAA compliant email
The easiest way to communicate directly with patients is via a HIPAA compliant email solution, like Paubox Email Suite . With Paubox Email Suite, all outbound emails encrypt by default. Our solution integrates directly into your existing email platform (such a Microsoft 365 or Google Workspace ). Paubox Email Suite requires no change to your email behavior. Paubox Email Suite requires no passwords or patient email portals as all emails are delivered directly to your patient’s inbox.
Is biometric data PHI?
Liyanda Tembani : October 2, 2023
Biometric data plays a role in healthcare, primarily for security, patient identification, and consent verification. It is considered protected...
How MSSPs can help covered entities meet HIPAA and HITECH requirements
Tshedimoso Makhene : August 30, 2025
The healthcare industry is one of the most targeted sectors for cyberattacks, with data breaches costing organizations an average of $4.4 million per...