by Amanda Larson
Article filed in
Is Instagram HIPAA Compliant?
by Amanda Larson
Technology opens powerful gateways and new opportunities for communicating with patients. In this modern age, some medical professionals are turning to Instagram to spread their message.
Instagram is free, simple to navigate, and used worldwide, but: is Instagram HIPAA compliant?
Instagram is a free, photo and video-sharing app where users can interact with one another’s content through likes, comments, and private messaging.
The platform has attracted over 1 billion users since its launch in 2010. With over 120 million active users in the United States, Instagram is undoubtedly one of the most popular social media apps available.
Medical professionals using Instagram
Instagram is a powerful platform to reach a wide range of users, so it’s no surprise why medical professionals are using it to disseminate information.
Sharing medical best practices and other educational information is at an all-time high with the COVID-19 pandemic. Instagram even wrote a blog post about how the platform can be used to promote accurate information about the disease while discouraging misinformation.
Medical professionals are leveraging social media more than ever to broadcast important updates about coronavirus, but they must be careful to avoid HIPAA violations while doing so.
The business associate agreement and HIPAA compliance
If a business associate handles, stores, or in any way uses PHI for a covered entity, then a business associate agreement (BAA) must be in place. A BAA is a written contract between a covered entity and a business associate and is required by law for HIPAA compliance.
Is Instagram HIPAA compliant?
Instagram will not sign a BAA with covered entities. However, this does not mean healthcare providers cannot use it. It simply means that covered entities must steer clear of transmitting any PHI via the platform.
Conclusion: Instagram is not HIPAA compliant because it will not sign a BAA. However, covered entities can use it—as long as they do not share any PHI.
How to be HIPAA compliant on Instagram
Educate yourself and your staff on best practices for Instagram and all social media platforms. These include:
- In-depth understanding of what information constitutes protected health information (PHI) under HIPAA
- Never post any information that can be interpreted as PHI
- Make general statements about the practice, without sharing specifics
- Use broad terms to address “all patients” rather than individuals
- Do not diagnose or describe any prognoses, symptoms or courses of treatment
- Use HIPAA compliant email to contact patients (or potential patients) directly—do NOT use Instagram to message patients either privately or publicly
HIPAA compliant marketing options
The only true safeguard against HIPAA violations and hefty HIPAA fines is using HIPAA compliant software.
Fortunately, a HIPAA compliant marketing tools exists which can help your practice grow: Paubox Marketing.
Its military-grade encryption lets you send HIPAA compliant email directly to your recipients email inboxes with no plugins or portals required.