Deana Allen, RN, AIC, ARM, CPHRM SVP, National Health Care

Deana Allen, RN, AIC, ARM, CPHRM
SVP, National Health Care Practice – Risk Consulting
Willis North America – [email protected]
Social Media
A group of internet based applications that
allow the creation and exchange of user
generated content.
2
2
Social Media … Social Networking
§ Social media is a way to transmit, or share
information with a broad audience over the
internet. Everyone has the opportunity to
create and distribute.
§ On the other hand, social networking is an act
of engagement. Groups of people with
common interests, or like-minds, associate
together on social networking sites and build
relationships through community.
3
3
Why are we discussing social media?
§ Increased awareness of mostly the same risks we
have faced for years
– Risk managers have been reviewing:
ü Advertising - commercials & billboards
ü Printed materials – newsletters & handouts
ü HCO webpages – disclaimers & content
§ Now the volume of information has exploded via
more communication channels resulting in a
significant increase in potential adverse actions
4
4
Social Media - Different Perspectives
§
§
§
§
§
§
Any “social media user”
Employee
Employer
Public
Legal/Regulatory
Marketing
5
5
6
6
7
7
Hospital Social Media Accounts
8
8
YouTube Vs. Twitter Hospital Accounts
9
9
U.S. Hospitals that use Social Networking tools – updated on October 19, 2010
§
§
§
§
§
§
871 Hospitals total
421 YouTube Channels
679 Facebook pages
648 Twitter Accounts
417 Linked in Accounts
94 Blogs
http://ebennett.org/hsnl/#ixzz0v4fZRYsQ
10
10
Where “Customers” Are Spending Their Time
§
§
§
§
§
§
Venting
Complaining
Complimenting
Sharing experiences
Seeking advice
Seeking experts
11
11
12
12
How Hospitals Use Social Media
§
§
§
§
§
§
Customer service
Community outreach
Education
Public relations
Fund raising
Strategic planning
§
§
§
§
§
§
Crisis communications
Recruitment
Employee morale
Brand monitoring
Service recovery
Research
13
13
Employee Issues
1. Employee use & misuse
2. Monitoring and regulating employee use
3. Employment decisions
14
14
Employee Use & Misuse
§ Access Issues
– At work and away from work
üSM extends beyond the walls of the employer
§
§
§
§
§
Reduced employee productivity issues
Lack of uniform practices
Don’t forget the disgruntled/former employee
Use of disclaimers
Common sense
15
15
Monitoring & Regulating Employee Use
§ Possible liability/loss:
– Torts committed by employee
üDefamation of company, employees, competition, etc.
üHarassment or discrimination
– Possible intellectual property infringement
– Possible theft of trade secrets or confidential or
proprietary information
– Damage to equipment, content contamination,
business interruption
16
16
Monitoring & Regulating Employee Use
§ “Friending” & “Following”
– Should supervisors, managers, others do this?
üOpinions – zero tolerance vs. best judgment
üDiscrimination, harassment, favoritism
– What about “fake” friending or using someone
else’s profile to get access?
– Scenario:
üHCP sees a post on a colleague's Facebook page about
“getting wasted” and he knows that person was on call
that night. What duty arises? Treat any different if you
had smelled alcohol on the breath?
17
17
Hiring Decisions
§
§
Basing hiring decisions on information obtained
from social media must not violate state or federal
discrimination laws
If you do use the internet to research a candidate
ü
ü
ü
ü
ü
ü
Ask: is this information I am going to learn a valid predictor of
job performance
Update your policies, modify written authorizations for
background checks to include reference to internet searches
Specify who will perform the search and review the information
Have set criteria for how and when
Consider P&P no one is authorized to do this search outside HR
Consider researching after a conditional job offer is made
18
18
Discipline and Termination
§ Employee comments may be protected by
law:
– Federal & state anti discrimination laws
– Wage and hour laws
– Certain laws applicable to state and federal
employees (1st and 4th amendments)
– State laws regarding “lifestyle issues”
– Electronic Privacy Act of 1986
19
19
Discipline and Termination
§ “Safe” cases:
– When the content of the posting
üViolates the law
üDiscloses trade secrets, proprietary info, etc.
üWhen the content was posted during work hours and
violates a company’s policies (fair enforcement)
§ “More difficult” cases:
– When the employee says disparaging, but not
unlawful things about
üThe company, its products, services, etc.
üCo-workers, work environment, others
20
20
Employee terminations
§ 2008 – 4% of employers
§ 2009 – 8% of employers
21
21
Training
§
§
§
§
§
Engagement
Inclusiveness
Training on various topics
Training should be ongoing
Repercussions for violations
22
22
23
23
Policy & Procedures
§ A written document of some type is needed
but a policy alone is not sufficient to ensure
compliance.
§ A written policy without education and
adherence monitoring is worthless.
§ Do you already have policies in place that
address the issues? Have you disciplined?
24
24
Don’t ban what you can not stop!
25
25
10 Important Elements for a P&P
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Overall philosophy
Honesty & respect
Confidential and proprietary information
Online identity
Focus on job performance
Avoid conflicts of interest
Include a disclaimer
Monitoring
Universal application
Other policies referenced
26
26
Sample Policy Content
So bearing all the risks and repercussions in mind, here is a proposed draft policy for social
media based on a review of current best practices:
This company believes that social networking is an important form of communicating. The policy should
begin with a discussion of the company’s orientation towards social networking. Then itemize a
nonexclusive list of risks that are posed by uncontrolled postings into social networking.
Company employees should comply with all existing company policies. Make a list of existing company
policies. Emphasize that social media should not be used as a means to run around existing policies. The
employee code of ethics should be referenced and attached to the policy.
Use personal e-mail addresses only on social networking sites. Company e-mail addresses should be used
only for company related communications -- much as a company letterhead in the ink-and-paper days.
Do not use the company logo or trademark without written consent.
Write in the first person and use a disclaimer. Use a disclaimer reviewed by the company. The disclaimer
should clearly state that the opinion is that of the author and does not represent the view of the
company.
Where appropriate, disclose associations with the company. When discussing company activities,
disclose connection to company and role within company. Use good judgement and strive for accuracy in
communication.
Respect our stakeholders. Do not disrespect our competitors, customers, vendors, business partners and
other stakeholders in the company.
Respect intellectual property rights. Where appropriate, reference and cite sources. Do not upload
materials without permission. All postings should comply with the company’s applicable confidentiality,
privacy and disclosure policies.
See resources
27
27
Actual P&P Postings
§ http://ebennett.org/hsnl/hsmp/
28
28
More P&P Postings
29
29
Legal & Regulatory Issues
§ Advertising and marketing laws
– Federal Trade Commission, Lanham Act, the Digital
Millennium Copyright Act, Communications Decency Act,
CAN-SPAM Act
§
§
§
§
Trademarks & Copyrights
National Labor Relation Act
Federal Electronic Communications Privacy Act
Fair Credit Reporting Act
30
30
Claim Allegations
Violations of :
§ Duty to secure confidential information under state and
federal laws and regs
– Privacy rights & personal info
– Breaches by employees or others
§
§
§
§
§
§
§
Infringement of intellectual property rights
Unfair competition
Defamation, Libel, Slander
Inappropriate guarantees (results, etc,)
Plagiarism
Consumer protections
Deceptive trade practices
31
31
Claim Best Practices
§ Provide timely notice of breaches, claims or potential
claims to all primary and excess insurers
– If you do not, it could result in a coverage dispute or
denial of coverage
– Sometimes there are time periods specified when initial
notice must be made, and the same for proof of loss
§ Obtain Consent to Defense Arrangement
– Duty to defend
– Reimbursement of expenses
– Insurer advances or pays first
32
32
RM Approaches to Social Media
§ Avoidance – just haven’t addressed it or have
chosen not to. Usually just have fire wall
blocking
§ Retention – self retain the cost of risk
§ Contractual/ Risk Transfer – indemnification,
insurance
33
33
Insurance Considerations
§ This sector is still emerging in addressing the
risks associated with developing technology
§ Initially broadly called “cyber liability”
– Focused on data protection, security & privacy
– Focused on costs of compliance with mandatory
notification requirements, defense costs, and
settlement costs of claims resulting from a breach
34
34
Insurance Considerations
§ Identify current policies that may provide coverage
– D&O, E&O, GL, property damage & business interruption,
fidelity bonds, fiduciary liability, EPL, cyber liability, media
liability
§ Carefully review definitions, endorsements and
exclusions
– Key words: property damage, loss, injury, claim, wrongful
act
– Normal exclusion (example D&O)
ü mental anguish & emotional distress
§ Defense & Settlement Flexibility
35
35
Insurance Considerations
§ Be proactive in negotiating insurance
coverage before a claim arises
§ May help reduce time waiting for lengthy
coverage determinations
§ Consider new products and recognize they
may also be negotiable
– Market is gaining knowledge, policies being
“tested”, claims maturing, allegations, outcomes
and risk management better understood
– More insurers entering market
36
36
Contracts - Risk Transfer
§ Review indemnification agreements with
vendors or other third parties
§ Review insurance policies where the HCO may
be an additional insured
37
37
Lessons Learned for Renewals
§ Terms, conditions, exclusions, etc. should be
considered in negotiating coverages with
markets for the next year because we are in
such a steep learning curve with this exposure
and types and methods to address these
exposures are changing quickly.
38
38
As social media claims continue to
develop, so too will insurance policies.
During this time HCO’s can best
prepare with good risk management,
comprehensive coverage and sensitivity
to managing and maximizing their
relationships with insurers.
39
39
Risk Management Uses
§
§
§
§
§
Investigations
Impeachment
Impact on trials
Service process
Waiver of privileges
40
40
Risk take-aways
ü Know the HCO’s social media
strategy
ü Review any P&Ps
ü Emphasis on HR issues
ü Review insurance for coverage
and gaps
ü Know how
adherence/compliance is being
monitored
ü Educate staff in reporting Social
Media related PCE’s/breaches
ü Should be included in orientation
ü Consider a SM FTE /Dept
ü Contract with “Monitoring”
vendor for mention of HCO
ü Have access to legal counsel with
expertise in this area of defense
ü Be aware of potential SEC
concerns
ü Educate the Board and
Leadership
ü Ongoing IT surveillance for
malware and other threats
ü Consider Social media incident
response team
ü HCO/PR/risk/legal prepared to
respond to negative commentary,
potential claims
ü Ignore, post comment, ask for
“it” to be “taken down”
41
41
Consider
§ Surfing social media sites
§ Join one – example LinkedIn
§ Find out what your competitors & customers
are doing
§ Bookmark and regularly visit sites that track
legal developments
42
42
Sources and Resources
§
§
§
§
§
§
§
§
§
§
§
Social Media Revolution (2) http://www.youtube.com/watch?v=lFZ0z5FmNg&feature=related
http://ebennett.org/fall-09-presentation
A Legal Guide to the Commercial Risk and Rewards of the Social Media Phenomenon 2010,
http://www.reedsmith.com/
Social Media Embracing the Opportunities , Averting the Risks,
http://www.russellherder.com/SocialMediaResearch/
Herding Social Media, http://www.treasuryandrisk.com/Issues/2010/April2010/Pages/Herding-Social-Media.aspx
Social Media in Action in Employment, http://www.legalbytes.com/2010/03/articles/socialand-digital-media-law/social-media-in-action-in-employment
Online Social Networking: A Brave New World of Liability,
https://www.advisen.com – downloads/SocialNetworking.pdf
Social Media and the Workplace: Managing the Risks,
http://www.jacksonlewis.com/events/webinars.cfm
Advising Your Clients (and you!) in the New World of Social Media: What Every Lawyer
Should Know About Twitter, Facebook, YouTube & Wikis
http://webster.utahbar.org/barjournal/2010/05/advising_your_clients_and_you.html
43
43
Disclaimer
§
This material is meant to be a useful reference, but it is not a substitute for legal
advice.
§
The information is provided from or developed with the use of sources generally
considered to be reliable.
§
The information included may not be accurate for all states and all situations.
Accuracy and completeness are not guaranteed.
§
The information is intended as risk management advice. It does not constitute a
legal opinion, nor is it a substitute for legal advice. Legal inquiries about topics
covered in these pages should be directed to your attorney.
44
44
Questions?
Contact information:
Deana Allen
SVP, Willis National Health Care Practice
[email protected]
404 302 3807
45
45