Communication and Social Media Policies
Communication and Social Media Policies
In the past, communication between people was relatively simple. With the integration of communication, technology, and social media, communication has become much more complicated.
As a therapist, it is my obligation to provide ways for us to communicate that keep your Protected Health Information (PHI) secure. PHI is any “individually identifiable information” which “identifies or could be believed to identify” an individual. Examples are things like names, initials, contact information, account numbers, etc. which can be linked to your status as a client, condition or diagnoses, treatment or payment for services.
Note: Clients will be provided a 30-day written notice of any changes in policies outlined below.
Communication
Some methods of communication are more secure than others. HIPAA provides that clients are able to choose their preferred method of communication, even if it is less secure than other available methods. However, it is important that you are aware of the risks of each option before making your decision.
All methods of communication listed below are are checked periodically throughout the day and will be returned when time permits, but typically within 24 hours or the next business day. Messages received during evenings, weekends, scheduled vacations, or holidays will generally be returned on the next business day.
Due to the nature of electronic communication, messages can and do get lost occasionally through no fault of sender or receiver. If you are expecting a response and have not heard from me after 24 hours (exclusive of weekends, holidays, or scheduled vacations), please resubmit your message. Please note: Due to licensing requirements, I am required to securely log all messages we exchange, regardless of how they are transmitted.
Secure Messaging
Secure messaging, along with email, are the methods to which I am able to respond the quickest. However, unlike email, secure messaging is a better choice from a security standpoint. Here are your options:
iPhone-Users: Your iMessages to my phone number (763-355-4675) will automatically be end-to-end encrypted. Please be sure to tell me your first name when you send a message, as I do not store client contact information on my phone. If you prefer, you can also message me through the Signal app.
Android-Users: You can securely message me through the Signal app using my phone number (763-355-4675). It is an end-to-end encrypted messaging app that is more secure than standard SMS texting. Please be sure to tell me your first name when you send a message, as I do not store client contact information on my phone.
If you have general questions or comments you can reach me by email. I can usually respond to emails more quickly than voicemails.
All emails sent and received are logged by both my email service, and possibly by yours, even if you delete them. I utilize a HIPAA-compliant email service which logs and stores these messages securely.
I strongly recommend that the email address you use to send and receive messages is not one supplied by your employer, school/college, or any other email for which you do not have exclusive access, as these can be, and often are, monitored by outside parties.
I suggest that sensitive information such as session content, diagnoses, or treatment, not be transmitted via standard email, as confidentiality cannot be assured. These subjects are better discussed in person, over the phone, or through one of the secure messaging options listed above.
Voicemail
Voicemails and phone calls do not suffer the same vulnerabilities of other modes of communication and are generally regarded to be secure. I utilize a secure voice message system to receive incoming calls. However, returning phone calls is time and location sensitive, so turn around time is longer than other modes of communication, although still typically within 24 hours.
Text/SMS
If you are not using iMessages or the Signal app, your messages to me are not necessarily secure and must be limited to attendance matters only (e.g. running late, make/change/cancel/reschedule an appointment).
A Note About Employer- or School-Provided Devices
If your employer or school has provided to you a phone, tablet, or computer, be advised that they may be monitoring activity on that device. This information may include, but is not limited to apps used, websites visited, messages sent/received, device location, etc. Use caution when using these devices for personal or sensitive activities.
Social Media
Friending
I believe that ‘friending’ a client or former client, or otherwise connecting on social media potentially puts our therapeutic relationship in the public sphere and therefore threatens the confidentiality of your Protected Health Information (PHI). Interacting on social media can also blur the boundaries of our therapeutic relationship. Therefore, I do not accept friend requests from current or former clients on any social networking sites (e.g. Facebook, LinkedIn, etc.). Such requests will not be responded to and will be deleted.
Some social networking services have access to your email addresses and may generate auto-requests that appear to be from a person in your contacts list. If you receive a request to connect through a social media site that appears to be from me, be assured that it did not originate from me. If you have questions about something you have received, please contact me.
Liking
I have various social media sites for my business and you can choose to ‘like’ them. However, be advised that if you are using your real name, you are potentially linking yourself to my services in public. Consider the ramifications of this carefully and use your discretion before liking anything associated with my business.
Following
Similar to liking a page or person, using your real name to follow any of my online professional postings (e.g. blogs, Twitter) may link you to my services in public. I suggest you not use your real name if you choose to follow my postings, in order to protect your confidentiality. However, you should your own discretion when choose whether to follow me. Likewise, I do not follow client’s or former client’s online postings. Viewing your online activity without your consent and for non-therapeutic purposes could have negative consequences to our working relationship.
Direct Messages
Please do not use direct messages (DM) or private messages (PM) through any social site to contact me. These messages are not secure nor will I receive them in a timely manner. Any messages received in this way will not be responded to and will be deleted.
Search Engines
Seeking information about clients outside of a session has the potential to disrupt or negatively affect the therapy process. Therefore, I do not purposely seek out information about clients on the internet.
Business Review Sites
You may find Theraspire on a business review site such as Yelp, Google Business, Healthgrades, or other similar site. Some of these sites automatically aggregate local businesses without their express permission or involvement. These sites also allow people to submit ratings and reviews of the business. If you find my business on such a site, it is not a solicitation for testimonials, ratings, or endorsements. Such solicitations are expressly forbidden by the Marriage and Family Therapy Code of Ethics.
You retain the right to express yourself on any site you wish. However, due to confidentiality concerns, I will not respond to a review on any of these sites, whether positive or negative. As with social media, posting a review online threatens your privacy by linking my services to you in a public way. You should use your own discretion when choosing to leave a review.
________________________________________________________________
Statement of Understanding
I understand the choices and associated risks regarding how I choose to communicate with Kari Silverberg. I understand that Kari Silverberg will not engage with me on social media in any form. I understand that if I choose to link my online persona or real name to Theraspire, I am knowingly putting my Protected Health Information and confidentiality at risk. I understand that if I have questions about the Communication and Social Media Policies I can ask them at any time.
-
Here's a copy of a policy that I've based my practice's social media, electronic communication, and digital privacy policy on:
-
Thanks for the different ideas about how to script these policies. I use something similar to them in my intake form. In light of these, a question I have for the group is how do we protect ourselves while not creating an hours worth of "legal" reading for our potential clients in order to begin therapy? These statements are very thorough, which I appreciate. However, my informed consent is already 7 pages long and I often hear comments about wariness and fatigue as new clients move through it. I am wondering how you address this with clients.
-
Randy, I hear what you're saying, and agree! But these are legal documents that are meant to, yes, inform the client, but also to legally protect our butts. Frankly, I don't care if clients even read it, as long as it's signed!
I summarize the main points (confidentiality, communication, late cancel policies, etc.) during the first session and hope they retain most of it. I also try to make good use of simple language, clear fonts, bullet points, spacing, headings, etc. to make it easier to read and scan to the main points. The other thing I do is have separate documents for things so it's not like one LOOOOONG document (e.g. Informed Consent, HIPAA statement, Communication and Social Media Policy are all separate). There's not much else we can do! -
Kari - I totally agree! I've been meaning to re-write my social media policy to make it a bit friendlier but haven't found the time to do that yet.
Randy - I don't make client's sign this social media, electronic communication, and digital privacy policy I posted above. Instead, I provide it as additional reading for them to take home with them and read at their leisure (if they feel so inclined).
What I do instead is summarize the most important points and include them in a brief section within my informed consent document. I include a note inside the informed consent document that suggests they read the whole policy which I provide separately. This way we get a chance to review the most important items in the first session without bogging them down in forcing them to read the whole thing.
Finally, I ask the client verbally if they want to be able to email me instead of communicate purely by phone or through the SP secure portal. If they say yes I hand them the release I posted above and have them sign that.
-
Thanks Kari for providing a basis for me to update my communication policy. I haven't taken time yet and yours is a great start to tweak for my needs and added a few things I would have missed. I also opt for easy to understand over legalize. I usually verbally summarize the papers I hand the client into a few sentences. I can see using the portal and sending this out before I see a client and then reveiwing it verbally at intake.
Please sign in to leave a comment.
Comments
10 comments