Making the Case for Employee Access to the Internet

We’re well into the 21st century and at least a decade past the introduction of contemporary social media (v. bulletin boards and chat rooms of the 1990s). And yet, despite compelling evidence for the value of online social networking platforms, some health care professionals still encounter institutional resistance to providing open access to the Internet.

Here are the top three concerns as well as realities and solutions for you to use as needed to counteract resistance.

HIPAA and Patient Privacy

“If we allow access, our staff will break HIPAA rules.”
“Our legal liability will increase.”

Patient privacy violations occur much more frequently in the analog world than online. But even if social networking sites were responsible for all HIPAA violations, blocking access from work computers would be an inadequate remedy.

For one thing, physicians and allied health professionals use tablets for work. Kantor Media survey estimates tablet use by physicians at 64 to 85 percent depending on the age group. More than 50 percent of doctors use their smartphone to find drug information. Plus, not only do staff already have access to social networking platforms on their personal devices during work hours, but they access these services at home as well.

Manage risk by:

  • establishing and enforcing privacy and social networking use policies
  • providing rigorous training about HIPAA rules

As a practical reality, every health care organization already has well-developed privacy policies as well staff training for using them. Guidelines for using social networking platforms simply needs to be added.

Visit Resources to find the Social Media Guidelines for Mayo Clinic Employees. Start with this post, “Unifying Guideline: Follow All Applicable Mayo Clinic Policies” and keep clicking through to read Lee Aase’s entire series of posts about Mayo Clinic’s approach.

IT Security and Bandwidth

“Facebook is a security risk for viruses and malware.”
“We don’t have the bandwidth for YouTube videos.”

Facebook, Twitter and other social networking platforms are simply websites and do not differ technically from any other website. Standard enterprise-level virus programs that protect workstations from email viruses and malware work equally well for social media.

Locking down administrative rights and using tools like Websense to block known malware sites is common practice on large networks and will provide adequate protection relative to social media. A more common problem is the lack of staff awareness about typical scams, many of which use email as a vector.

Manage risk by:

  • providing education about password hygiene and basic security practices to protect the organization (and individuals) from identity theft and unauthorized access
  • test bandwidth for video (i.e., unblock YouTube and observe what happens) and upgrade the network as necessary

Since online networks have near-completely replaced paper as the dominant means of distributing content, investing in more-than-adequate bandwidth is a necessity—not a luxury.

Staff Productivity and Professionalism

“If we allow access to social networking platforms, our staff will goof off all day.”
“If we allow access to social networking platforms, we lose one more way to control public image.”

Employees who want to avoid work will always find plenty of ways to do so. The ability of staff to waste time without consequence has more to do with supervision and management than anything inherent to social media. In addition, consider how “break time” and “break time activity” might look a bit different these days.

As for trust, health care organizations trust employees (with appropriate training) to handle sharp instruments and administer controlled substances; surely this trust could extend to social media use. 

Manage risk by:

  • fostering a work environment of mutual respect and trust
  • provide management training that accounts for a variety of workstyles, especially when several generations are represented among staff

Keep in mind that work tasks can – and will – look different depending on the staff position and responsibilities. You really do want your communications professionals online as they deem necessary to work effectively and, depending on your organization’s view of patient engagement, your medical personnel as well.

Open Internet Access for Employees at Mayo Clinic

Mayo Clinic does not block employee access to social networking sites such as Facebook, Twitter and YouTube. In fact, through the Mayo Clinic Social Media Network we actively encourage employees to use social media tools in their work. That's why we've collaborated with Hootsuite to create our Social Media Basics for Healthcare Certification, which provides training in how to best use various social platforms, as well as a module on Professionalism.

We urge our colleagues in health care to embrace the benefits of encouraging employee engagement through an open stance toward social networking sites, with guidelines and training that fit your organization.