Social Media in Healthcare: A Slippery Slope

MedPro Group Patient Safety & Risk Solutions

In the past two decades, social media has become ubiquitous in the United States and abroad. The widespread proliferation of electronic messaging, social networking, media sharing, discussion forums, blogging, and more has connected people in new and engaging ways that traditional forms of communication have not. The ability to quickly communicate and share information has shaped how people interact as well as their expectations related to those interactions. 

Research shows that nearly 72 percent of U.S. adults use social media sites — such as YouTube, Facebook, Twitter, Instagram, Snapchat, LinkedIn, and Pinterest — and the average person accesses seven different social media platforms per month.1 Because social media use is more prevalent with younger age groups, it is realistic to assume that its popularity and role in many types of communication will continue to grow. 

In the past, healthcare was relatively slow to implement social media as marketing and communication tools, primarily because of concerns about violating patient privacy. However, as consumer demand has risen, and organizations attempt to find new ways to connect with patients, social media has become more of a mainstay for healthcare organizations of all types and sizes. Yet, with social media benefits come risks; leveraging social media for professional purposes can be a slippery slope, and its use in healthcare presents various challenges. 

This article discusses opportunities and common risks associated with using social media for healthcare communication and delivery, and it also offers strategies that healthcare providers and their staff members can implement to reduce risks. 

What Are the Potential Benefits of Social Media? 

The use of social media can bring significant communication and educational benefits to both healthcare providers and consumers. Many healthcare providers use social media to connect with professional groups and peers, research medical information, and stay up to date with new information and research that might affect patient care and daily practice. Further, providers use social media to post educational content and other information for patients, to market and advertise services, and to enhance visibility and reputation. 

For consumers, social media can assist with searching for new healthcare providers, keeping up with healthcare issues and concerns, finding support groups, researching alternative medications and side effects, tracking information from health apps, and more. Data from the Pew Research Center show that more than one-third of U.S. adults have used the internet to try to figure out a medical issue, and other research shows that social media tools influence the choice of a specific hospital, medical facility, or doctor for 4 in 10 people.2 

What Are the Risks of, and Strategies for, Using Social Media?

Undoubtedly, social media offers various functions that may potentially enhance the dissemination of healthcare information and communication among healthcare providers and between providers and patients. But what about the risks? Like any type of technology, social media can create safety and liability issues if it is not used responsibly. Additionally, because social media changes rapidly, standards and best practices are not always well-defined. 

To address these challenges, healthcare leaders, providers, and staff members should be aware of the potential risks associated with digital interactions, develop detailed social media policies, and implement risk strategies to safeguard their patients and practices. 

Maintain Privacy and Security 

n healthcare, one of the most significant concerns related to social media is the need to maintain strict confidentiality and safeguard patients’ protected health information (PHI). This obligation is addressed in federal law and governed by the U.S. Department of Health and Human Services (HHS) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Many states also have laws related to privacy and security of patients’ PHI — and these laws might be more stringent than federal laws. 

Because the boundaries between appropriate versus inappropriate and personal versus professional use of social media can easily blur, managing privacy risks can be challenging. For example, numerous instances have occurred in which healthcare workers have posted pictures of, or details about, their patients on their professional or personal social media pages without patients’ consent. Regardless of whether these actions were intentional or inadvertent, they violated confidentiality and the patients’ privacy rights.3 ECRI explains that social media can elevate privacy concerns because it “distributes information instantaneously to a wide audience; also, unlike in-person conversations, use of social media creates a permanent electronic record that is likely discoverable in litigation.”4 

Various risk management strategies can help healthcare practices address privacy concerns related to social media. For example: 

  • Ensure providers and staff members are aware of what types of information and personal identifiers are considered PHI under HIPAA. 
  • Do no post or publish any content on social media sites that contains identifying information (including photographs and testimonials) without the patient’s permission and written consent. The consent should explicitly state how the information will be used. 
  • Consider prohibiting the photographic use of cellphones and other portable electronic devices (PEDs) as part of organizational policy. 
  • Have someone who is familiar with HIPAA and state privacy regulations review social media content to ensure information does not violate patient confidentiality. 
  • Train providers and staff members on HIPAA and state privacy laws, and educate them about the consequences of violating these regulations. 
  • Ask providers and staff members to sign confidentiality agreements, and maintain a signed copy of the agreement in each employee’s personnel file. 
  • Be aware that responding to a patient post or review on a social media site might violate privacy laws. 
  • Understand the technical limitations and terms and conditions of any social media sites that you plan to use. For example, information sent via messaging functions is likely not encrypted, and the site might maintain the right to access any personal information. 
    Taking steps to address privacy concerns by developing social media policies and implementing strategic safeguards can help protect patients and reduce liability exposure. 

Establish Appropriate Boundaries 

Social media can create a new dynamic in provider–patient relationships, and it also can generate ethical and legal challenges. Dr. Humayun Chaudhry, the Federation of State Medical Boards’ President and CEO, has warned that “Anything physicians post on sites can be forwarded, taken out of context, and accessed and retrieved in perpetuity. That’s a fact that many physicians don’t always think about when they engage in social media.”5 

Because social media is used for both personal and professional purposes, the boundaries between the two can sometimes become difficult to distinguish. However, healthcare providers generally should assume that their staff members and patients are likely using some form of social media, and anyone could potentially see social media posts that the provider or a staff member creates as well as what anyone else writes about the healthcare practice on social media sites. 

Because of these concerns about personal and professional boundaries, healthcare professionals are advised to keep their personal and professional social media activities separate and to “comport themselves professionally in both.”6 For example, healthcare providers should not “friend” patients on Facebook or mix social relationships with their professional relationships. Instead, they should apply the same ethical principles that govern their traditional patient encounters to their online interactions with patients, including privacy and confidentiality standards. 

Further, providers should be aware of the implications of offering online information that might be construed as personal healthcare advice. Doing so could inadvertently trigger a duty to care, and it also may pose patient safety concerns. Because of this, electronic media should include standard disclaimers and disclosure language that explain the nature of the communication (e.g., for informational purposes only) and caution users against interpreting the content as healthcare advice. 

Develop Social Media Policies 

Developing and implementing social media policies and guidelines are essential steps for managing risks associated with social technology. Include staff members in the initial planning and drafting of policies, and ask them to help identify and assess potential issues. 

Key areas to consider when developing organizational social media policies include: 

  • The practice’s goals and target audience for social media communication 
  • Acceptable and unacceptable use of social media, with explicit examples 
  • Who is authorized to develop and post social media content on behalf of the practice 
  • The review and approval process for social media content 
  • Standard disclaimer and disclosure language 
  • The patient consent process for using their words, images, stories, etc., on social media 
  • Terms of use for visitors on the practice’s social sites 
  • The process for reporting inappropriate use of social media 

When developing these policies, keep in mind that social media is dynamic and constantly changing. To address this, create policies that are flexible and adaptable to new or changing social media technologies. Doing so will help avoid the need for constant updating.7 

In addition to having policies for social networking websites (e.g., Facebook, Twitter, and Instagram), healthcare practices also should have written guidelines for the use of email and other types of electronic messaging, such as texting and portal communications. 

The American Medical Association’s (AMA’s) Code of Medical Ethics outlines key strategies for managing electronic communication risks, which include: 

  • Upholding professional standards of confidentiality 
  • Maintaining privacy, security, and integrity of patient information 
  • Notifying patients about the limits of electronic communication 
  • Obtaining patients’ consent for using electronic communication prior to sending privileged information 
  • Presenting medical information in a manner that meets professional standards 
  • Being aware of laws that determine when a physician–patient relationship has been established 

For more detailed information, see AMA’s Code of Medical Ethics Opinion 2.3.1 — Electronic Communication With Patients.8 Similar to the AMA, dental guidance also recommends that patients should be notified about, and accept the risks of, communicating electronically before such communication is used.9 

When developing an electronic communication consent form, consider including the following information: 

  • Types of services and information that are suitable for electronic interactions (e.g., nonemergent questions/concerns, prescription refills, appointment requests, etc.) 
  • Criteria for establishing a provider–patient relationship 
  • Notice of whether the electronic communications originating from the practice are encrypted
  • A statement notifying patients to contact emergency medical services if they are experiencing an urgent problem 
  • The general turnaround time for responding to electronic communications 
  • The right of the healthcare provider to refuse to make conclusions or decisions regarding treatment based on information obtained electronically 

The electronic communication consent form should also include (a) a statement that the patient has read and accepted the policy, and (b) a place for the patient’s signature. The healthcare practice should maintain the signed release in the patient’s record. 

Control Quality and Monitor Your Online Presence 

Part of maintaining a professional presence online is monitoring the quality of information posted or sent on behalf of your practice. Information should be accurate, current, objective, and nonambiguous. Policies that establish who is responsible for developing content and how content is reviewed and approved will assist with quality control efforts. 

Depending on the type of social media being used and/or the control settings, site users might be able to post content or comments to the practice’s social media pages. Understanding the types of media the practice is using and how users can potentially interface with it are important aspects of quality control. 

Organizational social media policies should include a mechanism for monitoring online presence and managing negative, offensive, or inaccurate information. To ensure consistency with organizational policy, healthcare leaders or administrators might want to consider assigning one person to review external comments, posts, and responses and handle them accordingly. Keep in mind that comments and responses from staff members must comply with privacy standards. 

Educate Healthcare Providers and Staff Members 

Educating providers and staff members about how much and what types of personal and professional social media usage and tools are acceptable in the workplace is an essential risk management strategy. 

A report from the Pew Research Center showed that the majority of workers use the internet and social media on the job for various personal and work-related activities.10 In healthcare settings, a significant challenge is instilling common sense and discretion regarding personal and professional use of these technologies. Organizational policy should define appropriate use of the internet and PEDs (such as cellphones and tablets). For example, the policy might require that employees turn off their personal phones during office hours and retrieve and respond to their messages during breaks. 

Education about the practice’s social media policies as well as discussions about the potential risks and liability issues associated with social media, should be included as part of orientation training and ongoing staff education. Providers and staff members also should be aware of the disciplinary actions for violating the practice’s social media policy. 

In Summary 

Social media can serve many useful purposes in healthcare by facilitating communication, enhancing information sharing, and promoting services. However, with these opportunities come challenges. Maintaining privacy and confidentiality, establishing appropriate boundaries, developing written policies, monitoring online activities, and educating providers and staff members should remain in the forefront of healthcare practices’ risk management strategies for social media. Further, as these technologies continue to evolve, healthcare practices will need to adapt to ensure a safe and respectful environment for patients, staff, and providers. 


  1. Pew Research Center. (2021, April 7). Social media fact sheet. Retrieved from sheet/social-media/; Barnhart, B. (2022, March 22). 41 of the most important social media marketing statistics for 2022. Sprout Social. Retrieved from 
  2. Fox, S., & Duggan, M. (2013, January 15). Health online 2013. Pew Research Center. Retrieved from; Brimmer, K. (2012, June 13). PwC report shows importance of social media to healthcare. Healthcare Finance. Retrieved from report-shows-importance-social-media-healthcare 
  3. ECRI. (2021, January 12). Social media: Organizational risks. Health System Risk Management. Retrieved from; Parsi, K., & Elster, N. (2015, November). Why can’t we be friends? A case-based analysis of ethical issues with social media in health care. AMA Journal of Ethics, 17(11), 1009-1018. doi:10.1001/journalofethics.2015.17.11.peer1-1511 
  4. ECRI. (2021, January 12). Social media: Staff-related risks. Health System Risk Management. Retrieved from 
  5. Clark, C. (2013, April 12). ACP, FSMB issue stern guidance on social media. Retrieved from 
  6. Farnan, J. M., Sulmasy, L. S., Worster, B. K., Chaudhry, H. J., Rhyne, J. A., & Arora, V. M. (2013). Online medical professionalism: Patient and public relationships: Policy statement from the American College of Physicians and the Federation of State Medical Boards. Annals of Internal Medicine, 158(8), 620–627. 
  7. ECRI, Social media: Organizational risks.
  8. American Medical Association. Code of medical ethics opinion 2.3.1: Electronic communication with patients. Retrieved from 
  9. Kouzoukian, J. G., & Anvar, B. (2019). Protecting electronic communications: Don’t let convenience trump compliance in your interactions with patients. Inside Dentistry, 12(15). Retrieved from; New Jersey Dental Association. (2014). Emailing patient information: A resource for dental practices. Retrieved from 
  10. Lampe, C., & Ellison, N. B. (2016, June 22). Social media and the workplace. Pew Research Center. Retrieved from 

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Risk Checklist

Documentation Essentials

Front page of the Documentation Essentials Checklist

Documentation serves many purposes, from patient care record keeping, to communications, to coding and billing, and even data for quality improvement. It may also preserve information that is critical to the defense of a legal action.

Download our Documentation Essentials Checklist to help review important risk management strategies for documentation and identify potential areas for improvement.

This document should not be construed as medical or legal advice. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions. 

MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and/or may differ among companies. © 2020 MedPro Group Inc. All rights reserved.

Risk Checklist

Due Diligence of Business Associates

Front page of the Due Diligence of Business Associates Checklist

In the current complex healthcare environment, it is increasingly common for healthcare organizations to partner with external businesses. Due diligence screening can help ensure that these Business Associates adhere to a set of standards.

Download our Checklist for Due Diligence of Business Associates to help evaluate your processes.

This document should not be construed as medical or legal advice. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions. 

MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and/or may differ among companies. © 2020 MedPro Group Inc. All rights reserved.

Risk Q&A

Payment Issues in Healthcare Practices

At the time of an appointment, or as a condition of scheduling an appointment, can a healthcare practice require a patient to pay his/her portion of an expected deductible, copayment, or other charge not covered by insurance? If the patient does not pay, can the appointment be cancelled or rescheduled upon receipt of the patient’s payment?

Patients are obligated to pay for services they receive from healthcare practices, and clinicians are obligated to provide a reasonable standard of care for existing patients and patients for whom contracts or regulations trigger an obligation (e.g., EMTALA referrals, insurance plan contracts, hospital bylaws, etc.).

Balancing business and clinical obligations requires a fact-specific approach. A healthcare practice’s payment expectations and consequences for nonpayment should be included in written policies and procedures as well as patient informational materials.

Before making scheduling decisions (e.g., cancellation or rescheduling) based on a patient’s ability to pay, the healthcare provider should confirm that the scheduling decision will not adversely affect the patient’s health. Additionally, healthcare administrators should determine whether regulations or contractual agreements affect the decision.

Fact variations may include the following related to payment at time of service:

If a scheduling decision requires a healthcare provider’s evaluation, then the provider should document his/her clinical assessment and scheduling recommendations in the patient’s health record. For example, the provider might document that because the patient is stable, rescheduling the appointment will not adversely affect his/her health.


This document should not be construed as medical or legal advice. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions. 

MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and/or may differ among companies. © 2020 MedPro Group Inc. All rights reserved.

Keep It Simple: Using Plain Language to Support Patient-Centered Care

Laura M. Cascella, MA, CPHRM

A significant hurdle in patient-centered care is effective communication throughout the care process. If patients do not understand their diagnoses, test results, recommended treatment plans, and follow-up instructions, they cannot fully participate in their care.

A common barrier to effective communication is poor health literacy. Research shows that only a small percentage of adults have proficient health literacy skills, and most adults have difficulty using the everyday health information that is routinely available in healthcare facilities.1 These statistics are significant because people who have low health literacy are at increased risk for poor outcomes, higher rates of emergency department visits and hospitalization, and death.2 Patients who have limited health literacy also might feel ashamed about their lack of knowledge, and they may “mask these difficulties in order to maintain dignity.”3

Healthcare providers need various tools and techniques to improve communication with patients and develop “standards of practice that support and incorporate health literacy principles . . .”4 One important tool for tackling literacy barriers and improving patient comprehension is plain language. The principles of plain language focus on written information that is clear, concise, and logically organized. Readers should be able to find what they need, understand what they find, and use what they find to meet their needs.5

Because print and online written materials — such as patient education brochures, informational websites, provider instructions, and medical forms — play a vital role in the healthcare process, assessing the quality, readability, and usability of this information is crucial. The following strategies — compiled from various sources6 — offer guidance related to content, text, design and layout, and visuals. This information can help organizations and providers determine whether current or prospective materials align with plain language principles and support efforts to ensure patient comprehension and patient-centered care.


Content refers to the focus, core message, and organization of written information. When assessing content, consider the following questions:

  • Is the purpose and intention of the material clear based on the title and introductory information? Will the reader understand what the information is about and how he/she should use it from an initial glance?

  • Is the content accurate and current? Misinformation about medical conditions and treatments is not uncommon, particularly with the explosion of online information. Healthcare organizations and providers should ensure their information reflects current knowledge and standards.

  • Is the content appropriate for the age and culture of the target audience? Cultural competency goes beyond just language; healthcare providers should consider how cultural beliefs, knowledge, and values might affect patients’ understanding of health information.

  • Does the content focus on what the reader needs and wants to know? Does it avoid using extraneous details and distracting information (e.g., complex descriptions of disease processes)?

  • Is the most important information presented prominently (e.g., at the beginning or using a visual cue that draws attention)? Readers might skim information, so the main messages should be obvious.

  • Does the content contain one or more calls to action? For example, a call to action might prompt the reader to have a health screening or follow up with a healthcare provider.

  • Are important concepts repeated within the material? Repetition can help the reader retain information.

  • Is information presented in a logical order? For example, an informational flyer about a diagnostic test should explain how to prepare for the test before discussing what the results mean.

  • Is similar information grouped together, and does material use descriptive headings and subheadings to help readers navigate the content?

  • Does the material use short paragraphs and focus on one topic per paragraph to avoid overwhelming or distracting the reader? For example, a patient education brochure that discusses asthma treatment should separate information about long-term control medications and quick-relief medications.

  • Does the material use examples and well-designed visuals that make complex material easier to understand? See below for more guidance on visuals.


Text and content are related, but “text” refers to more granular elements such as word choice, sentence length, and tone rather than overall purpose and organization. When evaluating text, consider the following questions:

  • Is the wording at an appropriate reading level for your target audience? Keep in mind that many Americans read at or below an eighth-grade reading level.7 Readability formulas — although not foolproof — can help determine how difficult text is to read. Examples of readability formulas include Fry, SMOG, and Flesch-Kincaid.

  • Is the text conversational in tone and does it favor active voice over passive voice? A conversational tone uses contractions and pronouns and can help forge a connection with the reader. Using active rather than passive voice helps clarify actions and reduce ambiguity. For example, “Call your doctor right away if you have a fever” versus “If a fever develops, your doctor should be notified immediately.”

  • Does the material use words that are well known to individuals without medical training (e.g., “high blood pressure” instead of “hypertension” or “tooth decay” instead of “caries”)? If no common term exists for a medical or technical term, is the term described the first time it is used?

  • Does the text use short sentences? Short sentences help improve readability and avoid information overload; however, sentence length should vary slightly so the text doesn’t sound choppy.

  • Does the text use one- or two-syllable words when possible (e.g., “blood clot” instead of “embolism”)?

  • Are wordy phrases avoided? Although some wordy phrases are common in everyday language, they can still make text less precise and confusing. Examples of wordy phrases include “due to the fact that” (because), “in order to” (to), and “at the present time” (now).

  • Does the text avoid overuse of abbreviations and acronyms, which can distract the reader? If the text includes abbreviations and acronyms, are they defined the first time they are used?

  • Does the text use the same term consistently to identify a specific object or concept? Lack of consistency in terminology can confuse the reader and reinforce inaccurate perceptions.

  • If the text contains numbers, are they presented in a clear, easy-to-understand way, and is their importance explained? Some people might have trouble making sense of ratios, percentages, and fractions. For them, “1 in 8 adults” might be easier to comprehend than 12.5%. Further, without a clear explanation, the reader might not understand if “1 in 8” represents a significant problem or risk.

Design and Layout

The elements of design and layout — such as font style, colors, and spacing — play an important role in the effectiveness of written materials. Even if the content is clear and the text is reader-friendly, poor design and layout can disorient and confuse the reader. When assessing these factors, consider the following questions:

  • Does the material use at least a 12 point font or larger in an easy-to-read typeface? Recommendations generally suggest serif fonts for body text (e.g., Times New Roman) and sans serif fonts for headings (e.g., Arial).

  • Does the material avoid using multiple font styles on the page and throughout the document? Using different fonts to differentiate headings and body text is acceptable, but using a mix of typefaces within the body of a document can create confusion.

  • Does the material use dark font on a light background? Light fonts on dark backgrounds or fonts that do not contrast enough with their backgrounds are hard to see, particularly for people who have vision problems.

  • Is bold or italic typeface used to show emphasis rather than underlining, which is difficult to read and might be confused with hyperlinking? Is the method chosen to show emphasis used sparingly but consistently within the material?

  • Do headings use a mixture of uppercase and lowercase, and are they clearly differentiated from body text (e.g., set in bold)?

  • Is the text aligned to the left margin (including the headings) rather than fully justified (flush with both margins) or centered? Left alignment and a ragged right margin help aid in readability.

  • Does the material use short lists to focus on specific material, highlight information in a visually clear way, or clarify the chronological order of steps in a process? Lists can help break up dense information, making it easier to read and scan. However, long lists and lists with multiple levels (i.e., lists within lists) might be difficult to follow.

  • Does the material use standard bullets (e.g., circles or squares), and is the bullet style consistent throughout the material? To avoid confusion, are numbered lists used to show only items in a sequence?

  • Does the material use white space effectively and consistently, including heading spacing, line spacing, paragraph spacing, and margins? White space can prevent the content from looking too condensed and overwhelming. Plain language and health literacy recommendations suggest:

    • Having at least 1⁄2 inch to 1 inch of white space around the margins of the page and between columns for printed materials.
    • Using more space above headings than below them to help visually link each heading to its related content.
    • Setting line spacing between 1.2 and 1.5 lines.


In patient materials, “visuals” can refer to photographs, illustrations, tables, graphs, pictographs, infographics, and more. Well-designed visuals can present or reinforce vital information. When evaluating the visuals in materials, consider the following questions:

  • Do visuals help accurately show or clarify important information, and is their design simple and devoid of clutter and distractions?

  • Do visuals have high-quality resolution and contrast? Although visuals should be simple, they should look professional to enforce the credibility of the material.

  • Are elements such as sidebars, text boxes, and pull-quotes used to emphasize key messages?

  • Does each visual relate to or present only one message? Visual elements that try to present multiple messages might confuse the reader.

  • Are visuals logically located and do they include clear, concise titles and captions?

  • Are visual elements age appropriate and culturally relevant and sensitive?

  • Do visuals that show a process or series of steps have each element numbered to clearly indicate its place in the sequence?

  • Do tables have clearly labeled rows and columns and consistent alignment? Do charts and graphs use descriptive, clear labels and legends?

In Summary

The premise of patient-centered care relies on effective communication that helps patients understand health information and participate in shared decision-making. Yet, inadequate health literacy has been — and continues to be — a persistent communication barrier, hindering patients’ comprehension and marginalizing their role in care.

One important strategy for overcoming health literacy challenges is providing patients with written information in plain language. Materials should be clear, concise, purposeful, logically organized, and well-designed. Incorporating plain language principles as part of an overall strategy to address health literacy can support efforts to engage patients in their care and empower them with knowledge to make informed decisions.


For more resources about improving verbal and written communication with patients, see MedPro’s Checklist: Strategies to Support Patient Comprehension and Risk Resources: Health Literacy and Cultural Competence.


3 Institute of Medicine, Health literacy: A prescription to end confusion.

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Communicating Effectively With Patients Who Have Limited English Proficiency

Patient Safety & Risk Solutions

Patients who have limited English proficiency (LEP) often do not understand the health information conveyed to them by healthcare providers. For these patients, inadequate comprehension can result in many negative outcomes, including delayed diagnoses, misunderstanding of care plans, medication errors, lack of follow-through, misuse of health services, and lack of trust and confidence in healthcare providers.1

Because of the far-reaching effects of poor comprehension, healthcare leaders, providers, and staff should proactively identify and address language barriers.

Implementing strategies to improve patient comprehension can help organizations provide optimum care for patients who have LEP and reduce the risk of misunderstandings that could potentially lead to adverse outcomes.

  1. Ask all new patients to indicate their preferred language, and determine whether an interpreter is needed to properly assess language preferences and language assistance needs. Document these preferences in the patient’s health record.

  2. Match patients with qualified bilingual clinicians or staff members, or request an interpreter for patients who do not speak English very well or who appear to have difficulty understanding English.

  3. Display signs in your waiting and reception areas announcing the availability of interpreting services. Note: The Affordable Care Act requires covered entities to post notices of nondiscrimination and taglines that alert individuals who have LEP to the availability of language assistance services.

  4. Use acceptable language assistance services to help your patients who have LEP. Acceptable services include bilingual healthcare providers or staff members, staff trained as interpreters, onsite trained medical interpreters, and telephone or video medical interpreting services.

  5. Do not have healthcare providers or staff who are not trained or certified serve as medical interpreters. Also, for privacy reasons, do not use a patient’s family or friends, including minor children, as interpreters.

  6. Be certain that all healthcare providers, staff, and interpreters use plain language when communicating with patients who have LEP.

  7. Provide written materials in patients’ preferred languages. If unable to do so, secure the assistance of interpreters trained in sight translation. Additionally, obtain multilingual health education materials to distribute to your patients who have LEP to support comprehension and adherence to treatment.

  8. Research whether Medicaid or the Children’s Health Insurance Plan in your state pays for interpreter services. Healthcare providers are reimbursed for providing interpreting services in some states. In others, the state contracts directly with interpreting services.

  9. Contact community organizations to determine whether they can provide volunteer trained medical interpreters.

  10. Consider sharing language interpreting services or developing collaborative contracts with local healthcare organizations to use telephonic or online interpreting services.

  11. Assess your staff’s efforts in meeting language assistance needs. Explore new approaches to address any weaknesses identified.

  12. Routinely conduct a review of the health records of patients who have LEP to ensure that their language assistance needs are being documented and assessed. Ensure that qualified individuals are providing language assistance.

  13. Develop procedures for your office staff to respond to calls from patients who have LEP. If possible, use bilingual office staff or onsite interpreters to respond to these calls.

  14. Reserve blocks of time for patients who have LEP to schedule appointments, and arrange for interpreters to be available during those times.

  15. If your organization provides care to a significant number of patients who have LEP, record answering machine messages in more than one language with prompts. If using an answering service, consider contracting with a service whose language capacity supports your patient population.



This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Addressing Risks Associated With Telehealth

Patient Safety & Risk Solutions

Advances in telecommunication technologies over the years have increasingly made telehealth a viable option for healthcare delivery. The benefits and value of telehealth have become even more evident in the wake of the COVID-19 pandemic, which rapidly accelerated the adoption of virtual care.

In the current healthcare landscape, telehealth is helping address issues related to healthcare accessibility, cost efficiency, infection prevention, patient satisfaction, and more. Yet, like any type of care, telehealth carries risks, including issues associated with licensing, credentialing and privileging, online prescribing, informed consent, health information privacy and security, standards of care, and care coordination.

Through careful consideration and risk assessment, healthcare organizations and providers can identify safety and liability issues associated with their telehealth services and proactively implement safeguards throughout the telehealth process. The following list offers key strategies for addressing risks associated with telehealth.

  1. Be knowledgeable about federal and state laws and regulations related to telehealth, such as requirements for licensure, online prescribing, informed consent, clinical decision-making, and quality improvement. Check with your state medical, osteopathic, nursing, or dental board for specific guidance.

  2. Verify with your professional liability carrier that you have coverage for the telehealth services you plan to offer.

  3. Identify and implement telehealth best practices, and stay abreast of any changes in telehealth regulations and standards of care. The American Telemedicine Association and other professional associations have published a number of telehealth practice guidelines.

  4. Ensure that providers delivering telehealth services are properly credentialed (either by the originating site or the distant site) and qualified for their proposed scopes of service. Any privileges granted should comply with applicable scope of practice laws.

  5. Develop and implement patient selection criteria and standardized clinical protocols for telehealth services to ensure consistency, quality, and efficiency of care.

  6. When multiple providers are involved in a patient’s care, have a clear understanding of duty of care and clinical responsibilities at both the originating and distant sites, including disclosure of any adverse events. Make sure the specific provisions and accountabilities are documented.

  7. Implement protocols to ensure that communication from distant site telehealth providers is promptly reviewed and necessary actions are taken.

  8. Ensure that technology and equipment used for telehealth services are high quality, functional, and properly maintained and serviced. Providers and staff should be aware of who is responsible for equipment maintenance.

  9. Assess the privacy and security risks of your telehealth systems, and implement safeguards at all points of risk exposure. Monitor the systems for possible security breaches.

  10. Make sure that any telehealth vendors who are considered business associates can demonstrate compliance with applicable laws and regulations. Have legal counsel review all contracts and business associate agreements with vendors.

  11. Train telehealth providers and staff on applicable telecommunication technologies, scope of telehealth services offered, equipment maintenance, and privacy/security standards.

  12. Train telehealth providers and staff on patient care operations and workflow for telehealth encounters (e.g., confirming patient and provider readiness, verifying the patient’s identity, implementing a back-up plan in the event of a technological failure, etc.)

  13. Educate patients about the availability and types of telehealth services, required technology, potential limitations, and situations in which care delivery via telehealth is not optimal or viable.

  14. Conduct thorough informed consent discussions with patients that include information related to the proposed treatment or procedures as well as a discussion of risks specific to the delivery of care using telecommunication technologies.

  15. Develop a written policy related to documentation for telehealth services, and verify that providers and staff members are knowledgeable about and comply with the policy.

  16. Ensure that your organization’s mechanism for incident reporting supports telehealth events, and evaluate telehealth activities as part of ongoing quality improvement initiatives. Surveys or questionnaires can help gauge provider and patient satisfaction with telehealth services.


For more information about managing risks associated with telehealth, see Risk Resources: Telehealth/Telemedicine and take MedPro’s on-demand continuing education program Telemedicine: Evaluating Virtual Care From a Risk Management Perspective.

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Managing Nonadherent and Difficult Patients

Patient Safety & Risk Solutions

Healthcare providers face many challenges when patients are nonadherent or difficult. These behaviors can compromise the provider-patient relationship, and patients might be at an increased risk of misdiagnosis and more likely to have negative outcomes.

One study, for example, showed that clinicians were 42 percent more likely to wrongly diagnose a complex medical issue and 6 percent more likely to wrongly diagnose a simple medical issue when dealing with difficult patients.1

To mitigate the challenges that nonadherence presents, healthcare organizations should create a policy that specifically defines a patient’s rights and responsibilities, display it in the organization, and make it available to all patients. This policy will provide the basis on which to build effective provider-patient relationships.

The following strategies offer additional ways to proactively engage nonadherent and difficult patients and address potentially problematic behaviors.

  1. Be aware of the difference between informed refusal of care and patient nonadherence to an agreed-upon treatment plan. A patient can refuse care even if the consequences might be dire.

  2. During each patient encounter, emphasize the importance of following the agreed-on treatment regimen, even if symptoms subside. Explain the possible consequences of not following the prescribed treatment plan.

  3. Provide nonadherent patients with education about their treatment plans both verbally and in writing — especially if a patient has serious health problems.

  4. With patients’ permission, include family members, caretakers, and significant others in education about the importance of following treatment plans. These individuals might help reinforce the importance of adhering to treatment.

  5. Consider that a patient-centered approach seeks to get patients more involved in their care. During patient encounters, ask open-ended, probing, and nonjudgmental questions to identify factors influencing nonadherence.

  6. Try various communication techniques such as motivational interviewing to empower patients to set goals they believe are attainable. Understanding the patients’ stages of changing behavior and dealing with discouragement will support a mutually agreed on care plan.

  7. Use a technique such as teach-back to ensure that patients fully understand the information and instructions provided. Patients from all racial, ethnic, socioeconomic, and educational backgrounds might have limited health literacy, which can contribute to nonadherence.

  8. Consider patients’ lifestyles and medication costs when prescribing. A variety of situational, geographic, economic, and cultural issues can contribute to nonadherence.

  9. If a patient has financial, physical, or emotional limitations that lead to nonadherence, determine whether any community services are available to help the patient overcome treatment barriers.

  10. Consider using patient agreements that detail both provider and patient responsibilities relative to the treatment regimen. Both parties should sign the agreement.

  11. If a patient is missing appointments, try to determine the reason (e.g., transportation, family care, or financial issues). After several missed appointments, consider sending the patient a letter stressing the importance of keeping the appointments and adhering to the treatment plan. Keep a copy of the letter in the patient’s health record.

  12. Document missed or cancelled appointments by noting either “patient no-show” or “cancelled” in the patient’s health record. If possible, document the reason for a cancellation — e.g., “no transportation” or “child care issues.”

  13. Do not delete original appointment entries; the appointment log might become a valuable tool if you have to demonstrate a patient’s continued nonadherence to appointments.

  14. Document a description of all clinical nonadherence in the patient’s health record, as well any education provided to the patient, family, caregiver, and/or significant other regarding the possible consequences of not following the treatment regimen.

  15. When documenting, use subjective statements from the patient or others and objective information obtained through patient encounters. Avoid disparaging remarks or editorializing when documenting information in the health record related to patients’ nonadherent behaviors.


This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Addressing Sexual Harassment from Patients or Third Parties

Patient Safety & Risk Solutions


How can my healthcare organization address issues related to sexual harassment and inappropriate
behavior by patients or their family members?


Sexual harassment and other types of inappropriate behavior from patients and third parties (e.g.,
patients’ family members, friends, or caregivers) is not unusual in healthcare. A Medscape survey
of physicians showed that more than a quarter (27 percent) reported sexual harassment from
patients.1 A separate Medscape poll found that 71 percent of nurses reported patient harassment.2
The types of harassment reported include unwanted touching, sexual comments, inappropriate
texting and emailing, sexual propositions, requests for dates, and more.

Complicating this serious issue is the unique dynamic between patients and healthcare providers,
particularly in situations in which (a) providers are legally or ethically obligated to provide
treatment, or (b) patients’ inappropriate behaviors reflect a medical condition, such as dementia
or a psychotic episode.3 To navigate this complex dilemma, healthcare organizations should
proactively plan for harassment scenarios. Consider the following strategies:

  • Ensure your organization’s harassment policies include information and procedures related to harassment from patients and third parties.

  • Support a culture of safety and well-being that encourages individuals to report all instances of harassment they experience or witness. Make employees aware that their safety is a top priority.

  • Empower healthcare providers and other staff members to say “no” and voice their discomfort if patients or other third parties act inappropriately.

  • Develop incident response procedures for handling reports of sexual harassment, and ensure employees understand the process for reporting incidents. Incident procedures might include:

    • Having a designated individual talk with the patient or third party about his/her behavior or actions.
    • Requiring additional providers or staff members to be present during interactions with the harassing patient or third party.
    • Reassigning the patient to other providers or staff members (e.g., reassigning a male patient to a male nurse if a female nurse is being harassed).
    • Restricting the patient’s access to certain areas within the facility and/or closely monitoring the patient’s behavior.
    • Advising the patient to find another source of care or terminating the provider–patient relationship. (Note: This strategy is not applicable in all situations or care settings.)
    • Contacting law enforcement in cases resulting in physical or sexual assault or other criminal activity (e.g., stalking).

  • Reinforce to supervisors and other leaders that harassment by patients and third parties is as serious as harassment from within the organization. Ensure supervisors and other leaders are aware of the organization’s legal and ethical responsibility to protect employees.

  • Educate all employees about the organization’s zero-tolerance policy for all forms of discrimination and harassment. Emphasize the expectation that employees will report harassment they experience or witness immediately.

  • Reinforce employee trust in organizational leaders and processes by following transparent protocols and ensuring all incidents are handled promptly and consistently.


This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.

Informed Refusal: A Review

Patient Safety & Risk Solutions

Informed refusal, like informed consent, is a concept that relies on ethical and legal guidelines that acknowledge the right of competent adults to determine the course of their healthcare. Also, like informed consent, informed refusal refers to a process that requires consultation between a healthcare provider and a patient to determine viable treatment options and engage the patient in treatment-related decisions.

As a healthcare provider, effective communication and thorough patient education are your best allies for encouraging patient collaboration and gaining patient cooperation in selecting and adhering to a treatment plan.

However, patients can refuse care even if the consequences might be dire. Patients also have the right to change their minds and withdraw consent for treatment they have previously authorized, even when the treatment has been started.

Risk Considerations

When a patient refuses treatment or wants to abandon a treatment plan, you should consider the following questions:

  • Was the patient given adequate information about his/her diagnosis as well as treatment options that meet the current standard of care?

  • Did you thoroughly discuss with the patient the risks and benefits of treatment options?

  • Did you and the patient discuss and agree upon mutual expectations for a satisfactory outcome?

  • Did you encourage the patient to ask questions and voice concerns? Were these questions and concerns addressed to the patient’s satisfaction?

  • Did you explain the risks associated with refusing treatment? Risks might include:
    • Fewer treatment options as the condition deteriorates.
    • Lower probability of a successful or optimal outcome.
    • Higher probability of complications.
    • Remaining treatment options that are more expensive than the treatment that was initially recommended.

  • Did you ask for the patient’s reason for the decision? If you are aware of the patient’s reason for refusal, you might be able to propose an alternative treatment option that the patient will accept.

These examples illustrate the figurative seesaw that the healthcare community has experienced with EHR technology. As a result, feelings about EHRs often are mixed, and many providers cite EHR issues as a key contributor to clinician burnout.

In addition to clinical and operational issues, EHRs also have introduced a new dynamic in malpractice liability. A survey from the Medical Professional Liability (MPL) Association (formerly PIAA) found that more than half of member companies had EHR-related malpractice litigation.2 Major contributing factors in this litigation included problems with documentation, system functionality, metadata, record format, vendor support, and more. Further, a review of malpractice claims facilitated by CRICO Strategies showed that claims involving EHR factors were costly and almost half resulted in high-severity outcomes (i.e., permanent disability or death).3

This article focuses on a number of areas in which EHR-related risks may occur due to time constraints, inexperience, oversight, system usability, or other factors. Risk strategies also are presented for each area covered, with the hope that they will lay the groundwork for more thorough discussions within healthcare organizations about how to manage risks associated with complex EHR systems.


If the patient has received adequate information and education, but still refuses treatment, you should scrupulously document the decision in the patient’s health record. Documentation should include the patient’s diagnosis, the recommended treatment, the outcomes that might occur if the condition isn’t treated, and all patient education efforts.
If you opt to use an informed refusal form, give the patient a copy of the signed form and retain the original in the patient’s health record. The form should include:

  • The patient’s diagnosis

  • Treatment options and the treatment plan the patient elected (if any), as well as risks and benefits associated with each

  • Acknowledgement that the patient refused or terminated treatment

  • Specific risks that might occur if the patient doesn’t receive care, and acceptance of the risk on the part of the patient

  • The patient’s signature (if he/she agrees to sign)

Although it is not always necessary for the patient to sign an informed refusal form, the request forces the patient to acknowledge the seriousness of the untreated condition. Many patients will sign the form, but some refuse. In the event of refusal, you should document that the patient was asked to sign the form and would not do so.

Some providers like to have a witness present when a patient refuses needed care. When an employee has been asked to witness the informed refusal process, he/she should sign the record and date the signature — regardless of whether the patient agrees to sign.

Ongoing Care

By refusing urgently needed care, patients might increase their risk of injuries and possibly increase your liability risk. Under these circumstances, you might (a) continue to see and treat such patients with the hope that they might change their mind or that, if their conditions deteriorate, emergent care can still be initiated, or (b) feel that you have no other choice but to formally withdrawal from these patients’ care.

If you decide to withdraw from a patient’s care because of a treatment refusal, a discussion should take place, if possible, before the formal discharge process occurs. The patient should know that you feels strongly enough about the recommended treatment that you might withdraw rather than stand by as a witness to the deterioration of the patient’s condition.

Having decided to withdraw, you should formalize the notification with a discharge letter, giving the patient adequate time (generally 30 days) to find another practitioner. The letter should be sent to the patient via certified mail with return receipt requested, and an additional copy should be sent through first class mail. Copies of the letter should be maintained in the patient’s file.

For more information, see MedPro’s guideline titled Terminating a Provider–Patient Relationship.

In Summary

When patients refuse necessary care, healthcare providers must be vigilant in ensuring that the patients understand the potential risks and consequences of their decisions. Providers also should make sure all informed refusal processes are thoroughly documented in patients’ health records, including any related forms or documents. When in doubt about how to handle a patient’s refusal of treatment or withdraw from a treatment plan, contact a risk management expert.

This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.