social media gone wild benefits, dangers & information security and privacy policies benefits,...
TRANSCRIPT
Social Media Gone WildSocial Media Gone Wild
Benefits, Dangers & Information Security and Privacy Policies
Benefits, Dangers & Information Security and Privacy Policies
1
Page 2
© Rebecca Herold. All rights reserved.
AgendaAgenda• What Is Social Media?
• A Few Social Media Facts
• Benefits...
• But Be Aware Of The Dangers...
• Using Social Media Apps
• Posting Photos and Videos
• Common Risks and Scams
• Topics/Issues to Cover Within Social Media Policies
• What to Tell Workers
• What Is Social Media?
• A Few Social Media Facts
• Benefits...
• But Be Aware Of The Dangers...
• Using Social Media Apps
• Posting Photos and Videos
• Common Risks and Scams
• Topics/Issues to Cover Within Social Media Policies
• What to Tell Workers
What is “social media”? What is “social media”? Just a few examples of the most commonly used types of social media sites:• Blogs such as TypePad, WordPress,
etc.
• Collaboration sites, such as wikis (e.g., Wikipedia, Delicious) and social news (e.g., Digg)
• Livecasting and meeting sites such as Skype, Livestream, etc.
• Microblogs such as Twitter
• Photography and art sharing sites such as Photobucket, Flickr, Picasa, VineMe, etc..
Just a few examples of the most commonly used types of social media sites:• Blogs such as TypePad, WordPress,
etc.
• Collaboration sites, such as wikis (e.g., Wikipedia, Delicious) and social news (e.g., Digg)
• Livecasting and meeting sites such as Skype, Livestream, etc.
• Microblogs such as Twitter
• Photography and art sharing sites such as Photobucket, Flickr, Picasa, VineMe, etc..
• Presentation sharing sites, such as Scribd, Slideshare, etc.
• Product reviews sites such as Epinions.com, MouthShut.com, etc.
• People reviews sites such as RateMDs.com, Healthgrades.com, etc.
• Social networks such as Facebook, LinkedIn, Google+, Pinterest, etc.
• Video sharing sites such as YouTube, Vimeo, etc.
• Virtual worlds such as Second Life, Maple Story, etc
• Presentation sharing sites, such as Scribd, Slideshare, etc.
• Product reviews sites such as Epinions.com, MouthShut.com, etc.
• People reviews sites such as RateMDs.com, Healthgrades.com, etc.
• Social networks such as Facebook, LinkedIn, Google+, Pinterest, etc.
• Video sharing sites such as YouTube, Vimeo, etc.
• Virtual worlds such as Second Life, Maple Story, etc
Page 3
© Rebecca Herold. All rights reserved.
Page 4
© Rebecca Herold. All rights reserved.
A Few Social Media Facts (1/2)A Few Social Media Facts (1/2)• Twitter has over 555 million users and over 200 million
tweets per day
• Facebook has over 901 million users, 50% of which log in daily
• Over 150 million people use LinkedIn
• Google+ has over 170 million users
• Pinterest has over 11.7 million users
• Over 40% of all Internet traffic is video
• YouTube has 107 million unique visitors each month and 10.3 million followers on Twitter
• The number of social media sites is unlimited
• Twitter has over 555 million users and over 200 million tweets per day
• Facebook has over 901 million users, 50% of which log in daily
• Over 150 million people use LinkedIn
• Google+ has over 170 million users
• Pinterest has over 11.7 million users
• Over 40% of all Internet traffic is video
• YouTube has 107 million unique visitors each month and 10.3 million followers on Twitter
• The number of social media sites is unlimited
A Few Social Media Facts (2/2)A Few Social Media Facts (2/2)• Everyone is impacted by social media
sites• What happens on social media sites
stays online forever
• Everyone is impacted by social media sites
• What happens on social media sites stays online forever
Page 5
© Rebecca Herold. All rights reserved.
BenefitsBenefits• Customer Service
• Knowledge Sharing and Collaboration
• Patient Health Education
• Customer Awareness
• Learning
• Marketing
• New Contacts
• News/World Events
• Patient Care
• Research
• Crisis Management
• Customer Service
• Knowledge Sharing and Collaboration
• Patient Health Education
• Customer Awareness
• Learning
• Marketing
• New Contacts
• News/World Events
• Patient Care
• Research
• Crisis Management
Page 6
© Rebecca Herold. All rights reserved.
DangersDangers• Damage Reputations
• Leaking Information (e.g., PHI, employee info, etc.)
• Network Slow-Downs and Stand-stills
• Personal Relationships Damaged
• Physical Dangers
• Potentially Be Seen By Everyone
• For frequent hacks
• Damage Reputations
• Leaking Information (e.g., PHI, employee info, etc.)
• Network Slow-Downs and Stand-stills
• Personal Relationships Damaged
• Physical Dangers
• Potentially Be Seen By Everyone
• For frequent hacks
• Spread Malware
• Keyloggers
• Time Bandits
• Used As Evidence in Investigations
• Misinterpreted Information
• Violate Laws
• Result in Civil Lawsuits
• Spread Malware
• Keyloggers
• Time Bandits
• Used As Evidence in Investigations
• Misinterpreted Information
• Violate Laws
• Result in Civil Lawsuits
Page 7
© Rebecca Herold. All rights reserved.
Using Apps & Other Software Using Apps & Other Software • Spotify
• Foursquare
• Farmville
• TribeHR
• Etc.
• Spotify
• Foursquare
• Farmville
• TribeHR
• Etc.
Page 8
© Rebecca Herold. All rights reserved.
Activities from Personal Networks/DevicesActivities from Personal Networks/Devices• Don’t post about work
• Don’t post about co-workers
• Don’t post about customers, patients, etc.
• Don’t sync or share files between personally-owned computers and computers/systems
• Don’t post about work
• Don’t post about co-workers
• Don’t post about customers, patients, etc.
• Don’t sync or share files between personally-owned computers and computers/systems
Page 9
© Rebecca Herold. All rights reserved.
Risks Posting Photos & VideosRisks Posting Photos & Videos• About workplace, patients,
customers and co-workers
• Personal photos
• Patient/customer/consumer photos
• Obtaining consent
• About workplace, patients, customers and co-workers
• Personal photos
• Patient/customer/consumer photos
• Obtaining consent
Page 10
© Rebecca Herold. All rights reserved.
Common Social Media Risks and ScamsCommon Social Media Risks and Scams• Spear phishing
• Social engineering
• Spoofing
• Malware
• Keyloggers
• Denial of Service (DoS)
• Spear phishing
• Social engineering
• Spoofing
• Malware
• Keyloggers
• Denial of Service (DoS)
Page 11
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (1/11)Social Media Policies Topics (1/11)Appropriate use of social networks (Facebook, LinkedIn, YouTube and Twitter in particular)
• From the networks
• From the company-owned computing devices
• From networks using personally-owned computing devices
• From staff-owned computing devices and/or networks
• From public computers/networks
Appropriate use of social networks (Facebook, LinkedIn, YouTube and Twitter in particular)
• From the networks
• From the company-owned computing devices
• From networks using personally-owned computing devices
• From staff-owned computing devices and/or networks
• From public computers/networks
Page 12
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (2/11)Social Media Policies Topics (2/11)Blogging
• Content of posts
• References to co-workers, customers, patients, the business, etc.
Blogging
• Content of posts
• References to co-workers, customers, patients, the business, etc.
Page 13
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (3/11)Social Media Policies Topics (3/11)Wikis (e.g., Wikipedia, GeniusWiki, Brainkeeper, Zwiki)
• Those (if any) acceptable to use for business purposes
• Those unacceptable to use for business purposes
• Acceptable activities for the wikis
Wikis (e.g., Wikipedia, GeniusWiki, Brainkeeper, Zwiki)
• Those (if any) acceptable to use for business purposes
• Those unacceptable to use for business purposes
• Acceptable activities for the wikis
Page 14
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (4/11)Social Media Policies Topics (4/11)Information that should not be posted from any type of location/computer
• PHI, PII, SPI, etc.
• Co-worker information
• Confidential business information
Information that should not be posted from any type of location/computer
• PHI, PII, SPI, etc.
• Co-worker information
• Confidential business information
Page 15
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (5/11)Social Media Policies Topics (5/11)
Marketing
requirements/guidelines• Positions/departments authorized to post
• Types of information acceptable to post
• Type of information that should not be
posted
• Do not take personal information from
sites to use for business (e.g., marketing,
etc.)
Marketing
requirements/guidelines• Positions/departments authorized to post
• Types of information acceptable to post
• Type of information that should not be
posted
• Do not take personal information from
sites to use for business (e.g., marketing,
etc.)
Page 16
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (6/11)Social Media Policies Topics (6/11)Security controls that need to be in place• Anti-malware
• Firewalls (including personal firewalls)
• Spam prevention
• DLP
Security controls that need to be in place• Anti-malware
• Firewalls (including personal firewalls)
• Spam prevention
• DLP
Page 17
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (7/11)Social Media Policies Topics (7/11)Time spent on social networks while at work
• Not while with customers or patients
• Only for short periods of time
• Only during breaks
Time spent on social networks while at work
• Not while with customers or patients
• Only for short periods of time
• Only during breaks
Page 18
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (8/11)Social Media Policies Topics (8/11)Linking/friending/etc. with customers, patients and co-workers
• Don’t ask for worker passwords
• Only authorized personnel can participate from accounts established for personnel
• Don’t link/friend/etc. from your personal accounts that list as your employer
• Examples of how to respond to request:– “Thank you very much for your invitation! However, it is against
our policies to link with or friend patients in social network sites.”
Linking/friending/etc. with customers, patients and co-workers
• Don’t ask for worker passwords
• Only authorized personnel can participate from accounts established for personnel
• Don’t link/friend/etc. from your personal accounts that list as your employer
• Examples of how to respond to request:– “Thank you very much for your invitation! However, it is against
our policies to link with or friend patients in social network sites.”
Page 19
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (9/11)Social Media Policies Topics (9/11)Posting photos & videos• Patient/customer posting (e.g., that patients/customers want
to take with staff)– Ask that they only post images that include staff with the staff’s
knowledge– Ask that they don’t include others within their images
• Staff posting– No posting of patient/customer images unless approved by the
Privacy Office or with written consent of patient– No posting of images showing facility entries or other staff
unless approved by the Privacy Office
Posting photos & videos• Patient/customer posting (e.g., that patients/customers want
to take with staff)– Ask that they only post images that include staff with the staff’s
knowledge– Ask that they don’t include others within their images
• Staff posting– No posting of patient/customer images unless approved by the
Privacy Office or with written consent of patient– No posting of images showing facility entries or other staff
unless approved by the Privacy Office
Page 20
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (10/11)Social Media Policies Topics (10/11)Reacting to posts about and staff
• Don’t respond directly to negative posts
• Report the negative posts to the PR Office
• Don’t argue, defame, or otherwise act negatively in communications with others online
Reacting to posts about and staff
• Don’t respond directly to negative posts
• Report the negative posts to the PR Office
• Don’t argue, defame, or otherwise act negatively in communications with others online
Page 21
© Rebecca Herold. All rights reserved.
Social Media Policies Topics (11/11)Social Media Policies Topics (11/11)Donor searches (e.g., kidney, etc.)
• Only authorized personnel can post messages for such searches
• Only authorized personnel can post replies to posts offering organs
Donor searches (e.g., kidney, etc.)
• Only authorized personnel can post messages for such searches
• Only authorized personnel can post replies to posts offering organs
Page 22
© Rebecca Herold. All rights reserved.
Page 23
© Rebecca Herold. All rights reserved.
Before Posting Think (1)… Before Posting Think (1)…
Are you posting anything you, or your friends, family, co-workers, employers, patients or guests don’t want the entire world to see?
– Internet-based social media sites are public, even many that say they are “private”
– Social media sites on “closed” networks have more controls
Are you posting anything you, or your friends, family, co-workers, employers, patients or guests don’t want the entire world to see?
– Internet-based social media sites are public, even many that say they are “private”
– Social media sites on “closed” networks have more controls
Page 24
© Rebecca Herold. All rights reserved.
Do you want that post to be seen forever?
– Once posted on the Internet information is virtually impossible to remove
– Information posted on internal networks are easier to control
Do you want that post to be seen forever?
– Once posted on the Internet information is virtually impossible to remove
– Information posted on internal networks are easier to control
Before Posting Think (2)…Before Posting Think (2)…
Page 25
© Rebecca Herold. All rights reserved.
What are the consequences of your posts being used out of context?
– Your Internet posts can be copied, altered, reposted– Will your hard work be used inappropriately by
someone else?
What are the consequences of your posts being used out of context?
– Your Internet posts can be copied, altered, reposted– Will your hard work be used inappropriately by
someone else?
Before Posting Think (3)…Before Posting Think (3)…
Page 26
© Rebecca Herold. All rights reserved.
Could your post put you, or your family, friends, co-workers, customers or patients in danger?
– Criminals like to see posts stating when people will be at specific locations, away from their home, etc.
– We are a litigious society
Could your post put you, or your family, friends, co-workers, customers or patients in danger?
– Criminals like to see posts stating when people will be at specific locations, away from their home, etc.
– We are a litigious society
Before Posting Think (4)…Before Posting Think (4)…
Page 27
© Rebecca Herold. All rights reserved.
Are you violating any laws?– Are you violating any healthcare, financial, or other
federal, state or international laws?– Are you committing copyright or licensing
infringement with the information you post?– Are you stating something as fact that really isn’t?
Are you violating any laws?– Are you violating any healthcare, financial, or other
federal, state or international laws?– Are you committing copyright or licensing
infringement with the information you post?– Are you stating something as fact that really isn’t?
Before Posting Think (5)…Before Posting Think (5)…
Page 28
© Rebecca Herold. All rights reserved.
Is your message clear?
– Be sure you are not unintentionally breaking cultural norms or putting out something unintentionally offensive.
– Meet the expectations of company communications for internal sharing.
Is your message clear?
– Be sure you are not unintentionally breaking cultural norms or putting out something unintentionally offensive.
– Meet the expectations of company communications for internal sharing.
Before Posting Think (6)…Before Posting Think (6)…
Page 29
© Rebecca Herold. All rights reserved.
Remember…Remember…
Questions?
Page 30
© Rebecca Herold. All rights reserved.
Contact InformationContact Information
Rebecca Herold & Associates, LLC“The Privacy Professor”®
1408 Quail Ridge Avenue
Van Meter, Iowa 50261
Phone 515-996-2199
Web site: www.theprivacyprofessor.com
Blog: www.privacyguidance.com/blog
TwitterID: http://twitter.com/PrivacyProf
Rebecca Herold & Associates, LLC“The Privacy Professor”®
1408 Quail Ridge Avenue
Van Meter, Iowa 50261
Phone 515-996-2199
Web site: www.theprivacyprofessor.com
Blog: www.privacyguidance.com/blog
TwitterID: http://twitter.com/PrivacyProf