Online Reviews May Expose Physicians to HIPAA Violation Liabilities

HealthDay News — Physicians should be aware that responding to a negative health care review could potentially expose personal medical information, resulting in a Health Insurance Portability and Accountability Act (HIPAA) violation, according to an article published in Medical Economics.

Physicians who defend themselves or their practice in response to a negative review by continuing the dialogue or replying to a comment could potentially expose personal medical information. Even if the patient discloses their diagnosis, the physician could be in violation of HIPAA.

The correct way to respond to negative reviews is to create a profile page on review sites or take control of an unclaimed page if it features a review. Physicians should interact with unhappy reviewers in the same way they would speak to an unhappy patient and should avoid identifying reviewers as patients. Replies should be kept short and simple, thanking the reviewer for taking the time to share their concern and inviting them to discuss the matter further by phone. Practices should have a clear policy in place for responding to patient complaints; front office staff should notify physicians so that they can respond to patients directly.

“Physicians should listen to the complaint and let the patient know how they plan to resolve it, or discuss reasons for prescribing a treatment. Patients are more likely to update negative reviews if they know they’ve been heard,” according to the article.

Related Articles


Gross A. Watch out for these HIPAA violations in online reviews. Medical Economics Published February 25, 2017. Accessed April 6, 2017.