Social Media: The pitfalls of using Instagram & co. in Healthcare Organisations

A part of everyday life

Social Media, like Facebook, Twitter, LinkedIn, Youtube, Instagram, and many more, have become an increasingly prevalent part of our everyday communication. They offer opportunities to connect and communicate with people all around the globe, to exchange information, and to share messages, pictures, videos, and more. Businesses now use social media for public relations, marketing, communication, and customer care. For healthcare organizations, the use of social media is also becoming an important part of everyday contact with patients, suppliers and the public.

In this article, we are going to discuss the advantages and risks that come along with a social media presence for healthcare organisations and their staff members.

Social media in healthcare?

Social media might benefit healthcare organisations in various ways by: Building connections; communicating with patients; providing online education to the broader public; and sharing discoveries and relevant health alerts. Furthermore, through social media, healthcare organizations are more likely to get feedback from their patients. As a result, social media can help to provide better care to patients.

But the advantages of Social Media do not come without their own set of potential problems.

The traps of posting and liking

Using Social Media means that the information you put on the web may be difficult to retract. Even after social media posts or accounts are deleted, information about those posts, including such that contain personal information, can still be collected through a variety of sources.

How your data might be exploited

Collecting, aggregating, storing, analyzing and using data has become more and more profitable, and health data is particularly valuable. Searches about types of health conditions and treatments, posting healthcare information links, participating in social media based support groups, and rating systems about doctors, hospitals and other healthcare providers produce knowledge that can be used to create profiles, develop communication and marketing strategies, and determine persons or places to exploit. In addition, this can be integrated with data about health institutions, clinic buildings, infrastructure, medical devices and other health relevant data found on the internet.

All of this data can in most cases be retrieved, connected and used, now or later, even by unauthorized persons or organizations. As discussed in our video on social engineering, social media can be utilized to find information through phishing attacks and other attacks on security.

Dangers of abuse

Apart from this, the use of social media raises a number of concerns, as they might open the door for cyberbullying, trolling, stalking, grooming, and damaging the wellbeing, safety and reputation of users and their organization. Particular risks of social media use within healthcare concern both privacy and professionalism.

Regarding privacy, the risk for a social media user in the healthcare profession to purposedly or inadvertently reveal information about a patient is a significant concern. Compliance with privacy legislation remains critical, especially because health data are sensitive data. Regarding professionalism, time constraints might make it difficult for medical professionals to be able to effectively use social media as those require shorter and quicker responses. Additionally, some healthcare workers may not see a connection between commenting on their work and the larger implications of this for other people, whether colleagues or patients.

So, how should social media be adopted, in order to reduce their risks while still benefiting from their advantages?

Reaping the benefits

Here are some examples of how healthcare organisations can benefit from social media: Promoting healthcare specific networks; posts used to to educate patients and the public; using hashtags to engage in conversation about specific topics; contributing to other healthcare related topics; creating information for patients about relevant topics that connects with the current state of scientific research; explaining complex medical issues in comprehensible language.

For healthcare organisations using social media, there are some key recommendations they should follow:

First, they should establish their own media policy for employees, and how they will respond to the public on social media. Second, they should hire professional communication experts for their social media use. Third, they should create some sort of approval system for their posts. Fourth, they should ensure that appropriate IT support systems are in place in relation to social media use. Finally, in relation to the media policy an organisation has, it should create guidelines for social media presence of their staff and provide training for them in relation to these expectations.

Acting responsibly

Best practices for healthcare workers on social media are similar to best practices for most all social media users. You should be careful when adding someone you don’t know as a connection; you should not to give specific location information or inform others when you are absent from their home or their workplace; and you should be careful with giving out information about yourself or other persons, either at your own or other organizations.

Before posting anything, users should ask themselves: Am I ok with this potentially being available permanently? Am I ok with this being read by anyone? Am I ok with this being used to by others to profile who I am? Would I do or say this in a public place? Would I want strangers, people from my professional context, friends and relatives, or criminals, to know this about me?

Conclusions at organizational level

For those specifically posting on social media on behalf of healthcare organizations, similar sorts of questions should be asked: Are the topics we address relevant for our visitors? Do our posts represent the current state of art and the most up to date medical research? Is our content and style consistent with our organisational culture? Are our messages consistent with our organisational values?

Most of these concerns do not directly involve cybersecurity issues but are generally wise approaches to the use of these new technologies. In some instances, social media can create new vulnerabilities for an organisation. However, it is important to remember that social media poses both new opportunities and threats for healthcare organisations, but as such, their use requires some focused attention by both employees and the organisation itself.


Sigrid Panovsky

Arbeiter-Samariter-Bund, Austria


Nouman A. (2020). 7 Ways Social Media Sabotages Your Cybersecurity. Cybersecurity. Available at:

Ritter A., Mueller G. and Wright E. (2019). Analyzing the perceived severity of cybersecurity threats reported on Social Media. arXiv:1902.10680v3  [cs.CL]

Rupinder P. et al. (2017). Crowdsourcing cybersecurity: Cyber attack detection using Social Media. 2 CIKM’17, November 6-10, 2017. Singapore

Ozkaya, E. (2018). Cyber Security Challenges in Social Media. Charles-Sturt-University, Australia


Social Media, data exploitation, cybersecurity