Can smart glasses be used in a clinical setting?
If you are recording, storing, accessing or sending protected health information (PHI) or personally identifiable information (PII), you may use smart glasses or other wearable technology only if it has been determined to be Health Insurance Portability and Accountability Act (HIPAA) compliant by using Pristine EyeSight or a similar encryption product. In certain circumstances, such as for use outside of the clinical or training setting, you must also obtain the patient’s permission to record and use the information.
If you are not using encryption software to assure the data on your device is encrypted both at rest and in transit, then you cannot use the device.
Can I use smart glasses for telehealth or medical education or training within UW Medicine?
Yes, so long as smart glasses or other wearable technology being used is HIPAA compliant. If you are using smart glasses or a similar device in medical education or training outside of the clinical environment, and you are recording, storing, accessing or sending PHI or PII, the device used must be HIPAA compliant. HIPAA compliance requires the use of a product such as Pristine EyeSight to comply with HIPAA and UW Medicine Information Technology Services Security policies. See above answer regarding the use of smart glasses.
Can patients or their family members and friends record me?
Yes, but only if you have given them your permission. You may refuse to be photographed or recorded by patients and their families or guests. Also, the recording must not interfere with patient care and staff can ask that the recording be stopped at any time.
If a patient or patient’s family and/or friends are recording me, or our interaction in a clinical environment, does their recording device need to be HIPAA compliant? What limitations do we have on their recording?
No, it does not because the patient or patient’s family and/or friends are not subject to HIPAA requirements. They are not “covered entities.” See above answer regarding the limitations on recordings by patients and their friends or families.
Can I use wearable technology for research purposes?
Yes, you may use wearable technology for research purposes if you have Institutional Review Board approval and obtain the required consents. Depending on the type of information being recorded and sent, you may also need to meet HIPAA privacy and security requirements, such as encrypting the data.
What can I post to Facebook or other social media?
You cannot post any PHI or PII to social media, whether personal or UW Medicine’s site, without the patient’s authorization. The confidentiality of patient information must be maintained. You must have the patient’s authorization to post information about the patient on a UW Medicine website or Facebook page. Even if you have the patient’s permission, posting patient information to your personal Facebook page or other social media is discouraged. Appropriate professional boundaries should be maintained. If you express any opinions in your posting, you must also state that they are your own. Please see the UW Medicine Social Networking Policy and Guidelines for best practices.