Hospitals and the Israeli military are the latest organizations grappling with employees posting sensitive, private information that they learn at work on their Facebook pages. Hospitals, which are required under various federal laws to take precautions to prevent the disclosure of patient information and address breaches of it, are increasingly dealing with staff posting personal comments and photographs of patients being treated at their facilities. Recently, a Detroit hospital worker was fired after posting a comment about a man she treated who was accused of killing a police officer. Her Facebook post said that she had come face to face with a cop killer and hoped “he rotted in hell.” The Israeli military apparently had to contend with protests after an Israeli soldier posted photographs of herself in front of handcuffed, blindfolded Palestinian prisoners on her Facebook page with the heading “Army—The Best time of My Life”.

Such incidents highlight the freewheeling attitude of many users of Facebook and other social networking sites today and illustrate how even those with responsible jobs seem to develop amnesia regarding company policies when they use such media. The business and legal consequences that can ensue from such employee posts serve as a reminder of the importance of creating and enforcing policies regarding employee use of social networking sites.

Such policies and practices should take into account the marketing benefits that can come to the organization from its own use of social media but also put in place reasonable restrictions to minimize the risks from employee misuse of it. As to the latter issue, such policies should prevent the disclosure of confidential information and trade secrets, prevent legal claims against the employee and employer, reinforce the organization’s other policies and codes of conduct, control productivity, and protect the image of organization.