I assume the connector is the doctor - why doesn't she have a work phone with the patient's numbers that she doesn't use Facebook on? Then the chance of patients being connected to one another is dramatically lower.
But will that actually help? I could easily imagine Facebook matching people who have shared contact numbers, even if the contact number shared is not associated with an account. Possibly they don't do that to try to avoid this situation.
I think this issue requires action from Facebook. The minimum they should do is allow numbers to be registered to be not used for making connections. Much better would be for them to be more explicit about what information they are collecting (with sufficient guidance that the user understands that medical privacy can be affected) and allow users to not send them that information in the first place. I can't imagine them doing that voluntarily, though.
If she is allowing Facebook to view patient's phone numbers in her own phone, this may be a punishable HIPAA violation, and is obviously completely inappropriate.
What's also just as likely is that patients are allowing Facebook to view the contents of their own phonebooks (which they are certainly free to do, unless of course, they're medical professionals with patient information as well...). Facebook sees that these dozen people have the same contact number, and recommends that they all friend each other.
reply