Violating the HIPAA Act by accidentally revealing protected health information (PHI) is one of the most common reasons for healthcare professionals to avoid engaging in digital marketing activities.
This includes responding to online reviews and other feedback. And because 89% of 35-54-year-olds trust reviews as much as personal recommendations, these reviews are a marketing channel you don’t want to neglect.
This blog includes a list of protected health information to help protect your digital marketing content and guidelines about how you can engage with patients while still protecting their privacy and your practice.
What Is Protected Health Information?
Simply put, protected health information (PHI) is anything that could reveal the identity of your patient. There is the obvious data, like a name, that could reveal your patient’s identity. But there are also less obvious details that could reveal your patient’s identity, like their city of residence or even the car they drive.
Here is a quick list of PHI you must always avoid including in any digital marketing materials:
- Name or nickname.
- Address or geographical location.
- Any dates related to an individual or treatment (birthdate, date of appointment, date of treatment).
- Any contact information or identifying numbers (phone number, social security number, account number, medical record number).
- Vehicle information (license plate, make, model, color).
- Fingerprints or voiceprints (including any recorded voice).
- Photos (from a headshot to a hand or leg).
- Anything that could identify a patient (occupation, marital status, income, race).
Also, be sure to be mindful of your background when posting videos or photos of your practice. You may inadvertently reveal private information in the background, like a patient’s phone number on a sticky note.
This is a great way to connect with patients on a new level and build a large network of potential referrals and recommendations. When people search for a new practice, they often ask for recommendations on social media or use it to search for local businesses.
Maintain HIPAA regulations on social media follows the same guidelines above. Never post any details that could potentially reveal the identity of a patient. Using any form of photography or video requires written consent and should be reviewed by an attorney to make sure they follow HIPAA laws.
Be sure to keep personal and professional lives separate. Never add a patient as a “friend” on your social media account. You should also never tag a patient’s profile or post directly onto their profile page.
All communications must take place over a secure channel, so this means you must not message a patient over a social network. For example: Facebook Messenger. These are violations of HIPAA laws.
When responding to online reviews, never reveal any identifying information. This includes a name, services provided, or other PHI. But HIPAA doesn’t mean you can’t engage with patients, it just means that you have to do so in a way that protects the privacy of patients.
Keep responses short — the longer your response, the more likely you are to accidentally include PHI. You can even provide templated responses for staff to use in multiple situations so that they can respond in a way that stays in line with HIPAA regulations.
Educate Your Staff
Educate staff on HIPAA laws. It is likely that they will spend more time managing your online presence than you, and they will need to be up to speed on how to interact within HIPAA regulations.
Be sure they know how to spot a HIPAA violation before it happens. You might also consider creating a social media and digital marketing guide with HIPAA laws in mind. This creates a reference for your staff that keeps everyone protected.
By following these guidelines, you can build and engage with patients and effectively build your practice while maintaining HIPAA regulations.
Of course, make sure to consult your attorney to create a set of guidelines and consent forms for your practice to make sure you are in line with HIPAA law. This article is not a substitute for legal counsel.
- Protected health information (PHI) includes any details that could potentially identify a patient.
- Avoid revealing PHI in social media posts, get written consent before using photographs, and don’t interact with patient’s profiles directly.
- Responding to online reviews increases your credibility and reputation with patients, simply be mindful of HIPAA regulations.
- Educate staff about how to interact online while maintaining HIPAA regulations, create a guide.
To learn more about building an online presence and digital marketing for your practice, contact Officite today. See why over 8,000 practices and 20 healthcare associations have trusted us with their online presence.
See our other articles about digital marketing and HIPAA here:
- Healthcare Practices: Get Improved Results from Online Marketing in 2020 ( December 31, 2019 )
- The Healthcare Marketing Playbook ( September 15, 2019 )
- 8 Ways To Completely Revamp Your Online Reviews ( August 15, 2019 )
- 13 Blogging Ideas You Need to Know ( March 31, 2019 )
- Here’s What a Thriving Practice Looks Like ( March 11, 2019 )
- The 3-Minute Guide to Creating a Modern Website ( February 8, 2019 )
- 3 Things No Practice Website Can Do Without ( May 15, 2018 )
- 4 Signs Your Website Has Met Its Expiration Date ( March 1, 2018 )
- Your 2018: Cybersecurity Guide ( January 12, 2018 )
- The Social Media Overshare: What Not to Say on Social Media ( April 15, 2017 )
- A Look at the Way HIPAA Impacts Digital Marketing
- Healthcare Practices: Get Improved Results from Online Marketing in 2020
- Digital Marketing Resources to Help Your Practice Grow
- How to Take SEO Even Further
- The Healthcare Marketing Playbook
- 8 Ways To Completely Revamp Your Online Reviews
- Increase Engagement, Rankings, and Outcomes with Patient Education
- How Directory Listings Affect Your Online Presence
- 6 Important Questions Your Healthcare Website Must Answer in 15 Seconds or Less
- Online Marketing Myths: “If You Build It, They Will Come.”
- January 2020 (1)
- December 2019 (1)
- November 2019 (1)
- October 2019 (1)
- September 2019 (1)
- August 2019 (1)
- July 2019 (1)
- June 2019 (1)
- May 2019 (2)
- April 2019 (1)
- March 2019 (2)
- February 2019 (1)
- January 2019 (1)
- December 2018 (1)
- October 2018 (1)
- September 2018 (1)
- August 2018 (2)
- July 2018 (1)
- June 2018 (2)
- May 2018 (2)