The decision facing healthcare payers is difficult: preserve efficient marketing or safeguard member privacy. Non-compliance concerns are increasing as privacy laws, like as HIPAA, become more stringent.
A recent poll of healthcare payers by Becker’s revealed that 44% of participants were ignorant of the dangers of digital advertising techniques, despite these elevated privacy hazards.
Ignorance of these dangers can be expensive for healthcare payers, as evidenced by recent fines associated with HIPAA. You only need to ask Cerebral, a healthcare organization that is a covered entity just like all other healthcare payers. For sharing PHI with other parties, like as TikTok, Google, Snapchat, and Meta, through trackers on its website and app, Cerebral was recently fined $7 million.
Healthcare Marketing Requires Special Attention: An Understanding of PHI
In order to comprehend why this occurs, it is necessary to first describe Protected Health Information and its function in marketing.
PHI stands for Protected Health Information, and it includes any data that:
- Relates to a person’s physical or mental health, whether it be past, present, or future; the medical care they receive; or the cost of that care; and
- Include social security numbers, names, addresses, and dates of birth, among other personal identifiers that can be used to connect the data to a particular individual.
When it comes to marketing, web trackers that reside on the websites of healthcare payers frequently gather those two pieces of information. Consider Google Ads as an example. You probably have its tracking function set up on your website if you utilize it as an advertising platform. By default, it gathers personal identifiers and health information about your website’s visitors.
How PHI Is At Risk from Ad Trackers
For reporting and optimization purposes, marketers must comprehend the effectiveness of their advertisements. In order to show the advertisement to users who are similar to the marketer and increase the likelihood that they would take more positive actions, ad platforms also need to know which users on the marketer’s website took positive activities. Thus, a good return on investment is achieved by the marketer’s ad.
Tracking tools, often known as cookies, pixels, snippets, or other such terminology, assist ad platforms and marketers in optimizing performance. Usually, the coding of a website has these technologies installed in order to track user activity from ad platforms. In addition to helping ad networks improve targeting, the trackers provide data to marketers for performance optimization.
Although tracking technologies acquire a variety of data, they usually capture personal identifiers such as:
- Where visitors are
- Device Names
- Fill out the form with data.
Based on the pages a visitor is seeing on a website, tracking programs also obtain health information. Using a tracking pixel means that the ad platform is obtaining Protected Health Information (PHI), which is health information combined with one of those personal identifiers. Additionally, it may result in a HIPAA violation.
The Kaiser Foundation Health Plan informed millions of members that their PHI was shared with Google and Microsoft as a result of this exact situation.
How Payers Can Preserve PHI in Advertisements
With the advertising platform of their choice, a lot of healthcare businesses now attempt to obtain a Business Associate Agreement (BAA). However, none of the major ad platforms, such as Google or Meta, will sign BAAs since doing so would imply that they are prepared to limit their data gathering, which would raise a fundamental privacy risk by giving the market the impression that they may be collecting more data than is necessary.
The next common option used by healthcare payers to safeguard PHI in advertising is to discontinue the use of ad trackers. But when ad trackers are removed, vital data that is sent to advertising platforms is disrupted, which leads to:
- Skyrocketing Cost Per Lead (CPL): Platforms find it difficult to optimize campaigns in the absence of precise data, which drives up CPL.
- Inefficient Marketing Spend: Businesses are unable to confirm the accuracy of data, which results in inefficient plans and resource waste.
- Diminished Visibility: Making well-informed decisions is hampered by a lack of insights.
The same thing happened to Allergy Partners, whose CPL went from $12 to $300 in the absence of ad trackers.
It appears like there is no win-win situation: either utilize ad trackers and run the risk of serious HIPAA violations and legal ramifications, or do rid of them completely and see your marketing budget go out of control.
