In the healthcare marketing industry, we hear a lot about how technology is the future of healthcare. In this blog, we’ve discussed how recent trends are pointing to our mobile devices becoming an increasingly important part of how we share our health information and communicate with medical professionals.
While this technological shift is important and exciting, we cannot forget the crucial role that legislation plays in how our personal health information (or “PHI”) is protected.
One of the most prominent pieces of legislation currently in place is HIPAA – or the Health Insurance Portability Accountability Act. Along with allowing patients to carry coverage from one job to another, it also healthcare providers from sharing personal health information with external sources (like healthcare marketers) without the consent of patients. 
Understanding HIPAA compliance, and how it can affect your efforts to market to prospective patients is crucially important – and today we’re going to share 5 things you need to know before you start your next campaign:
1. Understand What Information is Considered “Personal”
Before getting started, your marketing team to know what information falls under the “PHI” umbrella. The short answer? Just about everything. Names, contact information, health-related information, IP addresses, vehicle identifiers, birth dates, geographic indicators, and photographs are all off limits when it comes to any marketing.
Simply put – this information needs to remain private.
2. Make HIPAA Part of Your Company Culture
With the amount of information being shared digitally (social media is a particular liability), it is no longer enough to have one dedicated “compliance officer” who oversees that your business processes are adhering to HIPAA policies. It truly needs to be built into the fabric of your office culture through clear and effective training and a strong understanding of what is and isn’t acceptable.
Here at Prizm Media Inc., we pride ourselves on being able to adapt and adjust to changes in legislation like HIPAA quickly, so that our customers never have to worry about HIPPA infringements. We’re able to do this because we have focused on creating a corporate culture where compliance is widely understood as a key to our success.
3. Implement Policies Around Security and Device Use
When dealing with Personal Health Information, you need to have an IT infrastructure in place that can protect that data in both storage and communication. This means having the servers and encryption capabilities to transmit this data internally while also mitigating outside threats. In an increasingly remote/mobile workplace, it’s also important to understand how your employees are connecting to your work infrastructure.
Do employees have their emails sent to personal devices, are they accessing your information remotely from home or outside location? These seemingly harmless types of work processes can be a HIPAA disaster when it comes to how information is being accessed.
4. Understand the Consequences
It sounds ominous, sure, but HIPAA infractions are no joke. Penalties for HIPAA violations from fines of $50,000 to time spent behind bars. These are penalties that have and will be enforced – so please, please do your part in making sure your healthcare business and your marketing efforts are HIPAA compliant.
5. Stay Informed and Ask For Help
Legislation – HIPAA included – is constantly changing as the healthcare sector evolves. This will only become
It’s often worthwhile to consult with a marketing firm that specializes in healthcare marketing and knows the ins and outs of delivering a strong marketing message to prospective customers and current patients without risking any HIPAA infractions. If you are feeling unsure about any of the stipulations surrounding HIPAA, reach out to a professional and get a second opinion – it will be worth it in the long run.