Skip to main content


Hip On HIPAA: The Secret Sauce to Successful Marketing Campaigns

Hip On HIPAA The Secret Sauce to Successful Marketing Campaign

Over the years, I’ve sat through (or participated in) countless digital platform/CRM presentations. I’m hard-pressed to think of one presentation that didn’t include the phrase “the right message, to the right person, at the right time.” We can all agree that the most impactful messages need to come at the right time. The challenge is really understanding when the right time is.

In healthcare, I believe the right time is the moment something changes in one’s life regarding their health. The secret to understanding timing and creating truly impactful communications hinges on a deeper understanding of HIPAA’s definition of marketing.

It’s not just knowing what you aren’t allowed to do, but more importantly what is allowed.

My hope is that we can eventually agree on three points around marketing and HIPAA-compliance:

  1. Your marketing calendar is not the best data source to tell us the right time to communicate to individual consumers about their health.
  2. The patient EMR can be one of those sources of truth… if you know how to use it.
  3. Understanding how the Healthcare Insurance Portability and Accountability Act (HIPAA) allows you to use this data as the triggering mechanism is the secret sauce to successful campaigns (and better content).

It’s Not About You

My previous blogs looked at the importance of understanding how legacy healthcare CRMs differ from the enterprise platforms that drive so much of the business world. These days, I spend quite a bit of time strategizing with marketing leaders to leverage these platforms for marketing automation.

In a consumer-driven, data-rich healthcare market, it’s kind of mind-blowing that we think the best time to initiate a conversation with someone about their heart-health is February. We instinctively know that the right time for the overwhelmed consumer is when they need to hear your message.

While you can find valuable prospects by targeting online activities, if your patients are already searching on the internet, you no longer control the narrative. By mining the EMR and leveraging predictive models we can see when something has changed… and initiate the conversation first.

Furthermore, by listening carefully to that same data, we can gain insight into where they are in their healthcare journey, and tailor the right message at the right time.

HIPAA was created nearly 25 years ago. Most of us have had to go through HIPAA training, and we understand about data-security and protected information. We know not to email patient data with Gmail or download it onto our own laptop. We’ve even seen the video telling us not to write out passwords on a sticky note on our desk or accept a thumb drive from a trench-coated stranger in the parking lot. It’s easier to know what not to do.

But for all the training we undergo, there is still confusion around one aspect of HIPAA: marketing. Specifically, what is considered marketing and what is not.

Many healthcare marketers aren’t quite sure how (or even if) we can use patient data to trigger communications. To be safe, we limit ourselves to triggering communications based on online activities, milestone birthdays, and (of course) marketing calendars. While HIPAA says we cannot use patient data for marketing, you may be surprised to learn that, based on HIPAA’s own definitions, some of what the marketing department does is not even considered marketing.

That understanding is where the opportunities reside.

Successfully Navigating HIPAA-Compliant Marketing Requires Art + Science

HIPAA may seem like a minefield of regulations, best avoided altogether. But to those who know, it also carves out a clear path for meaningful patient communications.

Data science can tell us something has changed in a patient’s life. Leveraging that data to understand when to launch a patient journey so you get the best response rate is more of an art. Technology can provide insight into where the consumer is in their personal healthcare journey. Crafting meaningful (and HIPAA-compliant) content that moves them along a path to wellness falls more into art.

As the market continues to spit out companies and platforms that find and communicate with consumers wherever they are, let’s remember the importance of being meaningful. Remember that the right message delivered at the wrong time often doesn’t work.

Hold your teams and partners to a higher understanding of HIPAA by not only thinking about what we can’t do, but also understand what we can do.

Have questions? We can help. Reach out, and let’s talk.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Chris Restle, Senior Solutions Architect

Chris Restle has been one of the early pioneers in Healthcare CRM, working for the past 15 years as Principal CRM Strategy, Director of Strategic Innovation, and most recently was the Vice President Emerging Markets for Healthgrades. In his career, he has run client services, analytics, and data intake teams. He brings Perficient clients an exhaustive knowledge of the healthcare CRM market, campaign strategy, event-trigger design, and predictive modeling for planning and targeting.

More from this Author

Follow Us