January 27th, 2023

Data Privacy In Healthcare Campaigns

Data Privacy In Healthcare Campaigns
Amy Hess
Amy Hess
RN & Senior Client Strategist

Maintaining Data Privacy in Healthcare Campaigns is a complicated and nuanced feat. It is helpful to understand how we arrived at this point where, in some cases, technology initially outpaced regulations and where that leaves marketers in guiding healthcare clients.

I have had the unique experience of intimately seeing many sides of data privacy as it relates to healthcare. As a patient, in my previous life as a Registered Nurse and now, as a media professional running healthcare campaigns. But how did we get to this point?

As computers took hold of our daily lives and social media was on its meteoric rise, the Federal Government recognized the need for healthcare to also make the digital leap in the name of improved patient outcomes and increased efficiency. The plan? To shift all paper medical records to electronic medical records.

No easy feat, in 2009, the Federal Government wrote the HITECH (Health Information Technology for Economic and Clinical Health) Act and put $27 billion aside to incentivize medical systems and providers to adopt these electronic health record (EHR) systems and designated billions more to help train health information technology (HIT) workers and get hospitals and providers up to speed on these systems. The goal? To bring all of the paper medical charts from endless rows of floor to ceiling shelves in hospital basements into a shared computer system for providers to improve healthcare and patient outcomes.

EHRs bring exponential benefits such as greatly reducing drug interaction, medication and other errors, lower costs and decreased mortality rates. With a simple release of information, all of a patient’s medical records could be shared with any provider digitally, arming providers with all of the information they need to provide the best care to a patient, even if they are meeting them for the first time.

As a Registered Nurse I was working in hospitals as EHRs were being implemented. Despite my excellent doctor handwriting interpretation (a now obsolete skillset), many times I had to gently remind MDs to put their orders “in the computer” as we all had to work together to get these systems off the ground. There were “super-users” rolling through on “cows” (computer on wheels) at every turn to try and facilitate the adoption of a new way of taking care of patients. We all learned the specific EHR functions for our roles and many of us noted the unfathomable amount of patient data available to us, and wondered how we could put it all to use. The instinct, that we had our fingertips on massive amounts of data and what seemed like endless functionality of EHR systems, was exactly what was happening digitally, everywhere, in every industry.

Technology was outpacing regulation.

Meanwhile, while the medical community was focused on employing advances in technology to improve how they worked, so was every other industry including marketers/advertisers. As the whole world transitioned to an electronic/digital model, and the data available was infinite, marketers entered a wild west of sorts, where automation could track and import data for machine learning and lookalike modeling to reach that ‘right person with the right message at the right time’.

But where was the general public while all of this innovation in technology was happening?

Enchanted by their handheld computer that could do just about everything, (minus the education and transparency of what was happening on the back end of their favorite social media platform or healthcare portal). As we uncover data privacy breaches in real time, such as the June of 2022 class action lawsuit filed against Meta Platforms “for using its Pixel tracking to get patient information from hospital portals for target marketing purposes”, marketers and consumers alike take a pause and at times become fearful of a world where we feel vulnerable in the wake of all of this innovation.

We all fear that which we don’t understand and thus, the answer is here is education.

As marketers, we must continually educate ourselves so that we know what questions to ask of partners, play that vital role in educating our healthcare clients, colleagues and consumers at large (when they casually mention it was ‘creepy’ that they were served an ad for a medication after googling related symptoms).

At True Media, in addition to continued, proactive education:

  • We are vigilant in working with only the most respected HIPAA-compliant partners in the healthcare vertical who follow extensive privacy policies that spell out exactly what information can be collected including non-PII vs PII, exactly how that information is collected and how it is used.
  • Things like contextual targeting, retargeting, and geofencing put clues together to identify a relevant audience. While these methods are data privacy compliant, healthcare clients need to be aware of the user experience that may lead consumers to feel their privacy is being compromised.
  • We are proactive in asking the right questions about ensuring we are working with “Non-PII” data unless explicit consumer consent was given. When first party data is available, we address how files are handled, and educate our healthcare clients and what is and is not possible in healthcare marketing.
  • Being the data nerds that we are, we also feel confident to explain to that consumer why they were served that ad for that medication and help them navigate the many points at which they can opt out of tracking across their devices and the web, should that make them feel more comfortable.

In closing, while centering around the core value that maintaining data privacy in healthcare campaigns is a critical priority, we also recognize the great value for society for the right healthcare message to get to the right person at the right time and the many ways that HIPAA-compliant healthcare data can be a star in the next chapter of healthcare innovation.

Amy Hess
Amy Hess
RN & Senior Client Strategist
Enter Email
Some error occurred.
The email address is not correct.
Email has been sent successfully!


Skip to content