HIPAA guidance has changed.

Have You Updated Your Website to be Compliant?

Join this free masterclass to learn what you need to do.

What are the current HIPAA requirements for websites and digital marketing?

How do I determine if our digital marketing has HIPAA compliance issues?

What can I do to be sure our website and marketing tools are HIPAA-compliant?

Can I keep using our existing tools in a HIPAA-compliant way?

Get the answers and get a free digital marketing HIPAA compliance workbook.

Sign up for instant access

What Do Recent HIPAA Changes Mean for Your Medical Practice Website and Digital Marketing?

If you haven’t made changes in the past year to how you collect information from website visitors AND about website visitors, your medical practice or hospital is most likely not HIPAA compliant.

You may not even realize you’re collecting some of these new PHI data points behind the scenes!

Rather than just shutting down all of the sophisticated digital marketing tools you’re using to grow the business, let’s take a look at what you can do to get in compliance as quickly as possible.

What Do You Need to Do to Make Your Website HIPAA Compliant?

1. Collect Information About All Visitors Using HIPAA-Compliant Services

Any personally identifying information about any visitor to a medical practice website must be collected through a HIPAA-compliant service. This applies to every visitor whether they are a patient or could become a patient in the future. Examples include:

  • New patient inquiry forms
  • Blog sign up
  • Newsletter sign up

2. Evaluate EVERY Service Related to Your Website and Digital Marketing Activities

This process requires you to see what data is submitted to third party services that a visitor didn’t submit through a web form. This includes data points such as IP address, which also indicates their city, and device ID. You wouldn’t know it was being stored unless you really look. 

Here are just few of the things you need to review:

  • The content management system (CMS) such as WordPress and any plugins added by the web developer to make the website function
  • Google Analytics
  • Google Ads
  • Facebook/Meta ads
  • Video players
  • Hosting services

And there are dozens more services depending on the complexity of your website.


3. Make Changes to the Services That are Collecting PHI

If you are using services that collect any PHI, such as Google Analytics, it’s time to make changes.

Pro Tip: You don’t have to get rid of Google Analytics and most Google and Meta Ads.

Are you unsure how to go through the process of evaluating and changing your digital marketing services?

You’re not alone.

As a marketer, practice manager, compliance officer, or a physician you must ensure this is addressed.  

You can leverage what we've learned to fast-track your digital marketing compliance with our free online class. 

Take Our FREE Masterclass

How to Keep Using Google Analytics (and other Digital Marketing Tools) in a HIPAA Compliant Way

Participants in our FREE masterclass will receive:

1. A more detailed explanation of how HIPAA has changed and what that means for your digital marketing and website.

2. An explanation of how to identify and audit the services you are using to see if they collect or store PHI. 

3. A better understanding of how you can make changes to your current services to make them HIPAA compliant.

PLUS: A free planning workbook to audit and evaluate all of your digital services and how they handle PHI.

Watch Our On-Demand Masterclass Now.

You can’t afford to miss it.

Sign up for instant access