Healthcare marketers face a series of regulatory hurdles in their line of work, but few are as cumbersome and consequential as the Health Insurance Portability and Accountability Act of 1996 (HIPAA)

The federal law that protects sensitive patient health information (PHI) has evolved since it was signed into law, adapting to an increasingly digital world. Maintaining compliance with HIPAA falls into the larger shift among healthcare marketers to embrace data-driven strategies that promote quality advertising efforts and more accurately target consumers. 

To that point, Rich Briddock, VP of paid media and analytics at Cardinal Digital Marketing, pointed to two main challenges for marketing firms: Making sure that tools are HIPAA-compliant and navigating the additional restrictions on advertising platforms like Google, which has its own set of guidelines that are more stringent in some cases.

Briddock stressed the importance of determining who “owns” the issue of ensuring that healthcare advertising is HIPAA-compliant.

“From our point of view, we’re not HIPAA compliance experts. We certainly don’t want to be inserting ourselves into the legalities of whether or not something is compliant,” Briddock explained. “We’re using common sense and trying our best to adhere, but we don’t want to be the arbiters of compliance. That’s a role for a specialist.”

In advising small and medium-sized marketing firms, Briddock said there are simple, cost-effective data-sharing strategies available, such as using a Google Workspace account protected by a business associate agreement.

Because HIPAA limits what agencies can say about a healthcare service – including how they use data to target a consumer– Briddock believes that companies have to be inventive in terms of how they position their brands and conduct product messaging. 

And that’s before one takes into account the constant evolution of the digital space. Briddock said he expects HIPAA to change as marketers collect more PHI and other data for business operations. 

“Given that consumers are a lot more aware that companies are using their personal information and you put that together with data sharing and storage, I suspect that we are going to see more restrictive compliance as we go on,” Briddock said.

Piwik Pro chief revenue officer Mateusz Krempa echoed the sentiment that collecting and processing PHI demands careful attention from marketers.

Krempa said that they should consider establishing a foundation that can handle the more advanced data analytics needs and requirements for an organization in order to remain HIPAA compliant. More regulations means more money, of course, which can intimidate some companies that see HIPAA as an unscalable monolith.

But Krempa added that while personalization can be tricky – it’s healthcare data, after all – organizations must set aside adequate funding to get the job done.

“I would look at this not as something that is resource-consuming, but rather as an investment that may not drive revenue in terms of financial benefits, but will bring the loyalty and satisfaction of our customers,” he explained. 

Data will continue to be an engine for change and innovation in healthcare, Krempa said, but only the companies prepared to comply with regulations like HIPAA stand to benefit going forward.

“The organizations that make the effort to comply by investing their time will get nice rewards in terms of a loyal and satisfied customer base, as well as a strong market position,” he continued. 

Healthcare marketing is undergoing a shift similar to what the software industry experienced about a decade ago, according to Definitive Healthcare CMO Justin Steinman

Marketing operations are now being integrated with sales operations to create “revenue operations.” The result has been an uptick in targeted marketing, which provides organizations with better data-driven insights to inform the decision-making process, Steinman said.

Figuring out what data is worth tracking – and how it contributes to the overall success of a business – remains an essential task for most marketers, Steinman added.

The healthcare industry is “awash” in data, he noted, which means executives need to ask themselves a simple question: What are you trying to market?

“If you’re a drug manufacturer, are you trying to find the physicians who are likely to prescribe your product? Are you trying to find the patients who could potentially need your drug? Do you want to be able to link them back to physicians who can prescribe it? Those are some of the key questions to think about,” Steinman said.