Healthcare organizations can now prevent protected health information collected through their marketing channels from reaching destinations where organizations do not have a business associate agreement, according to WebMD Ignite and Freshpaint.
WHY IT MATTERS
For healthcare organizations, the use of cookies, tracking technologies, digital advertising, and analytics tools that other industries use to drive growth poses serious privacy risks and technical challenges.
To better navigate regulatory guidelines for tracking technologies and ensure that the PHI of patients and potential patients remains secure, WebMD Ignite said Tuesday that it can help healthcare organizations ensure they are not sharing protected data with non-HIPAA tools. are compatible.
The partnership with the Freshpaint privacy platform is intended to balance healthcare efforts with consumer privacy requirements, said Ann Bilyew, senior vice president and health and group general manager of WebMD’s growth partner for healthcare professionals, healthcare providers, payers and other healthcare organizations.
“Getting the right information to the right people is critical in a healthcare setting,” she said.
“This requires insight into the unique circumstances and needs of a consumer. At the same time, protecting privacy and security are also of utmost importance. In light of ever-evolving regulations, it can be extremely difficult to do both.”
WebMD Ignite has partnered with a healthcare privacy platform and says it:
- Remove non-compliant tracking technologies.
- De-identify and mask individual visitors.
- Manage data flow across the entire marketing technology stack.
After a number of acquisitions including Krames, Mercury Healthcare and The Wellness Network, WebMD Ignite launched in April. The company said its platforms and services for marketing, clinical efficiency, analytics, identity management and content can inform and personalize the patient journey.
THE BIG TREND
In December, following a number of class action lawsuits alleging that healthcare organizations shared patient data with Meta, Google and others, the U.S. Health and Human Services Office for Civil Rights issued a bulletin clarifying that a notice of pixel use does not include the disclosure of PHI not allowed. a number of measures that HIPAA covered entities must adhere to.
Then, in July, OCR and the Federal Trade Commission sent a letter to 130 healthcare organizations warning them of the privacy and security risks to consumers associated with the use of online tracking technologies that may be present on their websites and mobile applications and of the ‘ impermissible disclosure of consumers’. sensitive personal health information to third parties.”
“When consumers visit a hospital website or seek telehealth services, they do not have to worry about their most personal and sensitive health information being exposed to advertisers and other unnamed, hidden third parties,” said Samuel Levine, president of the FTC’s Bureau of Health. Consumer Protection, in a statement about the agency’s communications.
However, the American Hospital Association said in a September 28 letter responding to a request for insight into potential changes that might be needed for HIPAA by the Senate Committee on Health, Education, Labor and Pensions that OCR’s new online tracking rules conflict with existing HIPAA rules and could hinder interoperability.
AHA noted that healthcare organizations can no longer rely on third-party technologies such as Google Analytics, YouTube and other video applications, and this could result in significant harm to patients and public health.
For example, without analytics, organizations cannot assess which parts of a website patients experience when navigating or what the community is concerned about. They cannot use location services to help patients get to appointments, AHA said.
“Hospitals and healthcare systems cannot risk the serious consequences resulting from OCR’s unlawful rule, including HIPAA enforcement actions, class action lawsuits, or the loss of significant investments in existing websites,” AHA said in its request for OCR’s rules online tracking tool to expire. .
ON THE RECORD
“The partnership will provide healthcare organizations of all sizes with a privacy-first approach to using the tools and services they need to do high-quality marketing, while helping them maintain HIPAA compliance,” said Steven Fitzsimmons, co -founder of Freshpaint, in a statement. “Freshpaint offers the right healthcare privacy platform to integrate into our product ecosystem, as well as to healthcare organizations looking to expand their own product stack,” Bilyew added.
Andrea Fox is editor-in-chief of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.