In a bulletin issued in December 2022, the Health and Human Service and the Federal Trade Commission regulations have expanded the identifiers of personally identifiable information (PII) regarding online tracking technologies. With this new bulletin, we must account for 18 identifiers as part of best practices and compliance in our marketing and advertising campaigns.(1) 

Following that bulletin, the Federal Trade Commission began enforcing regulations and issuing fines to healthcare companies and hospital networks. Non-compliance led to severe financial penalties and reputational damage, starting with GoodRX and BetterHelp in Q1 2023.(2)

FTC Fines & HIPAA Violations

Hospitals & HIPAA-Compliant Email - violations

Today, we see daily headlines as the Federal Trade Commission fines healthcare companies, including hospitals, for HIPAA and privacy violations. Unfortunately, many healthcare marketers do not follow HIPAA Privacy and Security Rules. They continue to utilize tracking technologies like Google Analytics and disclose personally identifiable information and protected health information to non-HIPAA-compliant destinations such as Google, Meta (Facebook), and third-party data aggregators. 

While HIPAA Privacy and Security Rules are complex, technologies like Matomo and Freshpaint can prevent transmitting PII and PHI data to ad platforms. In March 2024, the United States Department of Health and Human Services (HHS) stated that Customer Data Platforms like Freshpaint help ensure that your marketing technology stack is HIPAA-compliant.(3) 

Digital Advertising Costs Are Increasing

Hospitals & HIPAA-Compliant Email - ad costs increasing

Unfortunately, customer data platforms like Freshpaint are not inexpensive and require time to implement properly. Furthermore, relying on digital advertising as a primary channel is getting more expensive. Search Engine Land recently reported that advertisers pay more for clicks and leads. They shared that conversion rates have decreased by 11%, from 7.85% in 2022 to 6.96% in 2024. 

In addition, they reported that the cost per lead has increased by 49%. In 2022, the average cost per lead was $44.70; in 2024, it was $66.69.  Although it is understood that increased competition has contributed to the increased costs, Search Engine Land also reported that Google is manipulating the advertising pricing, which in the end is contributing to its record profits. (4)

It’s Time to Embrace HIPAA-Compliant Email & Texting

Thankfully, many hospitals, especially regional and community hospitals, generate traffic from direct and organic search channels. While these hospitals are getting traffic, they must capture it and convert it into revenue.

If your hospital needs help generating leads from its website, it should consider implementing HIPAA-compliant email. HIPAA-compliant email is a low-cost, highly effective strategy to engage a hospital’s local service area across and promote key service lines. 

Today, HIPAA-compliant email platforms allow you to send personalized emails discussing medical conditions. Email allows your hospital to develop an ongoing healthcare relationship with residents in your service area instead of the competitor that buys the billboard across the street. You can start with a general email newsletter.  After sending your newsletters, analyze the aggregate data and develop audience segments based on their interests. Likewise, you can send highly targeted emails to users who sign up for service line emails about cardiology, orthopedics, or maternity. 

Likewise, HIPAA-compliant texting allows your hospital to seamlessly deliver appointment reminders, update patients about test results, and provide relevant promotions to your iPhone or Android. Texting is immediate and generates very high engagement rates.

We’d Love to Help You

For over ten years, Echo-Factory has partnered with hospitals and healthcare companies as their marketing and advertising agency. We understand the industry’s challenges, including HIPAA Privacy and Security Rules. We also know that strategies like HIPAA-compliant email and texting can generate a high return on investment for hospitals and healthcare entities. If you like this post about the need for HIPAA-compliant email, take a moment to read “7 of the best healthcare ads we didn’t make.” As we state in this related post, healthcare marketing isn’t just about making great ads, but a good ad doesn’t hurt.

Let’s chat about your situation and see if HIPAA-compliant email and texting are a good fit for your needs. Complete our contact form today.


Ready to Talk Shop?