Does Your Marketing Meet HIPAA Requirements?

Despite our best efforts, it is sometimes hard to keep all HIPAA requirements in mind at all times. One that seems to slip through the cracks is HIPAA provisions on marketing. In fact, these are not specifically outlined in HIPAA, but rather an extension of the Privacy Rule and permitted, required, and authorized disclosures.  When putting together marketing materials, keep in mind the following,

  • Are you using a patient’s full face picture or other picture that could identify the person in your marketing materials?  This includes pamphlets, business cards, websites, and even pictures in your office. If you are, then you should ensure that you have a specific authorization from the individual to use their picture for your marketing purposes. If you want to work around this requirement, simply use stock photos in your advertisements.

  • Are you using a patient’s testimonial, with their name attached, for marketing purposes? If you are, you also need to have a specific authorization from the patient to use their name associated with testimonial. If you want to work around this requirement, just take names off testimonials and ensure nothing quoted is identifiable.

  • There is some debate about whether simply having pictures of patients up around your office, as is typical in pediatrics practices, requires an authorization. Best practice is to have a patient execute an authorization before putting any picture of them in your office.

Keep in mind, HIPAA does not preclude you from using pictures or testimonials in your marketing materials. However, HIPAA does require that a patient authorize the use of their picture, name, or anything identifiable, in marketing. Assuming patient’s execute, simply having an authorization included with all other new patient documentation should pave the way for you using pictures and names in marketing materials.

Download our free ebook "Top Excuses for Ignoring Cybersecurity"

Screen Shot 2018-01-24 at 1.53.11 PM.png

In this ebook:

  • A look at the increasing risk that healthcare organizations face
  • Statistics that show IT and cyber need more resources and emphasis
  • Easy, actionable tips on improving your security now. 
  • Top cybersecurity trends of recent years