Did you know HIPAA created limitations around using PHI for marketing purposes?
Under the Privacy Rule, marketing is making communication about a product or service that encourages recipients of the communication to purchase or use the product or service. Therefore, your practice must obtain an individual’s prior authorization.
Examples of marketing communications are:
The Privacy Rule has an exception to the marketing definition, which includes:
Here are some specific areas that require HIPAA compliance when marketing is involved, such as:
This tip is an overview and there is much more to consider regarding marketing. Therefore, if you are unsure of how to market safely, always lean on your compliance team or representative to help you protect your practice during marketing campaigns.
Lastly, don’t forget to train and create policies/procedures around this topic to share with your patients, staff, and business associates.
**The opinions and observations from the group/author are not a promise to exempt your practice from fines and penalties. Research, modify, and tailor the advice to fit your specialty.