Traffic Risks: Next Steps for Tracking Pixels and HIPAA Compliance

October 31, 2023

Digital marketing got a lot riskier when HHS rolled out its “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” bulletin last December. What steps should you take to manage the risks?

// By Elaine Christie //

Christie-ElaineChange often feels like the only constant in the world of healthcare marketing. And oh, what a year of change! At the end of 2022, the Department of Health and Human Services (HHS) released new guidance about HIPAA, online tracking, and consumer privacy. Less than eight months later, HHS and the Federal Trade Commission (FTC) published a joint letter that included FTC actions against sites like Easy Healthcare, BetterHelp, GoodRx, and Flo Health. The letter indicates that HHS and the FTC are in lockstep in their views on how the guidance should apply to protect PHI.

Some might say that HHS and FTC have valid reasons for pushing healthcare organizations to take actions to protect the privacy and security of individuals’ health information. Earlier this year, we reported on the websites at 100 prominent hospitals that had user tracking technology from Meta (the parent company of Facebook). The tracking technologies allegedly captured data about pages visited, searches conducted, and appointment scheduling. Meta’s advertising algorithms were synced to consumers’ searches for specific health conditions or highly private concerns.

How Hospitals Are Responding to New Ad-Tracking Rules


Ben Dillon, CEO and co-founder, Geonetric

Ben Dillon has spent the better part of the past eight months interviewing the compliance and legal teams at dozens of healthcare organizations. Dillon, co-owner and chief executive officer of Geonetric and a member of the eHST Editorial Advisory Board, set out to find out what these organizations are doing to ensure compliance. He identified a wide range of interpretations of the new ad-tracking rules.

Dillon untangled some of the mysteries that are puzzling today’s healthcare marketers in a recent eHST webinar, “HIPAA-Pocalypse Now: Understanding the New HHS Guidance, the Implications for Healthcare Digital Marketers, and How to Respond.”

Read on to learn how to assess your current situation, protect your patients’ privacy, and help your organization steer clear of HIPAA violations.

This content is only available to members.

Please log in.

Not a member yet?

Start a free 7-day trial membership to get instant access.

Log in below to access this content: