Why We Became a HIPAA-Compliant Digital Marketing Agency
From Kris Nordholz, Chief Executive Officer
When we founded Full Media 12 years ago, we did so with a mission to have a positive impact on the world around us. In the earliest stages of our business planning, we considered a lot of different options, from opening a restaurant to launching a janitorial company, but what we always knew was that our business would be focused on having a positive impact.
We announced last August that we were making an organizational shift to niche in healthcare, as we had seen some of our greatest successes over the years with our longtime partners in the healthcare industry. Even before the COVID-19 pandemic became a complicated reality for healthcare professionals, our marketing team worked tirelessly to break down barriers to care and streamline the patient experience.
We know that digital marketing in the healthcare space is ultimately about helping patients from all walks of life access much-needed care. That’s serious work — and it’s why we knew that becoming a HIPAA-compliant agency was a must.
What Sets a HIPAA-Compliant Agency Apart
HIPAA (Health Insurance Portability and Accountability Act) compliance is a robust and complicated topic with rules for patient interactions, documentation, data storage, and more.
For a marketing agency, HIPAA compliance requires continuous training and education, and it’s not easy to obtain. But in order to deliver the return on investment we believe our healthcare clients deserve, we decided to pursue agency-wide HIPAA compliance.
In many marketing companies, team members are simply firewalled from engaging with patient data. (And to be clear, protected health information, or PHI, includes everything from the obvious — social security numbers and medical diagnoses — all the way to the seemingly mundane — things like appointment times and inquiries about specific services.)
Achieving HIPAA compliance enables us to take our relationships with our healthcare clients a step further, and ensures we can measure our successes and maintain a nimble approach to marketing. Having the ability to engage with pertinent data allows us to adapt campaigns based on the results we can see in real-time. Ultimately, we want to be innovative and strategic in continuing to help our clients identify the ROI on their marketing spend and how much their marketing is contributing to their bottom line.
Becoming HIPAA compliant reduces barriers that would prevent us from identifying which online marketing tactics and actions actually led to revenue for our clients.
A Better Partner
In addition to gaining the ability to measure ROI more meaningfully, we wanted to be a better partner and offer enhanced support to our customers. We know that healthcare marketers are often bogged down and stretched thin in the best of times, and they’ve been especially stressed during the COVID-19 pandemic. Their task lists are a mile long, and their budgets often don’t support their KPIs.
We felt that in order to be a true partner to existing and prospective healthcare clients, we needed to share the burden of staying up-to-date on HIPAA-compliant marketing (and in fact, this status enables us to sign business associate agreements, which are formal contracts that mean we legally share HIPAA compliance liability with our healthcare clients and must meet the same stringent regulatory compliance requirements as they do).
Instead of looking to our customers for HIPAA-related answers, we’re now able to advise and consult. We can help solve marketing challenges and make recommendations for compliant tools. We can get in the trenches with our clients and shoulder some of the weight of their monumental responsibilities.
How We Achieved (and Will Maintain) Compliance
Now that you know the “why” behind our mission to achieve HIPAA compliance, we wanted to explain the “how.” Prior to this endeavor, our marketers were carefully trained to understand the ins and outs of proper PHI management. Now, however, our entire agency has been trained. And as we maintain this status, that will mean that any new team member will also complete HIPAA compliance training.
We also underwent an audit performed by a consultant specializing in HIPAA to identify areas of strength and areas of opportunity. We upgraded IT systems and solutions and educated ourselves about the latest and greatest HIPAA-compliant marketing tools. To continue this commitment, we’ll undergo this audit process annually and offer ongoing HIPAA-focused educational opportunities to our entire team.
We’re proud to have taken the solid foundation of knowledge we had built over the past 12 years to the next level with HIPAA compliance, and I look forward to seeing the amazing results I know our team will deliver. To our current and future customers, we look forward to serving you with this added level of confidence and commitment.