With limited time, a limited budget, and all the HIPAA-related privacy concerns you have to navigate as a healthcare provider, is email marketing even worth your time?

Probably, but it depends.

The #1 Key to Healthcare Email Marketing

Knowing whether or not you can legally send emails on behalf of your practice comes down to one thing: permission.

Any industry must obtain permission from contacts before emailing them, but — given the strictness of HIPAA laws and the sensitivity of patient information in general — the healthcare industry must be especially careful.

Healthcare Email Marketing and HIPAA

Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), any “covered entity” (including health insurance companies, health plans, doctors, clinics, hospitals, psychologists, nursing homes, pharmacies, dentists, and chiropractors) — plus any of their “business associates” — must comply with certain regulations to protect patient privacy.

You already knew that, but how does HIPAA apply to email marketing?

Basically, remember the HIPAA basics, and use your common sense. If sending an email seems questionable, err on the side of safety, and don’t send it.

But don’t let HIPAA scare you away from email completely. You can send HIPAA-compliant emails, as long as you:

• Use an encrypted, HIPAA-compliant email service provider (ESP),
• Don’t include any personal health information (PHI) in your emails, and
• Have obtained express permission from your contacts.

How to Run an Email Strategy that is HIPAA Compliant

Obtaining Permission to Email Patients

In email marketing, there are essentially two types of permission: implied and express.

In healthcare email marketing, there’s really only one.

While you may be able to get away with sending transactional emails to existing patients on the basis of implied permission alone, what we’re talking about here are marketing emails — like newsletters, event announcements, or any other promotional material. For those types of emails, you must ensure that contacts explicitly opt in, usually by checking a box on a contact form or by submitting their email address on your website.

---

If you have a sign-up form on your site — which is a great way to grow your healthcare email list — consider adding form fields to gather more valuable information about new subscribers (and work around those tricky HIPAA restraints).

For example, you could offer contacts a list of various newsletters to receive, like this:

Image credit: MailerLite

This way, you know without a doubt that you’re able to email Cindy about your clinic’s weight-loss solutions, without worrying she’ll get offended (or worse).

Another bonus of going this route? When contacts explicitly opt in to your newsletters like this, traditional HIPAA rules no longer apply, so you’re free to email these contacts as any other industry would!

---

One way to be extra-certain you’ve got patients’ permission to email them is by enabling double opt-in. This practice is called a “double” opt-in because, along with submitting a form (a single opt-in), new subscribers also need to take a second step: clicking a confirmation email.

Along with covering your butt, double opt-in can help ensure your contacts truly want to hear from you, so it’s a very safe (though not required) practice.

We mentioned earlier that you must use an encrypted ESP in order to legally send healthcare emails. Technically, patients can opt to receive unencrypted emails, but it’s a good idea to make sure they understand the risks involved. Consider having patients sign a consent form, like this:

Image credit: MailerLite

Bottom line: If you don’t have express permission to email someone, don’t. Period.

But if you do have express permission, use it! Email marketing is an incredibly powerful tool for healthcare providers. In fact, healthcare emails have one of the highest open rates of any industry. This means your patients often want to be contacted by your practice.

By emailing your current and prospective patients, you build your relationship with them, establish trust, and keep your practice top of mind.

So, yes, email marketing is worth your time!

EMAIL MARKETING

Dos and Don’ts of Healthcare Email Marketing

Let’s review the basics of healthcare email marketing, shall we?

Do:

• Obtain written authorization to send marketing emails.
• Use a HIPAA-compliant ESP.
• Be crystal-clear about what contacts can expect from your emails.
• Consider double opt-in for extra precaution.
• Encourage subscribers to opt in to topic-specific emails.

Don’t:

• Put any PHI in a general marketing email.
• Use a free, unencrypted ESP (like Gmail, Outlook, or Yahoo).
• Make it difficult for contacts to unsubscribe from your emails.
• Allow a contact’s email address to be visible to other recipients.
• Breach patient confidentiality (or HIPAA) in any way.

Learn More About Healthcare Email Marketing

Now that you know what is (and isn’t) possible with healthcare email marketing, it’s time to put these tips to practice.

If you still aren’t completely comfortable with tackling email marketing yourself, ask a professional for help. Our team is well versed in the healthcare marketing industry, and we’re happy to answer your questions or offer you a free email marketing assessment for your practice.

grow your practice with 9 clouds »