Meta pixels are doing what with PHI?
You’ve probably been hearing the term “Meta Pixels” over and over lately. You may be sick of hearing it on the news or listening to the legal department talk about why they should be removed from your website ASAP. But if you’ve missed the scuttlebutt, here’s the low down.
Privacy: It's more than the principle of the thing.
The Health Insurance Portability and Accountability Act (HIPAA) includes provisions that mandate the adoption of Federal privacy protections for health information in both hard copy and digital formats. And while HIPAA — as well as other privacy acts — are great motivators for healthcare marketers to put patient privacy atop their list of priorities, there’s an even greater reason: patient trust.
Plenty of organizations have been using Meta Pixels for years, but there’s been a sharp rise in consumer demand for privacy, prompting new laws and corporate responses like Facebook’s health data filtering system, which launched in July of 2020. A system that, as recently as February 2021, was reported to be operating with poor accuracy.
I should definitely remove them, right?
So you’ve decided to listen to legal and remove Meta Pixels from your site ASAP. But, let’s be honest, coding isn’t for everyone. You can identify pixels on your website with the Facebook Pixel Helper extension for Chrome, but you may want some additional assistance from a web development pro (we’ve got plenty of them here at DECODE) when it comes to actually removing them.
And guess what? Privacy prioritization doesn’t have to stop there.
- Ensure your vendors understand privacy regulations. When hiring an agency or vendor, make sure they have a BAA with your organization and understand the importance of patient privacy and HIPAA regulations. Ask questions about HIPAA policies and processes as well as the date of their last HIPAA training.
- Invest in tracking and implementation tools. Look for those that will block out PHI or have a PHI setting, such as Tealium.
- Learn how data is obtained. Ask vendors how they source and store data and if they are meeting HIPAA standards. We often recommend leveraging the California Privacy Rights Act as the baseline, as it is the most stringent privacy guideline in the U.S.
- Seek legal counsel. When in doubt, go talk to your legal team.
As we continue to see heightened concerns and new legislation around privacy in an ever-growing digital world, it’s important that healthcare organizations continue documenting all technology being used, the purpose for collecting it, and how it will be used. And remember: holding vendors and agencies to your organization’s privacy standards is just as important as your internal efforts.
Ready to learn how you can put patients and their privacy at the heart of your marketing efforts?