Top HIPAA Compliant Dental Marketing Tips For 2022
                     Top HIPAA Compliant Dental Marketing Tips For 
2022
Since its passage in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has ensured 
health care providers avoid sharing the protected health information (PHI) of their patients with 
unauthorized parties. This law is as complicated as ever, especially with the advent of online marketing and 
revenue streams.
As a dental healthcare provider, compliance with HIPAA rules and regulations requires practices to 
implement carefully thought out policies and enforcement strategies to avoid the heavy consequences of a 
violation. To ensure your team and business partners don't expose your office to a non-compliance risk, we 
will share some common best practices you can implement today to protect your patients' PHI. 
The Impact of HIPAA Laws on Your Dental Practice
One of the biggest frustrations of HIPAA guidelines is that this legislation came into being nearly two 
decades before social media ad campaigns existed. To be successful at dental marketing, one has to 
understand what information the Act protects to avoid violating HIPAA policy.
Below are just a few of many forms of patient information protected by this important law:
● Names
● Addresses
● Biometric data
● Dates related to patient care, birthdays, admission/discharge dates, and ages of those over 89 years 
old
● Contact information (phone numbers, emails, faxes, etc.)
● Social security numbers
● Medical record numbers
● Vehicle information
● Healthcare plan identifiers
● Financial information
● Medical device details
● Webpage and IP addresses
● Professional licensing and/or certification numbers
● Any other uniquely identifying characteristics or information
As you can see from this list, PHI is comprised of two primary pieces of information:
● Health-related details related to any medical care they have received and payments made
● Data generated must refer to a specific date associated with their care or other identifying information
For example, sharing a photo on social media or sharing this information in a private conversation on a 
social media messenger program like WhatsApp violates HIPPA law. While this may seem harmless if shared 
with someone you trust, the reality is it isn't adequately protected in these online spaces, and you don't 
have patient permission.
Fortunately, avoiding violations is much simpler than it may sound if you have the proper guidance when 
creating your new policies for HIPAA-compliant marketing.
The following are best practices for different forms of dental marketing online:
Pay-Per-Click (PPC) HIPAA Compliance
PPC advertising has skyrocketed in popularity on social media sites like Facebook and through ad campaigns 
provided by Google. This form of digital marketing is ideal because it ensures your dental office gets in front of new 
patients currently searching for your services. However, while this form of marketing is relatively straightforward, 
the graphics and content you use in PPC ads could put your brand at odds with HIPAA.
Generally, Google Ads uses an automated review system that approves submitted advertising campaigns. Any of the 
following is considered a violation of this platform's terms of service, even if technically not a HIPPA violation:
●Physical or mental health conditions
●Content about sexual health, diseases, and chronic conditions
●Services and procedures for health-related conditions
●Products designed to treat or manage health issues (prescribed or not)
●Conditions that affect reproductive areas and other intimate zones of the body
●Cosmetic surgery and other invasive medical treatment options
●Content that focuses on disabilities but is geared toward caretakers of those affected
Review Marketing and HIPAA Compliance 
Reviews are one of the single most powerful forms of marketing for your dental business. Some might even say that 
such feedback is the bread and butter of any successful company. But, when it comes to responding to patient 
testimonials on social media platforms like Google and Facebook, you must be HIPAA compliant. 
Any response you make to a review should not reveal any protected health information. Instead, use terms of 
general appreciation and resist the urge to share any specific details about their condition, appointment, family, or 
other identifiable details. 
You should also avoid sharing the review received on any other platforms. Why? If you do violate PHI privacy 
guidelines, you then have multiple instances you can be penalized for, which gets costly.
HIPAA Compliance and Social Media Marketing
Social media marketing has quickly become a critical piece to any successful dental marketing strategy. 
Unfortunately, however, it's also shown to be increasingly easier to accidentally or intentionally commit HIPAA 
violations by oversharing personal health information about your dental practice, its patients, and more. 
One of the primary ways to ensure you do HIPAA-compliant marketing the right way on sites like Instagram and 
Facebook is to create a practice-wide policy with designated roles. You'll find it's easier to manage the type of 
content getting posted to your online communities if you only allow certain members of your team to use these 
accounts. Having guidelines in place will also ensure that your employees are fully aware of what can and 
cannot be shared in these very public forums.
PIH on social media is a huge no-no, and the following are examples of identifiers your dental office shouldn't 
allow to pop up on your company feeds:
●Patient names
●Location information of patients
●Appointment dates
●Any contact information of your patients
●Medical record information
●Account numbers
●Social security numbers
●Biometric patient data
●Any identifying codes, numbers, or patient characteristics
At Adit, we recommend that you prioritize managing your social media accounts and not overlap your 
personal and professional profiles. Also, keep in mind that new patients sometimes overshare in their 
comments, so it's crucial you monitor their posts on your page, as well. 
Find Out More About ADIT HIPAA Compliance Services
HIPPA compliant marketing is an essential piece of a comprehensive digital advertising strategy for any 
practice, but it takes planning and commitment. At Adit, we can help you and your team learn and 
implement a sound compliance policy to avoid slip-ups that can lead to costly HIPAA violations. 
From emails to PPC ads and posting to your community of followers on social media, knowing what can and 
cannot be shared is crucial. Our HIPAA consent tool makes asking for consent a breeze. This can prove 
extremely useful when marketing, and you need before and after patient photos. 
Adit is here to help you do what you do best while we handle all the details. Contact us today to learn more 
about the many HIPAA compliant marketing tools we have available.