Is Clickfunnels Suitable for HIPAA Compliant Marketing
As a healthcare provider, it’s your job to market your practice responsibly. That means adhering to all HIPAA rules and regulations regarding the privacy rights of your patients.
That said, finding HIPAA compliant marketing solutions isn’t easy. It’s a mistake to use any marketing tool or solution that hasn’t taken HIPAA compliance into consideration. We know because we have medical practices of our own.
At HENO, we often have potential clients ask us about the suitability of marketing tools for healthcare providers. One of the names that comes up a lot is Clickfunnels™.
So, is Clickfunnels™ suitable for HIPAA compliant marketing? Here’s what you need to know.
What is Clickfunnels™?
Let’s start with a quick overview of Clickfunnels™. The website describes Clickfunnels™ as a “website and sales funnel builder for entrepreneurs.”
Sales funnels are designed to walk potential customers through a sales process step by step. They often include ads, landing pages, lead magnets, and shopping carts. They’re designed to be a “soup-to-nuts” solution for marketers.
Clickfunnels™ has some useful features that make it appealing. They include:
- Drag and drop website editing
- Smart shopping carts
- Email marketing automation
- Facebook marketing automation
- An all-in-one dashboard
Those features sound good – and the software does include a lot of the components that medical practitioners look for in a marketing solution.
What Are the Requirements of HIPAA Compliant Marketing?
Marketing and HIPAA compliant marketing have a lot in common. That said, there are special requirements that all healthcare providers and the vendors they work with must adhere to if they want to stay in compliance with HIPAA rules and regulations.
The primary rules that relate to HIPAA compliant marketing – which come from HIPAA’s final rule – are:
- There are limitations on how protected health information (PHI, the term for healthcare information that’s protected by HIPAA) may be used for marketing purposes. Likewise, there are limitations on the disclosure of PHI for either marketing or fundraising.
- The sale of any individual’s health information is prohibited without their written permission.
- Any covered entity must have updated their written policies to reflect the updated HIPAA rules related to the use and disclosure of PHI in marketing.
- Covered entities must adhere to strict rules related to the disclosure of PHI to third parties, including software vendors and marketing partners. Limitations on the use and disclosure of PHI must be spelled out in all third-party agreements.
For the purposes of HIPAA compliance, protected health information includes all information that’s personal to a patient, including:
- Patient names
- Patient addresses
- Patient email addresses
- Patient ID numbers
- Diagnostics
- Treatment information and results
- Medications
Disclosing any PHI to an unauthorized party is considered a breach and may, depending upon the severity of the impact on patients, result in a fine up to a maximum of $1.5 million.
Is Clickfunnels™ HIPAA Compliant?
The big question for any healthcare provider or other company required to adhere to HIPAA guidelines is whether their marketing solution is HIPAA compliant.
So, let’s talk about Clickfunnels™ and whether it’s a suitable tool for HIPAA compliant marketing.
The short answer is that Clickfunnels™ is not designed for HIPAA compliance. A review of their website reveals no information related to HIPAA compliance, although there is some information about GDPR. (GDPR is the General Data Protection Regulation and applies to companies located in and doing business in the EU.)
Clickfunnels™ does provide certain tools that are designed to help companies comply with GDPR regulations. For example, you can use Clickfunnels™ to delete contacts in accordance with GDPR regulations.
The company makes a point of saying this about its data privacy tools:
“While these tools are useful, they are by no means professional legal advice on how to become compliant with the GDPR, nor will the addition of these features make a business compliant with the GDPR. They are simply tools at your disposal when building a Funnel.”
What does this statement mean about HIPAA compliance? Simply stated, it means that Clickfunnels™ is not suitable for HIPAA compliant marketing. While there are some tools that could help you comply with certain aspects of HIPAA compliant marketing, even using them perfectly is not enough to ensure that your website would comply with HIPAA regulations.
We certainly understand the desire to use the best marketing tools available. Clickfunnels™ is appealing because it allows business owners to design sophisticated sales funnels quickly and easily.
That said, the ease of use is not a substitution for true HIPAA compliance. To understand why, simply remember that there are penalties and fines for non-compliance. If you upload a patient list to Clickfunnels you would not be in compliance with HIPAA. And even if you used their data privacy tools to delete names from your list, missing even one person could result in a fine.
The bottom line is that while Clickfunnels™ is a popular and useful tool for building sales funnels, it is not – at least at the time of this writing – HIPAA compliant. That means you would be putting your patients’ privacy at risk by using it at the same time you’d be risking the financial health and reputation of your practice. Your best bet is to seek out site-building tools that are HIPAA compliant.
HENO is designed for medical practices and fully suitable for HIPAA compliant marketing. Click here to schedule a free demo today!