HIPAA Compliant Social Media Marketing For Dentists
                     HIPAA Compliant Social Media Marketing For Dentists
HIPAA compliance when marketing on social media is the responsibility of every health care provider, 
dentists included. Social media platforms like Instagram and Facebook have fast become lucrative 
marketplaces for dental professionals, and offer these companies offer important advertising tools to help 
drive business. 
How can your dental company remain compliant when responding to reviews, post comments, and 
advertising campaigns on these popular sites? As a leading provider of HIPAA-compliant marketing services 
for dental healthcare providers, Adit regularly helps industry professionals navigate this challenging 
landscape.
This brief guide provides essential tips and explanations to help your office and interactions with your 
patients observe these important laws while maximizing your advertising ROI. 
Common Social Media Marketing HIPAA Violations
When developing your social media advertising strategy for your dental office, it's crucial to consider how 
violating HIPAA regulations affect your business. Specifically, you and your staff need to be aware of how 
you could violate these requirements, whether intentionally or by accident. 
Below are the most frequently violated provisions of HIPAA guidelines that dental offices often struggle to 
avoid:
Sharing Protected Health Information (PHI) 
While it seems an easy mistake to avoid, disclosing a patient's PHI is one of the most serious HIPAA 
violations your staff could make when posting on social media. It doesn't matter if you're sharing this 
information through an account that is private or public. Sharing their name, where they live, or anything 
about their health is illegal. 
Of course, you and your team members can share procedures performed at your office and other work-
related details, but keep your patients' privacy in mind. 
Spreading Gossip 
As a dental professional, your office will see its fair share of unique cases that may be tempting to share on 
social media. Asking for opinions from other doctors on your social media page about a particular condition 
is one thing, but directly referring to a case you treated as a point of discussion isn't okay.
Violating HIPAA policy in this way can have serious consequences for your practice.
Posting Multimedia With Patient Photos Or PHI
Sharing photos of your staff, products, equipment, and happy patients are important as a dental company. 
You want to create a sense of trust and compassion your patients and prospects can connect with. But you 
can't compromise their privacy. Any photos and videos that include identifying information or images cannot 
be used. Of course, if you receive written authorization permitting you from a patient to use a photo with 
their face in it, you can share it. But this is only for pictures and videos of their image, not their medical 
history or treatment.
It's common to take photographs and virtual tours of dental offices nowadays, but ensure that any 
identifying files, documents, and other information aren't visible when creating this type of multimedia. So, 
practice those camera angles and be sure to use cropping and editing tools to mask out anything that might 
be revealed before sharing online. 
Sharing Patient PHI In A Private Group 
The rule of thumb is if you can't post it in a public forum on social media, it doesn't belong in a private 
venue online either. For example, dental professionals often network with one another about a variety of 
practice and patient-related matters. However, it's a violation of HIPAA policy to use social media to have 
these conversations because they are encrypted as securely as your practice management's messaging 
system.
Best Practices to Avoid HIPAA Violations on Social Media
HIPAA compliance on social media is best accomplished by following some general best practices to protect 
your employees and organization from making costly mistakes. In addition, the following recommendations 
will ensure that your dental office always prioritizes the privacy of your patients and their health records 
when using social media:
Implement A Carefully Crafted Social Media Policy
When marketing on social media, having a policy to ensure advertisements are compliant is a must. HIPPA 
compliant marketing for dentists is much like the rules you would put in place for individual employees. The 
difference is it should also include instruction on the type of content your team can use when marketing 
your brand.
This is especially important if you decide to hire a social media advertising agency, though firms like Adit 
can help you create this policy and implement it. 
Create A Company-Wide Social Media Policy
Implement a set of guidelines outlining how your team members can use social media and what content 
they are permitted to post. It should cover both work hours and those after so that you can be sure no one 
accidentally shares PIH. 
When creating your policies, be as straightforward as possible, including any disciplinary action should a 
HIPAA violation occur. This will ensure that reoccurrences don't happen.
Provide Examples Of HIPAA Non-Compliance On Social Media
Simply stating what is or isn't okay for staff members to post on social media isn't enough. You need to 
include clear examples of what constitutes a HIPAA violation, so everyone understands what is off-limits. 
Take example pictures of what PHI in a photograph looks like versus not, and provide a video example if 
possible, too. Make sure to include a point of contact if they have questions about your policy and consider 
having them undergo a training course that further explains what HIPAA protects.
Conduct Regular Audits And Reporting
For practices with multiple branches or a large staff team, monitoring personal accounts can be a challenge. 
Instead, it would be best if you considered working with a dental marketing firm like Adit that can provide 
regular audits and reporting for instances of violations. 
You can also implement an anonymous reporting form so employees can make you aware of troublesome 
social media posts and/or conversations.
Keep Work Life And Personal Life Separate
As a dental professional, it's probably tempting to share some of your work experiences on your social 
media pages and vice versa. The reality is it's better to keep these profiles separate and not let them 
overlap. This ensures you or your staff members don't accidentally make a patient's private health 
information public.
Actively Monitor Your Social Media Accounts
Ideally, any marketing material you post will first get reviewed by yourself or those you authorize to handle 
this important step. Still, monitoring your social media accounts should be a priority. If something 
questionable should get shared or wasn't reviewed first, you can quickly have it removed for further 
assessment. 
Another significant benefit of keeping an eye on your ads and shared posts is controlling what your followers 
and other users might post. Should they share their PHI or violate HIPAA regulations, you can quickly take 
these posts down as well. 
Avoid Social Media For Communicating About Treatment Issues
Social media platforms have made it increasingly easy to find the personal pages of dental providers. When 
patients discover your private profile.
they may try to contact you regarding a health issue instead of through your dental business. When this 
happens, it's important to redirect them to your patient portal on your website or to set up an appointment 
through your mobile app. It's your responsibility to ensure their PHI data is safe and that you comply with 
HIPAA.
Avoid Giving Personal Health Advice
Engaging social media content is important to any successful marketing strategy. Still, you should avoid 
sharing your favorite health advice, whether you are marketing a new product, service or sharing your latest 
successful treatment programs. The reason is it can lead to patients wanting more information that could 
reveal their PHI. 
For instance, providing general advice to everyone about flossing is one thing, but giving individualized 
recommendations is not recommended. What if someone who isn't your dental patient finds your page and 
uses your suggestion that was only intended for that one particular person?
Assess Your Social Media Marketing Policies Regularly
HIPAA law frequently experiences adjustments, so you mustn't treat your policies as one-and-done events. 
Instead, review your policies every year to ensure that you are compliant. 
Make Your Growing Dental Practice HIPAA Compliant Today
At Adit, we understand that the safety and comfort of your patients come first in everything you do at your 
dental practice. Our digital marketing agency can help your office achieve the same level of care and 
responsibility regarding PIH and social media advertising. From creating a brand new HIPAA compliance 
policy for your employees to assisting you in providing your team with the necessary training to be 
compliant, our years of experience will prove invaluable to your entire marketing strategy.
Reach out to one of our helpful representatives today to learn more about how we can help you find success 
on major platforms like Facebook, Instagram, Twitter, and more!