Thursday, July 5, 2007

Ambitious Aesthetician

So earlier in the week an ambitious aesthetician in one of our client’s offices decided to execute a small marketing campaign to help boost monthly numbers for the medical spa. And I’m sure it’s right about now that some of you are gasping in disbelief, others are cheering, and still others are wondering how to motivate your own staff to take such bold initiative. Hold on, the story goes downhill from here.

So said aesthetician decides to grab all of the email address in her Outlook and compose a special offer designed to encourage past patients to come in for a touch up treatment. She dumps every name in her contacts folder in to the “To…” line of a message, composes a very short offer that blends text and images in Outlook, and hits send.

Quick, before you read any more, write down at least three laws she just broke, three ways she could harm the practice, and three technical problems with this approach.

I had the benefit of seeing the message, so it was a bit easier for me, but here goes:

  1. By including names and email of patients in the “To…” line she revealed the identity of those patients to one another, violating HIPAA

  2. Sending unsolicited mail to individuals who had not asked to receive marketing communications violated the Federal Can-SPAM Act of 2003

  3. By extending a discount offer for medical services without disclosing all material facts related to the procedure pricing she violated the Medical board of California’s Business and professions code

How could this harm the practice?

  1. Clear privacy violations are a great way to hurt your reputation with patients

  2. The fines associated with HIPAA violations could run you up to $25,000 per year

  3. In the message, she failed to set any restrictions to the offer, so anyone who received the message could demand the offer as many times as they like and for as often as they want

And the technical stuff?

  1. Well, she failed to test the message in gMail and Hotmail, so the message actually looked poor and unprofessional in several different email readers

  2. Because the marketing communication was not sent in a subscription system, it failed to include the requisite unsubscribe instructions, which both creates a logistics problem and is another violation of the Federal Can-SPAM act

  3. By sending a mass, unsolicited marketing message out through the office Internet account, she is likely have the email access for the practice suspended

There are actually many more issues, but I think I’ve made my point. How did you do…were you able to anticipate some of the problems that can be caused by allowing your staff to develop and distribute their own email promotions?

Here are some quick suggestions for an email marketing policy in your practice:

  1. Create a written policy that prohibits staff from sending mass email

  2. Explain the basic principles of the Federal Can-SPAM act with those staff involved in marketing The message must be labeled as commercial

    1. You must include clear instructions on how to opt-out of future mailings

    2. You must include your physical address and phone number

    3. You may not use deceptive subject lines

  3. Review how HIPAA impacts your practice communications, and specifically email


    1. You must never reveal personally identifiable patient information (like names and email)

    2. You may only send unsolicited marketing messages to people who have expressly requested them

    3. You should include a link to your privacy policy in your messages

  4. Manage your subscription list carefully, making sure there is no chance you might re-add someone after they have indicated their desire to unsubscribe

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)