Trusted By
Don’t let HIPAA compliance leave your healthcare marketing in the dark.
Stricter Regulation.
Recent HHS guidance makes it clear – digital tracking technologies from major platforms like Google and Meta collect PHI by default and likely violate HIPAA.
Tighter Compliance.
Within days of the HHS guidance came notices of violation and announcements of class action lawsuites against HIPAA Covered Entities. Understandably, many compliance teams reacted by removing most or even all third-party tracking from their websites.
A Solution Needed.
Healthcare marketers need a solution that allows them to collect the data they need AND to control what data is shared with marketing partners – and they have to do it all in a HIPAA-compliant way that doesn’t break the bank.
Take control and maintain critical visibility with our platform-agnostic, HIPAA-compliant Data Solution
Google Analytics, Google Ads, Programmatic Display Advertising, even Meta – all can be made HIPAA compliant and likely without major disruption to your existing MarTech platforms. Our HIPAA-compliant Data Solution applies a framework that enables you to control data collection, data cleansing and data sharing at a granular level, preserving your ability to collect the data you need while applying fine-tuned governance to data sharing with any third-party not under BAA.
“Wheelhouse DMG deeply understands healthcare analytics and MarTech. What they accomplished is amazing.”
—Laura Chase, Former Executive Director Web Analytics & Insights at Providence
Solution Benefits
Data collection
We keep you in control:
Data collection governance is defined and directly managed by our healthcare clients.
Fully Configurable:
Data collection rules can easily be updated in response to changing policies.
Data governance
Simplifies Data Compliance:
Consolidates data collection into a single, unified method, dramatically simplifying compliance and protecting against accidental PHI data collection.
Enables Compliant Digital Advertising:
Continue to use the platforms and marketing partners that are valuable and important to you, but do so with confidence that your data collection methods are HIPAA-compliant.
Tailored to you
Platform Agnostic:
Integrated with the ad platforms, analytics, CDP's, and marketing platforms you need and with the freedom to add or change systems as you require.
Covered by BAA:
Our HIPAA-compliant Data Solution is delivered under BAA in compliance with HHS guidelines.
In Healthcare, Experience matters.
Our HIPAA-compliant Data Solution has been in use by enterprise healthcare systems for more than two years. Hear what healthcare leaders have to say about it.
Our road to HIPAA-compliant Data Solution:
It was in the midst of working through implementation of their second analytics platform in as many years that one of the largest health systems in the U.S. asked Wheelhouse DMG to develop a platform-agnostic, HIPAA-compliant Data Solution.
The goal was to replace all data collection pixels, scripts and IDs — whether analytics, marketing or advertising partners — with a single, unified data collection method and associated data governance that the provider’s compliance team could control. The challenge was to ensure compliance with privacy regulations while continuing to enable the health system to maintain its digital marketing efforts.
The Client
One of the five largest not for profit healthcare organizations in the U.S. The organization supports more than 28 million patient visits annually through their network of almost 1000 clinics and over 50 hospitals.
The Solution
Transition to server-side analytics, ending reliance on client-side cookies.
Private client ID to replace all other tracking scripts and pixels, becoming the sole means by which user data can be collected on the Client's website.
Custom data collection libraries to govern the data collected via the private client ID. Data collection rules dictated by these libraries are fully within control of the Client and can be updated in response to the regulatory environment or internal compliance changes.
Integration with HIPAA-compliant data hub to develop and leverage custom connections for each downstream platform and marketing partner.
Data obfuscation systems to monitor all URL data collected. If any URL data contains information deemed “sensitive”, our solution removes and replaces that information with an anonymized URL that can be used for conversion tracking but ensures no PHI is passed.
Injection blocking to scan for and prevent widgets and embedded content from “injecting” their own tracking elements, ensuring unwanted trackers cannot collect PHI.
The Results
Our HIPAA-compliant Data Solution has been in place since early 2022 and the benefits are clear:
Ensures HIPAA-compliant web data collection while maintaining system integration and visibility essential for continued digital marketing.
Puts data collection governance fully in the hands of the Client.
Protects against data aggregation by third parties based on “what they already know or learn” about a user.
Simplifies compliance needs by consolidating data collection into unified methodology.
Easily scales to support new advertising channels and platform partners.
Is platform agnostic.
Protects against accidental PII data collection.
Enables data collection rules to easily be updated by the Client in response to changing policies.
Is delivered and supported under BAA in compliance with HHS guidance.
Why Wheelhouse?
Wheelhouse DMG has worked closely with some of the largest and most innovative healthcare and medical device clients in the U.S. for more than a decade.
Our work has included enterprise analytics strategy for a 250-site healthcare system, development of new online appointment booking experiences, data science, CDP and BI support. Our HIPAA-compliant Data Solution has been in production for nearly two years and is informed by deep knowledge of the realities of digital marketing for healthcare.
Healthcare is in our wheelhouse.
The largest, most innovative healthcare organizations in the U.S. trust Wheelhouse DMG.
